Sweeping Australian Law Raises Questions About Data Privacy


The Australian government has signed a bill of law giving enforcement agencies the power to require tech companies to reveal users’ encrypted messages. This affects all companies, individuals, websites and networks that transmit data to users in Australia.

The government stated this law is necessary in order to target and catch terrorists. However, it allows for the investigation of any crime with a max prison sentence of three years upwards. This could be interpreted as covering non-violent crimes. Furthermore, the person doesn’t even have to be a suspect; they can merely be ‘involved in inquiries pertaining’ to the crime

The law enables covert investigations in this context and imposes penalties against those who do not comply. Companies and those who work for them may be required to secretly allow the government to conduct surveillance, hack, change or disable company software. Employees can be forced to keep these activities hidden from their employer. Companies are not only compelled to hand over data that they have access to but can be required to intercept certain data that they don’t.

The new law has received criticism from the likes of Digi, the Reform Government Surveillance Association as well as WhatsApp, the messaging company that prides itself on end-to-end encryption for its users. The law has been labelled as ‘deeply concerning’ and ‘endangering the security of online services’. Amendments to the Bill will be debated next year.

This blog is for informational purposes only and should not be considered legal advice.