iTnews

Defence launches crackdown on Australian crypto research

By Justin Hendry on Feb 6, 2019 9:25PM
Defence launches crackdown on Australian crypto research

Ahead of Thom export control review findings.

The Department of Defence has significantly tightened exemptions for Australian information security and cryptographic researchers through tough export control laws, a move likely to stifle collaboration with the overseas research community outside intelligence circles.

Defence's export controls arm (DEC) has quietly revoked the permits of researchers subject to the Defence Trade Controls (DTC) Act 2012, which regulates the supply of military and so-called ‘dual-use’ technologies overseas.

The permits were introduced on a trial basis in 2017 in response to feedback during the implementation of the legislation to allow researchers in the field of information security and cryptography to communicate with their counterparts in any non-sanctioned country.

Since then, Defence has launched an unprecedented bid to be able to retrospectively re-classify research as dual use or security sensitive, a power academia has warned will fundamentally undermine funding certainty for research across the sector.

At the same time, sections of the the information security industry remain at loggerheads with the government over new controversial crypto-busting powers.

With the date of the delivery of highly anticipated defence exports controls review by Vivienne Thom - a former Inspector General of Intelligence and Security - still up in the air amid protracted uncertainty, leading academics say they are already feeling the heat. 

Defence initially said the permits issued to academic researchers would “achieve a balance between the need for free flow of information for research purposes in the initial stages of a research project and national security interests”.

But two years after the trial was introduced, Defence now looks to have pulled the plug on the general permission permit allowing organisations to communicate about cryptography research with any non-sanctioned countries.

The University of Melbourne is one such organisation that has been affected by what appears to be an undisclosed policy change amid the DTC Act review.

Cryptographic researcher and associate professor at the School of Computing and Information Systems Dr Vanessa Teague told iTnews the decision not to renew the university’s general permit had limited her ability to communicate about cryptography to researchers in only three countries.

She said this had occurred without any warning or explanation of why from the DEC, including if there had been a change in policy.

The result is that each time the university wants to communicate with researcher from a non-approved country they will need to “fill out a new form and ask permission”, which Teague described as “unworkable in the context of an international, competitive scientific community”.

“What they [Defence] don’t understand is asking permission in advance and waiting a few months to get around to granting a permit is just unworkable in the context of scientific research,” she said.

It’s also the very reason researchers pushed for the exemptions in the first place after the DTC Act was introduced.

Teague warned that other research organisations potentially affected may not yet be aware.

“Because the permits last for a year, and I don’t know exactly when the policy changed, the only other people who might have been affected would be the other people whose permit expired after the policy changed,” Teague told iTnews.

The DTC Act review began in April last year to ensure it remains fit for purpose, including whether it “adequately safeguards national defence capability and prevents trade and collaboration that could unwittingly advance the military capabilities of potential adversaries”.

It was expected to take around six months to complete, but Defence is yet to publically release the report almost ten months after the review was called.

iTnews understands the review has been completed and is waiting to be tabled when parliament returns later this month.

That could see new powers apportioned to Defence for controlling how all technology developed in Australia is sold or exported in the interests of national security, which Australia’s top universities have hit back against.

Defence had not responded to request for comment by the time of publication.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
defence defence trade controls act security strategy vanessa teague

Partner Content

Delivering customer-centric government
Promoted Content Delivering customer-centric government
Why Australia’s governments need to expand their data boundaries
Promoted Content Why Australia’s governments need to expand their data boundaries
A 360° view of the cost of data breaches in Australia and how to mitigate them
Promoted Content A 360° view of the cost of data breaches in Australia and how to mitigate them
Deadline to enter 2021 IoT Awards extended
Partner Content Deadline to enter 2021 IoT Awards extended

Sponsored Whitepapers

10 questions to ask before you select a Network Performance Management tool
10 questions to ask before you select a Network Performance Management tool
Innovate faster. Why accelerating change is a CIO's biggest challenge.
Innovate faster. Why accelerating change is a CIO's biggest challenge.
Unlock faster time-to-revenue using Adobe digital document processes
Unlock faster time-to-revenue using Adobe digital document processes
How Security as Code changes development and deployment for the cloud
How Security as Code changes development and deployment for the cloud
Tackle new ITSM priorities with this seven-step Micro Focus guide
Tackle new ITSM priorities with this seven-step Micro Focus guide

Events

  • SAP e'ffect 2021
By Justin Hendry
Feb 6 2019
9:25PM
0 Comments

Related Articles

  • Defence blind on contractor security clearances
  • ACT govt invests $40m in digital services, cyber security and analytics
  • Government unveils digital identity bill
  • Victoria embarks on govt cyber security uplift
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

AWS cautions gov against rushing in more cyber security regulations

AWS cautions gov against rushing in more cyber security regulations
Telstra 'gamifies' cloud cost reduction efforts among internal teams

Telstra 'gamifies' cloud cost reduction efforts among internal teams
CBA to treat its software like "food in the fridge"

CBA to treat its software like "food in the fridge"
Australia Post trials running post office processes on a smartphone

Australia Post trials running post office processes on a smartphone

Digital Nation

Digital leaders master collaboration, reskilling and culture: Didier Bonnet
Digital leaders master collaboration, reskilling and culture: Didier Bonnet
COVER STORY: Data centre sustainability scrutiny puts emissions in the spotlight
COVER STORY: Data centre sustainability scrutiny puts emissions in the spotlight
Next generation of Digital Giants growing faster than the originals: Ray Wang
Next generation of Digital Giants growing faster than the originals: Ray Wang
HR platform consolidation unlocks the value of data at Aurecon
HR platform consolidation unlocks the value of data at Aurecon
Expect dramatic value chain disruptions every four years: McKinsey Global Institute
Expect dramatic value chain disruptions every four years: McKinsey Global Institute
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.