The federal government is quietly preparing a raft of laws that would fundamentally change how technology is used in Australia. These wide-ranging digital reforms include everything from giving an unelected government official the right to censor apps and websites, to giving senior police the power to sign warrants that would allow them to take over your social media accounts.
Here are the biggest things happening right now in Australia’s tech law space:
The Online Safety Bill
Touted as a way to keep Australians safe online, the Online Safety Bill will overhaul the role of Australia’s eSafety commissioner.
The bill would drastically increase the commissioner’s powers, including giving them the ability to order the removal of online abuse, force web services and app stores to remove access to websites or apps, and unilaterally enforce verification systems — for example, a face scan — before users look at age-restricted material (i.e. porn).
The bill has sparked a backlash from groups including privacy advocates and the sex industry, and has yet to pass the Senate. But in light of the scandals that engulfed Canberra in March, the bill has become more totemic to the government as a blunt tech solution to a broader culture problem.
The Data Availability and Transparency Bill
As part of an attempt to reform the public service, the government is proposing a bill that would make it easier for government bodies to share data with businesses, researchers and each other, in order to to improve government services, policy, research and development.
However, there are concerns that facilitating the free flow of data between government services would see that data end up in the wrong hands.
Critics of the bill say it will give away more data than is necessary, and that it could be used for purposes that go beyond its stated aims — for example, enforcement of the NDIS scheme.
Last week, the Senate committee reviewing the bill said that it needed further privacy protections.
Privacy Act review
The elephant in the room of the Data Availability and Transparency Bill is the review of Australia’s creaking Privacy Act.
The review was commissioned at the end of 2019 by then-attorney-general Christian Porter as part of the government’s response to the Digital Platforms inquiry.
The act itself is more than 30 years old — passed just as the internet was made available to its first universities in Australia, and long before Facebook was even a twinkle in Mark Zuckerberg’s eye — and has become a patchwork of different amendments as other laws change around the act.
Compared with something like Europe’s world-first GDPR privacy reform, Australia’s major piece of privacy legislation is looking a little worse for wear.
The review will consider how we define personal information, what is exempted, whether a tort for serious invasions of privacy should be introduced, and how effective our current scheme is when it comes to notifying people when their data has been breached.
Surveillance Legislation Amendment (Identify and Disrupt) Bill
Drafted under a Peter Dutton-led Department of Home Affairs, this proposed law seeks to beef up police powers by creating increasingly intrusive warrants that don’t even need to be signed off by a judge.
The bill gives the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC) three new types of warrants that will let them modify, add, copy or delete data, access devices and networks, and take over people’s online accounts for an investigation.
Beyond this, the bill would give members of the Administrative Appeals Tribunal (AAT) and even executives of police agencies the power to award these warrants in an emergency.
These non-judicially granted warrants must be reviewed by a judge as soon as possible — but the data that’s obtained by an incorrectly granted warrant does not need to be destroyed.
The Senate Standing Committee for the Scrutiny of Bills sounded the alarm about this legislation earlier this year in a scathing report.
Digital identity legislation
The Digital Transformation Agency (DTA) is spearheading a scheme to centralise how Australians prove they are who they say they are online.
In the same way Facebook and Google users are able to use their logins on a range of services, the proposed Digital Identity system hopes to do the same across government services and, eventually, even businesses.
The system would replace having different accounts across different services and would use facial recognition software as part of it. The DTA says it will be optional.
While the DTA has yet to release a draft bill, there appears to be growing consensus from governments about their desire for such a system. The national cabinet agreed in principle to the idea of a “seamless digital identity” in April.
Everything else to keep an eye on
The review of the controversial encryption-busting Telecommunications and Other Legislation Amendment (Assistance and Access) Act, the Productivity Commission’s Right to Repair inquiry, and the Identity-matching Services Bill (which would introduce a national facial recognition database) if the government decides to reintroduce it.