Data theft flaws found in cybercrime bill

Powered by SC Magazine
 

No reprieve for small ISPs.

A Joint Select Committee has made 13 unanimous recommendations to amend proposed cyber crime legislation.

The Cybercrime Legislation Amendment Bill pushed telcos and ISPs to preserve "stored communications and telecommunications data", such as "computer data", email, and SMS messages.

Law enforcement agencies could get hold of the data to aid investigations if they had a "preservation notice".

Although the Bill provided a clear legislative basis for the preservation of communications, it failed to balance this expansion with specific attention to data handling issues, the committee said in its report handed down yesterday.

“There are an expanding number of carriers and carriage service providers in the Australian market place that must cooperate in law enforcement agencies and retain data under the Bill," the committee said.

"It seems logical that any increase in the volume of retained data will inevitably increase the risk of data theft.”

Other recommendations endorsed industry, privacy and professional concerns about the Bill’s potential to undermine many protections under the guise of acceding to an overseas treaty.

The Bill has been couched by the Government as a necessary extension of surveillance powers to comply with the European Convention on Cybercrime.

The committee recommended that smaller ISPs and carriers should not be exempted from the Privacy Act 1988.

Carriers and ISPs should be subject to express data handling and storage requirements including destroying preserved data when it is no longer required.

Several recommendations sought to strengthen and make clearer on what basis a foreign country could apply for data access, in line with concerns aired privacy advocates.

A bombshell request by Telstra at a committee hearings seeking more time to implement the Bill  also provoked a stinging rebuke for the Attorney-General’s department over their industry consultation generally.

"There appears to be a need for greater consultation between the government and industry on the implementation of the Bill," the committee noted.

Attorney-General Robert McCllelland said the Government would consider the committee's recommendations.

Greens add criticism

Committee member and Greens Senator Scott Ludlam said that there could still be issues if and when the legislation made it to the upper house.

“Once again with this Bill, a major expansion of the surveillance state is occurring with entirely inadequate justification,” he said in an annex to the committee’s report.

He was critical of areas of the Bill he said were inconsistent with rules in the European Convention.

Copyright © iTnews.com.au . All rights reserved.


Data theft flaws found in cybercrime bill
 
 
 
Top Stories
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
 
What InfoSec can learn from the insurance industry
[Blog post] Another way data breach laws could help manage risk.
 
A ten-point plan for disrupting security
[Blog post] How can you defend the perimeter when it’s in the cloud?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  21%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1038

Vote