Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

Tech Giants Face Hefty Fines Under Australia Cyber Laws

Tech companies could face fines of up to Aus$10 million (US$7.3 million) if they fail to hand over customer information or data to Australian police under tough cyber laws unveiled Tuesday.

Tech companies could face fines of up to Aus$10 million (US$7.3 million) if they fail to hand over customer information or data to Australian police under tough cyber laws unveiled Tuesday.

The government is updating its communication laws to compel local and international providers to co-operate with law enforcement agencies, saying criminals were using technology, including encryption, to hide their activities.

The legislation, first canvassed by Canberra last year, will take into account privacy concerns by “expressly” preventing the weakening of encryption or the introduction of so-called backdoors, Cyber Security Minister Angus Taylor said.

Taylor said over the past year, some 200 operations involving serious criminal and terrorism-related investigations were negatively impacted by the current laws.

“We know that more than 90 percent of data lawfully intercepted by the Australian Federal Police now uses some form of encryption,” he added in a statement.

“We must ensure our laws reflect the rapid take-up of secure online communications by those who seek to do us harm.”

The laws have been developed in consultation with the tech and communications industries and Taylor stressed that the government did not want to “break the encryption systems” of companies.

“The (law enforcement) agencies are convinced we can get the balance right here,” he told broadcaster ABC.

“We are only asking them to do what they are capable of doing. We are not asking them to create vulnerabilities in their systems that will reduce the security because we know we need high levels of security in our communications.”

The type of help that could be requested by Canberra will include asking a provider to remove electronic protections, concealing covert operations by government agencies, and helping with access to devices or services.

If companies did not comply with the requests, they face fines of up to Aus$10 million, while individuals could be hit with penalties of up to Aus$50,000. The requests can be challenged in court.

The draft legislation expands the obligations to assist investigators from domestic telecom businesses to encompass foreign companies, including any communications providers operating in Australia.

This could cover social media giants such as Facebook, WhatsApp and gaming platforms with chat facilities. 

The Digital Industry Group (DIGI), which represents tech firms including Facebook, Google, Twitter and Oath in Australia, said the providers were already working with police to respond to requests within existing laws and their terms of service.

DIGI managing director Nicole Buskiewicz called for “constructive dialogue” with Canberra over the adoption of surveillance laws that respect privacy and freedom of expression.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cyberwarfare

Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still...

Application Security

Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that...

Compliance

The Federal Communications Commission (FCC) is proposing tighter rules on the reporting of data breaches by wireless carriers.The updated rules, the FCC says, will...

Cybercrime

A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...