ASD chief insists new encryption laws won't see Aussie tech shunned like Huawei

The Australian Signals Directorate says the idea that Australian technology will be seen as untrustworthy in the wake of encryption-busting laws and therefore blocked from use “is absurd”.

Director-general Mike Burgess published what he called seven “myths” of the controversial new laws, which the major parties passed in the last hours of parliament last week.

In particular, Burgess targeted the significant doubt that has been swirling in the days since around how Australia’s technology sector will now be treated by foreign buyers.

“It’s been repeatedly claimed that Australian tech companies will be regarded as no different to the high-risk foreign vendors that have been blocked from supplying equipment in Australian 5G networks,” Burgess said.

“The comparison is absurd.

“High-risk vendors have been banned from Australia’s 5G network because of the threat they pose when they could be subject to unbounded extrajudicial directions from a foreign government.”

Huawei has found itself blocked from participating in a range of telecommunications projects in many countries, mostly over long-running fears that the equipment contains backdoors.

Australia, New Zealand and Japan are among the countries to openly declare a lack of trust in Huawei kit.

The Australian laws ostensibly do not allow a backdoor, systemic weakness or vulnerability to be built into software and hardware products. However, the definitions of those terms are open to some interpretation, and have yet to be tested.

Burgess also attacked the idea that Australian tech companies would be forced to shift operations overseas in order to maintain trust and remove suspicion that their technology may be compromised.

“Australia is not the first country to enact this sort of legislation – and we will not be the last,” Burgess said.

“Agencies in the UK already have similar powers and other nations are considering their options.

“The claims the legislation will drive tech companies offshore are similarly flawed”, he said, without elaborating.

A widely-shared Reddit post earlier this week appeared to show legal advice given to a small Australian tech firm that advised restructuring its operations to limit the impact of the law, though it was unclear whether or not its proposed actions would have the desired effect.

Other internationally-based technology firms have also added to the confusion about how the laws are likely to apply.

In a blog post, 1Password suggested it may need to rethink hiring policies or put extra security controls “on our people in Australia”.