One year on from the passing of Australia’s encryption legislation, the tech community says workers face constant anxiety about their responsibilities and global career prospects under the laws.
“It’s quite confronting to have the sense that you might be plucked out of your job and asked to do something, to act,” StartupAus chief operating officer Alex Gruszka said.
The Telecommunications and Other Legislation (Assistance and Access) Act passed in the first week of December 2018, placing obligations on technology companies to help law enforcement decrypt messaging in order to help fight serious criminal activity.
At the time, Australian software developers warned that beyond creating potential security concerns across the local tech sector, the laws would also have a direct impact on how attractive Australians were as employees when applying for global developer jobs.
Mr Gruszka said those anxieties were still present one year on, though it is very difficult to track the exact impacts of the laws because there are no large data sets available on employment of developers since the laws came into effect.
“However, it’s had a strong impact on their [startups’] ability to sell internationally.”
Over the past two months tech players from across the globe have warned two separate inquiries into the laws that they could affect employees adversely at an individual level.
There has been a loss of trust in the sector.Alex Gruszka
Last week Labor attempted to introduce amendments to the laws to increase judicial oversight of the laws, though the government has said it will hold off on considerations until after two reviews of the laws are completed — one by a joint parliamentary committee and the other by the Independent National Security Legislation Monitor.
In October, global software lobby group the Business Software Alliance, whose members include Microsoft and Intel, told the Independent National Security Legislation Monitor’s inquiry into the laws that they should be amended to protect employees against inadvertently engaging in criminal activity under the rules.
As it stands, a developer employee who is ordered under the act to help law enforcement cannot tell anyone else about this, including advising their bosses or management that a change to a system is about to take place.
Developers outside of the startup community have also raised concerns. In a submission to the security monitor’s review in October, Telstra said the secrecy provisions could lead to serious product or network issues because employees can be directed to work on a system without the ability to warn other engineers connected to their supply chains.
“Such adverse effects could include service degradation, network faults, or other impacts on business, or on non-target customers,” the telco warned.
The sector will not be able to read the final reviews into the laws until they are completed in the first half of 2020 and this does not guarantee any changes will be made.
The Department of Home Affairs has previously said it was maintaining conversations with the startup community though the policy was critical for fighting serious criminal activity.
Mr Gruszka said the delays to review the rules was disappointing given the speed with which they were passed.
“We can’t afford to have this absorbed as the new reality. There has been a loss of trust in the sector.”
Home Affairs minister Peter Dutton has been contacted for comment.
Source: Thanks smh.com