Home / Security / Dutton’s non-denial fuels fears of domestic ASD cyber spying

Dutton’s non-denial fuels fears of domestic ASD cyber spying

dutton.png

(Image: APH)

Home Affairs Minister Peter Dutton has tried yet again to hose down fears that the government wants to extend Australian Signals Directorate (ASD) surveillance to domestic targets.

He failed.

“Was the government considering extending powers, and is it considering expanding powers, for the ASD to practice domestically?” asked presenter Annabel Crabb on ABC TV’s Insiders on Sunday.

“Well if you look back to what I said at the time, we don’t support spying on Australians. That was a complete nonsense,” Dutton replied.

“But where you’ve got a pedophile network that operates out of Manila live-streaming children being sexually abused, there might be the ability for an Australian agency to try and shut that server down, he continued.

“If that same server was operating in Fitzroy here in Melbourne, then there would be very limited capacity for us in certain circumstances where it was masked, where it was rerouted, and all the rest of it, that we weren’t able to shut that pedophile network down,” Dutton said.

“Similarly in relation to a cyber attack on our Australian banks, if people weren’t able to tap and go and pay and conduct their business for four or five days, if the system was out, I think people would probably by about the second or third hour, let alone day, be demanding ‘What is the government going to do to put this back online?”

So whether the Australian government was, or is, considering extending ASD’s spying powers domestically is a “no” with a “but”.

Hardly reassuring.

The story that triggered these fears dates back to April 29, 2018, when Sydney’s The Sunday Telegraph ran the headline: Secret plan to spy on Aussies.

“Under the plan, emails, bank records and text messages of Australians could be secretly accessed by digital spies without a trace, provided the Defence and Home Affairs ministers approved,” reported Annika Smethurst.

“Under the proposal, seen by The Sunday Telegraph, Home Affairs Minister Peter Dutton and [then] Defence Minister Marise Payne would tick off on orders allowing cyber spooks to target onshore threats without the country’s top law officer [the Attorney-General] knowing.”

What was reported as a “power grab” was “detailed in top secret letters between the heads of the Department of Home Affairs and Defence” which outlined the proposed new powers for the ASD.

Officials were quick to deny that there was any real proposal on the table.

“There is no proposal to increase the ASD’s powers to collect intelligence on Australians or to covertly access their private data,” said a statement signed jointly by ASD Director-General Mike Burgess, Defence Secretary Greg Moriarty, and Home Affairs Secretary Michael Pezzullo the same day.

Cybersecurity and intelligence collection are “two distinct functions, technically and operationally”, they wrote.

A big question at the time was who had leaked the document, with that question still to be answered, which is why the story is back in the news this month.

On June 4, the Australian Federal Police (AFP) hit Annika Smethurst’s home with a search warrant, spending hours looking for evidence to reveal the identity of the leaker.

Putting aside questions of the threat to freedom of the press and the alleged politicisation of the AFP — which are certainly valid questions — especially given the simultaneous raid on the Australian Broadcasting Corporation (ABC) as part of another leak hunt, the question that is back on the table is whether there’s a push anywhere in government for the ASD to have domestic “spying” powers. 

And as I say, Dutton has failed to clarify the issue.

Asked again on Insiders whether “this expansion of powers has your support”, again he fudged it.

“I don’t,” he said. “I think there needs to be a sensible discussion about whether or not we’ve got the ability to deal with threats that we face.”

There followed a now-familiar litany of cyber threats: Attacks like the one that lead to the data breach at Australian National University (ANU), the theft of intellectual property (IP), the cyber attack on Parliament and political parties, and so on.

Pedophiles had already been mentioned, of course.

“I think they’re reasonable discussions to have in the 21st century,” Dutton said.

“I think this is a huge issue around cyber which is only just starting for businesses and for small businesses, for people at home, kids online. This is a massive debate for us over I think the next decade and beyond.”

There’s something deeply wrong with the law enforcement and national security debate in Australia.

We seem unable to discuss the merits of specific agency powers without smothering everything in a vast, tangled woolly blanket of waffle about terrorists, criminals, and drug traffickers, all without any concrete data.

Dutton could have killed the fears with a clear statement about what was in the proposal.

If it was about creating a legal framework for the ASD to provide technical assistance to the AFP and the Australian Security Intelligence Organisation (ASIO) in specific circumstances under AFP and ASIO control, then perhaps there’s an argument.

There’s a difference, after all, between conducting a disruptive network operation to cut off communications, and intercepting communications to gather evidence. The difference might seem subtle in some circumstances, but it’s still something that can be explained.

Dutton could have killed the fears even more effectively if he just released the document. Assuming the document says what he says it does.

Maybe the government could even have a transparent debate about the powers of its cops and spooks. One involving more than just the cops and spooks.

But no. Dutton brought out the infinite waffle-blanket, and clarified nothing.

Whether that’s down to an agreed-upon political communications strategy, or merely Dutton’s world-renown brilliance in the fields of critical thinking and rational debate, is still unknown.

Related Coverage

Employees not the target of encryption laws: Home Affairs

Australian developers really do need to relax. Cops and spooks are being told very clearly that the Assistance and Access Act isn’t for dragooning you into deceiving your bosses.

The encryption wars are back, but this time it’s different

Some of the technical details have changed but the digital privacy battle continues.

Amendments to Australia’s encryption laws stranded before election

Once again, Labor has been Charlie Brown to the Coalition’s Lucy with the football.

Audit rules Victoria’s public health system as ‘highly vulnerable’ to cyber attacks

The Victorian Auditor-General’s Office finds health system could suffer the same fate as the UK’s National Health Service and Singapore’s SingHealth.

3 ways state actors target businesses in cyber warfare, and how to protect yourself (TechRepublic)

State-sponsored groups are leveraging weaknesses in IoT devices to build botnets, and attacking private industry and public infrastructure in attacks, according to a Booz Allen report.


Source link

About admin

Check Also

Brazil is at the forefront of a new type of router attack

For nearly a year, Brazilian users have been targeted with a new type of router ...

Leave a Reply

Your email address will not be published. Required fields are marked *