Technical capability notice: A notice issued by the attorney general, requiring tech companies to “build a new capability” to decrypt communications for law enforcement.
Facebook has always maintained that it only collected data from users who opted in, but in a tranche of internal emails obtained as part of a lawsuit against the company and released by the digital, culture, media and sport committee, employees discuss how to minimise the amount of consent they would need to ask for to begin the collection.
At a committee hearing in Canberra on Friday, witnesses from Cisco, Optus and Telstra called for a better definition of the bill’s main safeguard that tech companies cannot be asked to build “systemic” weaknesses into their products.
In a submission [PDF] to the Parliamentary Joint Committee on Intelligence and Security -- which is currently reviewing the legislation as the government attempts to ram it through Parliament -- Cisco called out Canberra for not allowing greater transparency on disclosing notices and requests from Australian authorities to access encrypted communications.
The submission's signatories are concerned about any attempt, anywhere in the world, to undermine encryption — the process that keeps online products and services secure, said Sharon Bradford Franklin, its co-author and Open Technology Institute's director of cybersecurity policy in Washington, DC.
Peter Dutton’s proposed legislation to expand the government’s surveillance capabilities into telecommunication devices through the inclusion of spyware risks could create “systemic weakness or vulnerability” that would be open to exploitation, Australia’s peak industry group has warned.