Australia’s Anti-Encryption Laws Spark Security Concerns in New Zealand Drew Wilson | December 20, 2018 While a lot of outrage over Australia’s anti-encryption laws have been confined to the borders, security worries are now extending beyond the country’s borders. Earlier, Signal, well, signalled that it may not comply with Australia’s anti-encryption laws. The developers behind the encrypted messaging app, in the process, joined a growing chorus slamming the proposed legislation. All this, of course, is happening in the backdrop of Australia’s spy chief attacking critics, accusing them of “hyperbole” and motivated by “self-interest”. Of course, the common thread in all of this is the fact that the fight seems largely confined to within the borders of Australia. It can be easy to forget that with the increasingly interconnected world of ours that changing laws surrounding security will have consequences far beyond the borders of the country. Case in point: the security concerns happening in New Zealand. In an op-ed discussing the anti-encryption legislation, Richard MacManus discussed the ramifications the laws would have in New Zealand. In the op-ed, MacManus points out that New Zealand has been pushing to have government data stored in the cloud. For many, this means the offshoring of storing government data. Of course, this may now be problematic because if the Australian government can demand backdoors be installed in encryption, that theoretically means that Australia can have access to New Zealand data. From the op-ed: I approached both AWS and Xero for comment. I didn’t hear back from the former, and the latter would only say that it’s “carefully assessing how it will impact Xero and its customers”. I can understand the reticence of AWS and Xero to offer their opinions. The reality is, this law threatens the ongoing privacy and security of their customers. It even invites the question: should New Zealand organisations continue to host their data offshore? It’s a particularly important question for our Government to consider. After all, we do not want our citizens’ data to be compromised due to over-zealous Australian politicians. MacManus also notes that 1Password is already making a host of new considerations regarding the legislation. He additionally points out that if there are so many concerns about Huawei, then there really should be security concerns surrounding Australia’s laws. He suggests that Australia’s law might actually be more dangerous to New Zealand’s interest then the Chinese telecom. In any event, he raises a number of perfectly valid concerns. It’s also a great reminder that laws surrounding technology can have implications far beyond the countries borders. To add to the point, technology laws have proven to have a way of spreading – both good and bad. Frequently, when poorly conceived copyright laws are proposed and passed in one country, lobbyists find themselves swarming government offices in other jurisdiction’s to try and push similar laws. The often used argument that if ‘x country’ jumped off a cliff, that means ‘y country’ needs to follow suit or risk being left behind. While the example does note copyright laws, there is no reason to believe that global spy agencies won’t push for similar laws in other countries. In fact, it’s expected given that this law was pushed for by other countries including Canada, the UK, the US, and even New Zealand in the first place. It actually would be a huge surprise if Australia found itself to be an anomaly when it comes to proposing equally dangerous anti-encryption laws. For all we know, this is only the beginning of a much broader international push to stamp out secure encryption. Drew Wilson on Twitter: @icecube85 and Google+.