iTnews
  • Home
  • News
  • Business
  • Strategy

Defence's bid for new technology restrictions scuttled by Thom review

By Justin Hendry on Feb 14, 2019 3:13PM
Defence's bid for new technology restrictions scuttled by Thom review

More nuanced approach needed to address legislative gaps.

An independent review of Australia’s tough export control laws has conspicuously tempered the Department of Defence's demands for sweeping new powers and suggested it work better with stakeholders to address perceived gaps in the legislation.

The government on Wednesday released the much-awaited report [pdf] from the former Inspector General of Intelligence and Security Vivienne Thom’s review of the Defence Trade Controls Act 2012.

The review probed whether the legislation, which regulates the supply of military and so-called ‘dual-use’ technologies overseas, continues to provide “appropriate levels of regulation and security for controlled technologies”.

It also looked at whether operation of laws continued to align with international best practices for export controls were not “unnecessarily restricting trade”.

In its submission, Defence had lobbied for the controls be strengthened because of changes to the national security environment since the Act was introduced - a bid that provoked shot a sever backlash from academia and part of industry.

This included new powers that would allow Defence to control how all technology developed in Australia is sold or exported, including the ability to retrospectively re-classify research as dual use or security sensitive.

The audacious bid for a sledgehammer does not appear to have paid off, with the review noting it did “not support the broad approach implied by the recommendations in the Defence submission”, despite the changes in the national security environment.

Instead, it suggested a more nuanced approach by Defence that involves “develop[ing] a policy proposal that takes a proportionate approach to address the current gaps in the legislation” in consultation with affected stakeholders.

The review said this would help address “serious and legitimate concerns” expressed by industry, research bodies and universities.

“Any solution must focus effort and resources on protecting technology that would cause the most damage should it be obtained by foreign entities that may use it against Australian interests,” the report states.

It recommended that Defence work with stakeholders to “develop a practical legislative proposal” that addresses gaps with the legislation, but stopped short of “formulat[ing] any prescriptive recommendations for legislative amendments”.

The reference to a "practical" approach is likely to be interpreted as a pushback against overly abitious claims and kite-flying by parts of the bureaucracy and industry. 

The review helpfully indicated that “principles that could guide such changes” include:

  • “the limitation of the supply provision at section 10 that specifies that it applies only when certain locational criteria are met at the time of supply
  • the lack of control over the transfer of technology not captured by the DTC Act’s existing provisions but which, if transferred to foreign entities with interests contrary to Australia’s, could prejudice Australia’s security, defence and international relations
  • the inadequate control of emerging and sensitive military and dual-use technology.”

The review also suggests that the proposal should consider a number of factors to limit the effects of any amendment on trade, research and international collaboration, the review recommends. These include:

  • “ensure all decisions are targeted and based on risk-related consideration of the technology being supplied, the end user and the end use
  • contain measures to ensure transparency and scrutiny of decisions
  • limit additional uncertainty, complexity and risk of inadvertent breaches
  • minimise any increased compliance costs.”

The government, which has agreed to all nine recommendations in the review [pdf], said Defence exports control arm (DEC) would establish a working group to “develop options to address the identified gaps in the DTC Act”.

The group, which will consist of representatives from Defence and other government agencies, universities and industry, will “develop practical, risk based legislative proposals to amend the DTC Act to enhance the government’s ability to prevent the transfer of defence and dual-use technology to entities that may use it in a manner contrary to Australian interests or who are acting on behalf of a foreign power”.

Cryptographic research

The release of the review comes less than a week after it was revealed that Defence quietly stopped renewals of unrestricted communications exemptions for cyber security and cryptography researchers subject to the export control laws.

The general permission was introduced on a trial basis in 2017 to bypass the legislation and allow for the free flow of information for research purposes.

Submissions to the review had suggested cryptography should be exempt from the legislation altogether, as the regulation was counterproductive and created issues for researchers when communicating overseas.

The review had heard that stakeholders “expressed clear support for the approach taken in the Defence two-step cryptography trial”.

But the review rejected that the controls should not apply to cryptography research, but has recommended that Defence consider this once it has reviewed the cryptography permit trial, which government has agreed to.

“The Department of Defence should formally evaluate its two-step cryptography permit trial and decide whether the approach will be implemented on an ongoing basis,” the report states.

“The evaluation should consider whether an alternative approach would be preferable and explore whether the clarification of existing thresholds would be sufficient or whether legislative amendment is required.”

The government has asked Defence to “consult any proposed actions regarding the permit”, and approach that it lacked when communicating about the end of the unrestricted permits in December.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
cybercyber securitydefencedefence trade controls actgovernmentitregulationsecuritystrategy

Partner Content

Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
Why rethinking your CMS is crucial for customer retention
Promoted Content Why rethinking your CMS is crucial for customer retention
Winning strategies for complaints and disputes management in financial services
Promoted Content Winning strategies for complaints and disputes management in financial services

Sponsored Whitepapers

Free eBook: Digital Transformation 101 – for banks
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see

Events

  • Forrester Technology & Innovation Asia Pacific 2022
By Justin Hendry
Feb 14 2019
3:13PM
0 Comments

Related Articles

  • Defence cancels SkyGuardian drones to fund REDSPICE cyber plan
  • WA gov expands Microsoft enterprise agreement
  • Cyber basics still beyond fed gov as Essential Eight mandate looms
  • Former PJCIS chair named shadow cyber security minister
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Services Australia sets changeover date for myGov

Services Australia sets changeover date for myGov

Google Cloud IoT Core goes on the end-of-life list

Google Cloud IoT Core goes on the end-of-life list

NBN Co proposes to axe CVC across all plans by mid-2026

NBN Co proposes to axe CVC across all plans by mid-2026

Wesfarmers to stand up offensive cyber security capabilities

Wesfarmers to stand up offensive cyber security capabilities

Digital Nation

Crypto losses to crime surge to $1.9 B in first half of 2022: Chainalysis
Crypto losses to crime surge to $1.9 B in first half of 2022: Chainalysis
Save the Date — Digital Nation Live launches on October 25
Save the Date — Digital Nation Live launches on October 25
Stakes are higher for cybersecurity in Web3: Gal Tal-Hochberg, CTO at Team8
Stakes are higher for cybersecurity in Web3: Gal Tal-Hochberg, CTO at Team8
CommBank’s mobile banking app beats ANZ, NAB, Suncorp and Westpac: Forrester
CommBank’s mobile banking app beats ANZ, NAB, Suncorp and Westpac: Forrester
Edge and IoT critical to Web3 infrastructure
Edge and IoT critical to Web3 infrastructure
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.