• Catch issues early, fix them fast – Free trial


    [ad] With GFI Cloud you can easily manage and secure your remote workforce – wherever they are, from wherever you are! The simple IT management platform includes patch management, antivirus, web protection, monitoring and remote control. Get the benefit of endpoint protection with the ease of central management. Start a free trial now.


  • Great articles on other sites
  • RSS Great articles on other sites


  • News, Security - Written by on Thursday, August 23, 2012 12:34 - 22 Comments

    Cybercrime bill passes despite Greens protest

    news A controversial piece of legislation aiming to bolster the powers of law enforcement agencies has passed the Federal Senate, despite vehement protests from the Greens, who argued strongly that the bill was “yet another” unnecessary expansion of the Government’s surveillance powers in Australia.

    Entitled the Cybercrime Legislation Amendment Bill 2011, the legislation, amongst other things, introduces a requirements for ISPs to retain data on subscribers’ Internet activities in the context of a warrant being sought. It also broadly brings Australia into line with the Council of Europe Convention on Cybercrime.

    “Cyber crime is a growing threat that touches all aspects of modern life. It poses complex policy and law enforcement challenges, partly due to the transnational nature of the internet,” Attorney-General Nicola Roxon said in a statement upon the legislation passing the Senate.

    “This is good news for fighting crime and will help make it easier for police to track down cyber criminals around the world. In particular, this will help combat criminal offences relating to forgery, fraud, child pornography, and infringement of copyright and intellectual property. The Convention promotes a coordinated approach to cybercrime by requiring countries to criminalise these computer related offences. The Convention also establishes procedures to make investigations more efficient to improve international cooperation.”

    However, the convention has not been accepted internationally without controversy over the years. For example, when the US Senate ratified it in mid-2006, the Electronic Frontier Foundation said the treaty required the US Government help enforce other countries’ cybercrime laws, “even if the act being prosecuted is not illegal in the United States”.

    “That means that countries that have laws limiting free speech on the Net could oblige the FBI to uncover the identities of anonymous U.S. critics, or monitor their communications on behalf of foreign governments. American ISPs would be obliged to obey other jurisdiction’s requests to log their users’ behaviour without due process, or compensation,” wrote the EFF at the time.

    “Ratifying the Cybercrime treaty would introduce not just one bad Internet law into America’s lawbooks, but invite the enforcement of all the world’s worst Internet laws. Call your senators now, and tell them to hold this invasive treaty at bay,” the EFF advocated.

    Yesterday, the Greens noted that the Government and the Coalition had combined to vote down Greens amendments to the legislation which would have established a criminal threshold for data collection, safeguards against facilitating the death penalty, and improving the oversight role of the Commonwealth Ombudsman. Describing the bill as “yet another expansion of surveillance powers”, Greens Communications Spokesperson, Senator Scott Ludlam said the Cybercrime bill made it easier for police agencies to trap and share Australians’ private data with police forces around the world.

    “With an inquiry into Government surveillance only just getting under way, this move is provocative, pre-emptive and typifies everything that is wrong with the way the balance is tilting against the rights of the individual,” Ludlam said in a statement. “The focus moves to the national security inquiry, which has before it a set of proposals vastly more invasive than those passed today.”

    opinion/analysis
    While I don’t disagree that some of the provisions in this new legislation could be useful to law enforcement groups, I’d like to see more consultation around this kind of legislation in general, and I’d also like to see the Opposition debate it more and the Government take some of the Greens’ concerns more seriously. It seems like this sort of legislation is often rammed through Australia’s Parliament in a bid to stay current with international trends — but without enough local examination.

    submit to reddit

    22 Comments

    You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

    1. tobin
      Posted 23/08/2012 at 12:38 pm | Permalink |

      I don’t quite know how to read some of these articles.

      Is it logging people who are suspected of being criminals with the aim of getting a warrant, logging people who have a warrant out for the act, or logging everyone in the hopes that you could then get a warrant on people?

      IE if a movie studio wanted to find people pirating a movie would they a) ask an ISP to monitor an IP accused of pirating it, in the hopes of getting a warrant for further information, b) require a warrant to ask the ISP to do the logging, or c) ask for all the information on anyone pirating said movie?

      I know it’s used for many crimes, but I’m just wondering the implications of how these things are investigated under the new laws.

      • Ferretzor
        Posted 23/08/2012 at 1:26 pm | Permalink |

        Its logging on behalf of a foreign entity regardless of whether they have a warrant or are pursuing one.

        • PeterA
          Posted 23/08/2012 at 2:02 pm | Permalink |

          Not quite.

          It is logging people before you have a warrant, but only gaining access after the warrant is granted.

          I just hope there are rules as to when. IMO the only reasonable situation for this; is: simultaneous with application for a warrant, request data to be logged.
          Just to ensure that the data exists, but only from when you had enough information to request a warrant.

          There is no reasonable situation in which data logging should be allowed before you have actually built enough of a case to obtain a warrant to obtain said information. I hope this law addresses that point.

          • Ferretzor
            Posted 23/08/2012 at 2:21 pm | Permalink |

            Hmm the disclosure provisions don’t mention a warrant being required, but I am quite likely wrong. The only bits I see are that the disclosure has to be reasonably required to enforce the relevant law.

    2. Posted 23/08/2012 at 1:07 pm | Permalink |

      Renai could you please find out more about this
      “In particular, this will help combat criminal offences relating to forgery, fraud, child pornography, and infringement of copyright and intellectual property.”
      and this
      “The Convention promotes a coordinated approach to cybercrime by requiring countries to criminalise these computer related offences. The Convention also establishes procedures to make investigations more efficient to improve international cooperation.”?

      It sounds like Australia has just made copyright infringement a Criminal offence. I think we need some clarification.

      • Ferretzor
        Posted 23/08/2012 at 1:25 pm | Permalink |

        From the wikipedia:

        “The Convention includes a list of crimes that each signatory state must transpose into their own law. It requires the criminalization of such activities as hacking (including the production, sale, or distribution of hacking tools) and offenses relating to child pornography, and expands criminal liability for intellectual property violations.”

        I was listening to part of the debate on this, and think there was actually no “minimum” level of offence prescribed in the legislation. Ludlum was pushing for only offences that would lead to 7 or 3 year prison sentences (not clear whether here or there – this was just a brief grab on the car radio) but that amendment got voted down.

      • Pragmatist
        Posted 23/08/2012 at 1:34 pm | Permalink |

        Copyright infringement, in certain circumstances has always been a criminal offence. See recent conviction of audio capper for IMAGiNE and look back to the guy from drink or die who was extradited to US for copyright offences.

        The act applies when an overseas law enforcement body requests the retention of information with a valid warrant, not when a movie studio is on a fishing trip.

        • Posted 23/08/2012 at 1:39 pm | Permalink |

          The only time copyright infringement is a criminal offence in Australia is for commercial scale infringement.

          • Posted 23/08/2012 at 1:41 pm | Permalink |

            And to back up my statement, please refer to http://www.geordieguy.com/illegal-movies-and-music-fact-sheet/ which links to the relevant legislation.

          • NBNAccuracy
            Posted 23/08/2012 at 2:04 pm | Permalink |

            Last I looked it wasn’t a criminal offence to download a copyrighted material but it was to provide it to other people. If you are using P2P and people download a movie or music from you I believe it’s a criminal offence.

            • GongGav
              Posted 23/08/2012 at 2:27 pm | Permalink |

              Ignoring that copyright breaches arent criminal acts subject to criminal law (only civil law), something I’ve never seen tested – at what point does it become a ‘crime’? Sharing 0.000001%? 1%? 10%? 50%? 100%? 101%? If I download the latest Simpsons episode and it takes 3 minutes, it might be that nobody links to my leech and I share 0.00% – where is the criminal act?

              With torrents you never get a complete copy from a single source (unless there is just 1 seed), so you arent giving someone a complete usable copy. Added to that, if someone downloads, and shares 99% of a file, that file isnt usable because of that missing segment.

              Even if you share 100%, thats by volume and not necessarily a full copy. In fact, the chances of sharing EVERY segment of a torrent is incredibly small. You’re more likely to share just half the segments twice.

              Just intellectual curiosity over something that I’ve never seen used as a defence.

        • Ferretzor
          Posted 23/08/2012 at 1:48 pm | Permalink |

          I don’t believe a warrant is required, though I may have misunderstood some of the debate as I only caught it part way in. It sounded to me like any request from a law enforcement agency would be honoured, as long as it was related to some sort of ongoing investigation. This is embodied in sec 107P (see below).

          IANAL, have no idea what other laws may have an impact.. so this is just my basic reading.

          107P Condition for giving a foreign preservation notice

          (1) If, under paragraph 15B(d) of the Mutual Assistance in Criminal Matters Act 1987, a foreign country intends to request the Attorney‑General to arrange for access to stored communications that:

          (a) relate to a specified person or specified telecommunications service; and

          (b) are held by a carrier; and

          (c) are relevant to an investigation, or investigative proceeding, relating to a criminal matter involving a serious foreign contravention;

          then the foreign country may request the Australian Federal Police to arrange for the preservation of those stored communications.

          (2) The request to the Australian Federal Police must:

          (a) be in writing; and

          (b) specify the name of the authority concerned with the criminal matter; and

          (c) specify the serious foreign contravention that is the subject of the investigation or investigative proceeding; and

          (d) specify information identifying the stored communications to be preserved and the relationship between those communications and the serious foreign contravention; and

          (e) specify any information the foreign country has that identifies the carrier that holds the stored communications; and

          (f) if the stored communications relate to a specified person—specify any information the foreign country has that identifies the telecommunications service to which the stored communications relate; and

          (g) specify the reasons why the stored communications need to be preserved; and

          (h) specify that the foreign country intends to make a request under paragraph 15B(d) of the Mutual Assistance in Criminal Matters Act 1987 to access the stored communications.

          • Ferretzor
            Posted 23/08/2012 at 1:52 pm | Permalink |

            Also.. there is a base level of contravention so I was quite wrong in initial statement.

            5EA Serious foreign contraventions

            For the purposes of this Act, a serious foreign contravention is a contravention of a law of a foreign country that is punishable by a maximum penalty of:

            (a) imprisonment for 3 years or more, imprisonment for life or the death penalty; or

            (b) a fine of an amount that is at least equivalent to 900 penalty units.

            • Posted 23/08/2012 at 2:11 pm | Permalink |

              If that’s the case then it does seem to only be relating to commercial scale infringement.

              My concern was that maybe there was an ammendment that made personal infringement a criminal offence in Australia.

              Maybe the statment by Roxon was more of a nod to the likes of AFACT so they might back off a bit.

              • Posted 24/08/2012 at 2:24 pm | Permalink |

                It’s AFACT and their masters which will be amongst the first to make use of this legislation.

    3. Ferretzor
      Posted 23/08/2012 at 1:16 pm | Permalink |

      This legislation will be 100% effective because no serious internet crime uses VPNs, tor and botted computers. On the other hand, human rights activists and the like may now find themselves arrested on arrival (or perhaps extradited?) based on activity that is perfectly legal in Australia.

      Well played govt, you have trolled us all.

    4. Duke
      Posted 23/08/2012 at 2:09 pm | Permalink |

      “forgery, fraud, child pornography, and infringement of copyright and intellectual property”

      Yeah right Rocksoff, and we all know you can scratch the first three because your bosses in California woulldn’t want to distract you from the REAL criminals downloading Game of Thrones and The Avengers…

    5. Posted 23/08/2012 at 2:51 pm | Permalink |

      Universal Declaration of Human Rights. Australia has failed.

      Article 12.

      No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.

      http://www.un.org/en/documents/udhr/index.shtml

      • Harry
        Posted 23/08/2012 at 7:32 pm | Permalink |

        At the risk of being a bit cheeky, I think you might have mistaken the word ‘arbitrary’ for ‘any’.

    6. Muso1
      Posted 23/08/2012 at 5:13 pm | Permalink |

      I highly doubt this is about copyright infringement.
      This is about Anonymous, Wikileaks, individual hackers, anyone who has attacked and damaged government websites, big business (Paypal, VISA) and about keeping an eye out on terrorist groups who recruit, train, and run actions using cell phones and the internet.
      I’m not saying what I will accept or not, just saying it’s laughable to think this is about stopping people pirate the odd movie or album track.

      • GongGav
        Posted 24/08/2012 at 11:07 am | Permalink |

        +1

        I’m reading this as powers that let the authorities tell the ISP’s to hold information on someone, rather than tell them to hold everyones data and hope for the best.

        Basically, if they were suspicious of me doing some cyber crime, they could get a warrant and the ISP would have to track my actions. Thats simply evidence collection, no different to staking out a suspect and taking pictures.

    7. Stephen
      Posted 24/08/2012 at 4:39 pm | Permalink |

      Governments are rolling over way too often when a law enforcement agency says “we should be allowed to do this”. Rubbish – what’s the cost, and what’s the benefit? In this case, the cost is too high.




    Get our 'Best of the Week' newsletter on Fridays

    Just the most important stories, one email a week.

    Email address:


  • Most Popular Content

  • Enterprise IT stories

    • Super funds close to dumping $250m IT revamp facepalm2

      If you have even a skin deep awareness of the structure of Australia’s superannuation industry, you’ll be aware that much of the underlying infrastructure used by many of the nation’s major funds — AustralianSuper, CBus, HESTA and more — is provided by a centralised group, Superpartners. One of the group’s main projects in recent years has been to dramatically update and modernise its IT platform — its version of a core banking platform overhaul. Unfortunately, as was revealed in November, the $250 million project has not precisely been going well, and the Financial Review last week reported that Superpartners is actually close to turfing it altogether and going back to the drawing board.

    • Qld’s Grant joins analyst firm IBRS peter-grant

      This week it emerged that Peter Grant, the two-time former Queensland Whole of Government CIO (pictured), has joined well-regarded analyst firm Intelligent Business Research Services (IBRS). We’ve long had a high regard for IBRS, and so it’s fantastic to see such an experienced executive join its ranks.

    • Westpac dumps desk phones for Samsung Android mobiles samsung-galaxy-ace-3

      The era of troublesome desk phones tied to physical locations is gradually coming to an end in many workplaces, with mobile phones becoming increasingly popular as organisations’ main method of voice telecommunications. But some groups are more advanced than others when it comes to adoption of the trend. One of those is Westpac.

    • Ministers’ cloud approval lasted just a year reverse

      Remember how twelve months ago, the Federal Government released a new cloud computing security and privacy directive which required departments and agencies to explicitly acquire the approval of the Attorney-General and the relevant portfolio minister before government data containing private information could be stored in offshore facilities? Remember how the policy was strongly criticised by Microsoft, Government CIOs and Delimiter? Well, it looks like the policy is about to be reversed.

    • WA Govt can’t fund school IT upgrades oops key

      In news from The Department of Disturbing Facts, iTNews revealed late last week that Western Australia’s Department of Education has run out of money halfway through the deployment of new fundamental IT infrastructure to the state’s schools.

    • Turnbull outlines Govt ICT vision turnbull-5

      Communications Minister Malcolm Turnbull has published an extensive article arguing that the Federal Government needed to do a better job of connecting with Australians via digital channels and that public sector IT projects needn’t cost the huge amounts that some have in the past.

    • NZ Govt pushes hard into cloud zealand

      New Zealand’s national Government announced a whole of government contract this morning for what it terms ‘Office Productivity as a Service’ services. This includes email and calendaring services, as well as file-sharing, mobility, instant messaging and collaboration services. The contract complements two existing contracts — Desktop as a Service and Enterprise Content Management as a Service.

    • CommBank reveals Harte’s replacement whiteing

      The Commonwealth Bank of Australia has promoted an internal executive who joined the bank in September after a lengthy career at petroleum giant VP and IT services group Accenture to replace its outgoing chief information officer Michael Harte, who announced in early May that he would leave the bank.

    • Jeff Smith quits Suncorp for IBM jeffsmith4

      Second-tier Australian bank and financial services group Suncorp today announced that its long-serving top technology executive Jeff Smith would leave to take up a senior role with IBM in the United States, in an announcement which marks the end of an era for the nation’s banking IT sector.

    • Small business missing the mobile, social, cloud revolution iphone-stock

      Most companies that live and breathe the online revolution are not tech startups, but smart smaller firms that use online tools to run their core business better: to cut costs, reach customers and suppliers, innovate and get more control. Many others, however, are falling behind, according to a new Grattan Institute discussion paper.

  • Blog, Enterprise IT - Jul 5, 2014 13:53 - 0 Comments

    Super funds close to dumping $250m IT revamp

    More In Enterprise IT


    Blog, Telecommunications - Jul 5, 2014 12:12 - 0 Comments

    What should the ACCC’s role be in guiding infrastructure spending?

    More In Telecommunications


    Analysis, Industry, Internet - Jun 23, 2014 10:33 - 0 Comments

    ‘Google Schmoogle’ – how Yellow Pages got it so wrong

    More In Industry


    Blog, Digital Rights - Jun 30, 2014 22:24 - 0 Comments

    Will Netflix launch in Australia, or not?

    More In Digital Rights