There are three main regulations which have been in the center of disputes in recent years.
As we wrote in the article what is metadata, under the Australian Data Retention Law, which took effect in 2017, the metadata of Australians’ mobile and online communications is collected and stored for at least two years. National agencies, such as the Australian Security Intelligence Organisation (ASIO) and the Australian Federal Police (AFP), can gain self-authorized access to the data.
This law is called one of the most intrusive collection schemes in the Western world. It violates Australians’ rights to privacy, as well as is most likely to contribute to increasing the budgetary debt by approximately A$740 million in the next ten years.
Requiring Companies to Add Backdoors to Encrypted Technologies
Earlier this month, in their report the democracy watchdog Freedom House addressed the statement released by the so-called Five Eyes (Australia, Canada, New Zealand, the United Kingdom, and the United States) countries, calling companies to “voluntarily establish lawful access solutions” for encrypted content. In other words, to leave backdoors when/if government officials decide to access the content which is supposed to be soundly encrypted.
Although usually, the main plea of demanding to add backdoors to security technologies is “we do this to protect you”, this is extremely dangerous. Even if you’re OK with your government spying on your online activities.
Freedom House criticized this requirement for its vague language and concluded adding backdoors “would effectively create security vulnerabilities in the companies’ services.”
Bruce Schneier, an American cryptographer, computer security professional, and privacy specialist, calls it “reckless and shortsighted.” He argues that this puts us all at risk because it’s technically impossible to make technologies secure while adding backdoors. Read more about in his essay here, or in his new book “Click Here to Kill Everybody”.
The Piracy Bill
Currently, under the infamous Australian censorship system, Australian ISPs can be ordered to block sites whose “primary purpose” is to “infringe, or to facilitate the infringement of, copyright (whether or not in Australia).”
Under the new proposal “primary purpose” can be changed to “primary effect”. This basically means that if websites want to avoid being blocked in Australia, they will have to control how users behave on their platforms. On top of that, this also enables rightsholders to manipulate search engine results.
The Electronic Frontier Foundation (EFF) criticized what they call “unchecked censorship that’s also invisible” and explained in details why. For example, because search results are censored, average users won’t know what’s being blocked, and, according to the EFF, won’t be able to push back against “sloppy overclocking.” Moreover, the owners of the site that are facing a block won’t be notified.
And when it seems it can’t get worse, it, unfortunately, does. “The 2015 and 2018 censorship systems don’t limit themselves to censoring sites that infringe Australian copyright: they also ban sites that violate any copyright in the world”, the EFF writes.
Although when the law was introduced in 2015, the copyright industry supported blocks, in 2018 its community admitted they don’t work.
This week, representatives from Facebook, Youtube, Instagram, Twitter, and others jointly criticized the Australian Senate saying that the proposed amendments “expand the scheme far beyond what is reasonable.”
Unfortunately, despite criticisms, the Australian Parliament approved the amendments to copyright law. Mitch Fifield, minister for communications and the arts, believes it’s “a strong message to online pirates.” The government will review the effectiveness of the changes in two years.
Is There Anything You Can Do?
It’s a yes and no answer. Sadly, getting around metadata collection is really difficult, if not impossible.
It’s known that people use VPNs to unblock limited content. For example, Netflix limits their library to the Australian audience, but connecting to American VPN servers can help you stream American Netflix library.
Also, trusted VPN providers don’t add backdoors to their encryption. Which makes them secure from whatever snoopers there are – hackers or governments. To prove VPNs deliver what they preach, independent audits are performed. Surfhshark is one of the 3 VPN providers in the world which had their services independently audited. Our browser extensions were recently praised as being extremely secure by one of the industry-leading security testing service Cure53.
Security experts support attempts to help people stay secure and private online. But only if they are adequately implemented and honest. Recent events in Australia demonstrate that the Australian government is also taking lessons from the non-democratic countries and expanding censorship and surveillance machines.