The combined stupidity and cowardice of the Coalition and Labor now means that any IT product — hardware or software — made in Australia will be automatically too risky to use for anyone concerned about cybersecurity. The government’s encryption backdoor bill, which Labor found a new way to roll over on last night in the Senate, now guarantees Australian-made products will be regarded as potentially having been corrupted by the Australian government and its unsupervised security agencies. One industry figure correctly compared Australia’s industry to Huawei, which is now indelibly associated, despite its furious protests, with the idea of government-inserted backdoors.
Our tech sector is small by US and European standards — it produced exports of $3.2 billion in 2016-17 and, according to an OECD report, “Australia ranks seventh out of 13 countries, with our ICT sector representing around 4.5% of total industry value add in 2015.” The encryption backdoor bill guarantees it will stay that way — every Australian-manufactured IT product must henceforth be regarded with suspicion that any features using encryption will be hopelessly compromised, with a backdoor back to Australian intelligence agencies.
While in effect signalling that no one serious about cybersecurity can trust Australian-made products, the impact on the dominant foreign tech players remains to be seen. In effect the bill purports to give the government the power to order the likes of Apple and Facebook to undermine the security of their own products. But for the world’s biggest IT companies, the damage from users worldwide knowing that they are willing to undermine their product’s security at the request of a global nonentity like Australia will be profound — would you trust an Apple product knowing it had yielded to some Australian copper’s demand that it help plant some malware on a target’s iPhone? Maybe you trust Australian police. But if Australia can demand the undermining of encryption, we can surely have no objection when China, or Russia, or Saudi Arabia, or Venezuela, do exactly the same? The world’s biggest tech companies have a strong incentive to resist, they have very deep pockets and are used to using all the legal resources at their considerable disposal to ward off threats to their profits. The response from companies like Apple and Facebook may well be “see you in court”.
Local tech companies don’t have that option, and don’t have the resources for it anyway. They’ll have to submit to having their business models ruined by idiot politicians. This is, hilariously, the very sector over which the political class was fawning in 2015, when it was all about start-ups, agility and innovation. There was even a “Cyber Security Growth Centre” set up by the Turnbull government to foster local cybersecurity startups, although its online presence has now vanished. Even so, it is only a few months since Michaelia Cash was flogging it was a way to help develop local IT companies. Good luck there — buying an Australian cybersecurity product will now be like buying your firewall software from China.
Next time you see Karen Andrews, the Industry Minister, or Labor’s industry shadow Kim Carr, or digital economy spokesman Ed Husic, or other Labor MPs like Tim Watts who like to appear au fait with IT and digital issues, talking about the Australian tech industry, remember that they’re the ones who have helped turn “Made In Australia” into a warning to avoid our products like the plague.
Crikey is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while we review, but we’re working as fast as we can to keep the conversation rolling.
The Crikey comment section is members-only content. Please subscribe to leave a comment.
The Crikey comment section is members-only content. Please login to leave a comment.