Normally there wouldn’t be much point fact-checking satirists, but The Juice Media who put this out are popular and influential, and this video is being shared as a kind of briefing material on Australia’s new data law and its impact. If the claims aren’t true, then, that’s one issue. If they are true, that’s a different challenge.
WikiTribune is collecting the claims below, then checking them.
Claims to fact check:
You can edit or expand this storyEdit
Before we can fact check this, we need to list the substantive claims it makes. I went through the video, and here’s the list I came up with:
- The new law will force tech companies insert code into their apps which lets the government “access your device” when you download the latest updates. (:25)
- Companies that don’t comply with the law face fines of up to $10 million (Australian) (:40).
- The Law is based on a UK law, but more intrusive because it removes calls for judicial oversight. All that will be required is the Attorney General, a political appointee, to determine the access is “reasonable and proportionate”. (:48)
- The government once doxxed ??? a welfare recipient for “criticising [the government]” (:1:00)
- The government is currently prosecuting a whistleblower (“witness K”) for “exposing [their] misconduct.” (1:05)
- The government throws “kids in concentration camps for seeking asylum”. (1:07)
- The government “prosecutes journalists who report on [the children in camps]” (1:10)
- The government “gave half a million of … tax dollars to a foundation full of [their] friends”. (1:13)
- “Snowden wannabes” who disclose abuse of the new powers face 10 years in jail. (1:21)
- Australia is a testing ground for this novel and invasive law because it one of the Five Eyes countries, but lacks a bill of rights. (1:38)
- “International data requests” from the other Five Eyes governments will be “funneled through” Australia, compromising the privacy of Canadians, New Zealanders, Americans and citizens of the UK. (1:43)
- The Government is accepting public submissions about the bill on [email protected] until 10 September (1:49)
Did WikiTribune miss anything? Why don’t you have a look and expand the list? Maybe we got something wrong. Why don’t you double check?
Below we list what we’ve got so far in terms of answers. First however, let’s have a quick look at the big picture.
The legislation as we understand it has two interlocking aims, one is to extend the obligation to cooperate with government agencies, which the major telcos or “carriage services” are already subject to, to the “over the top” services, like apps and websites, that we increasingly use. These apps, unlike phone calls or sms messages, are increasingly encrypted. That’s where the second goal comes in: forcing companies to decrypt, data, or otherwise “remove protections”, As Rohan Pearce writes for Computer World
The first level is voluntary assistance in response to a “technical assistance request” issued by an agency. The second level is a “technical assistance notice”, which requires a provider to give assistance to an agency that they are already capable of providing. That could include decryption of data in circumstances where the provider has access to the key.
The third and most extreme level is a “technical capability notice”: A requirement for a company to build new capabilities to assist police. Technical capability notices must be issued by the attorney-general.
Before we go any further, however, we must issue a disclaimer of sorts. Much about the bill is still unclear, not just to us but to the experts. Cyber Security expert Peter Coroneos told the Sydney Morning Herald: “”If you read between the lines of the legislation, you see the undeniable tension that government faces within its own ranks”, and called the bill “complex”, adding that it probably wasn’t ready. David Vaile of the Australian Privacy Foundation told Wikitribune the language used was “deliberately slippery”, leaving much for interpretation.
Mr Vaile biggest concern was with the first level, the “technical assistance request”, in part because warrants are not required for these. Companies are not formally obliged to require (they face no direct penalty for not complying), but Vaile suggests they could still apply substantial pressure, and that language elsewhere in the bill encourages companies to do all they can to assist law enforcement and intelligence agencies. Furthermore, even though companies aren’t forced to comply, consumers do lose protections – if a company or person provides information to, for example, the Australian Secret Intelligence Organisation, or the Federal Police either in response to such a request or because they “reasonably believe” the information will be useful to the authorities, they are granted civil immunity for their actions, with the example of breach of contract specifically listed. This removes a major barrier and gives the tech companies one less reason not to simply comply.
The industry however seems most concerned about the third level, a “technical capability notice”, which can require them to change their product or introduce software developed or procured by the intelligence and law enforcement agencies into their “networks”. The bill specifically states that the government will not ask companies to “implement or build a systemic weakness, or a systemic vulnerability, into a form of electronic protection” or rendering “systemic methods of authentication or encryption less effective.”
But not everyone agrees that can be done so tidily. The former digital affairs editor of Fairfax Media wrote in the Sydney Morning Herald that “There’s no doubt about it: this bill will undermine encryption.”. Further down in the same article he quotes Nicole Buskiewicz, head of the non-profit Digital Industry Group (which represents Facebook, Google, Twitter, Yahoo and other tech companies in Australia), as saying “The reality is that creating security vulnerabilities, even if they are built to combat crime, leaves us all open to attack from criminals,” and, “This could have devastating implications for individuals, businesses, public safety and the broader economy”.
In the article, Buskiewicz also echoes the concerns of the Australian Privacy Foundation, “We are extremely concerned at the lack of judicial oversight and checks and balances with this legislation.”
With that out of the way, let’s get down to the claims from the video!
CLAIM 1: The new law will force tech companies insert code into their apps which lets the government “access your device” when you download the latest updates.
To the best of our understanding, given the vagaries discussed above, this could happen. (Help us on the talk page if you know better.)
CLAIM 2: Companies that don’t comply face $10 million dollar fines.
The government’s own explanatory document states “The civil penalty for non-compliance by body corporates is 47,619 penalty units (~ AUD $10 million)”. The same section of the document also lists $50, 000 fines for individuals who don’t cooperate.
CLAIM 3: The Law is based on a UK law, but more intrusive because it removes calls for judicial oversight. All that will be required is the Attorney General, a political appointee, to determine the access is “reasonable and proportionate”.
UNSURE. This seems to be the consensus. But we haven’t seen where everyone else is sourcing this claim from yet.
CLAIM 4: The government once “doxxed” a welfare recipient for “criticising [the government]”
“Doxxed”, which means revealing the identity of a previously anonymous person online is not the right word. A welfare recipient wrote an article complaining about dealing with centrelink, using her own experiences as material. The department responded by telling journalists that their records contradicted details of what she said, in the process revealing details about her life, to which many experts and privacy advocates objected.
CLAIM 5: The government is currently prosecuting a whistleblower (“witness K”) for “exposing [their] misconduct.”
Witness K is a Former ASIS officer who claims he was involved in spying on Australia’s neighbour East Timor in the early days of the country’s recent indepence, when Australia was considered an ally by the tiny impoverished nation, for purposes of corporate espionage and to the ultimate benefit of a company called Woodside Petroleum. He alleges this was done on the instructions of the then foreign minister, who took a lucrative consulting position with Woodside upon leaving government.
Not only has the pseudonymous “Witness K” been charged, so has his lawyer, Bernard Collaery, a former attorney general of the Australian Capital Territory, whose offices were even raided.
CLAIM 6: The government throws “kids in concentration camps for seeking asylum”.
Mostly True. Technically it’s unauthorised arrival by boat which the children and other asylum seekers are being punished for by mandatory indefinite offshore detention, denial of resettlement. The government has even turned down repeated offers from New Zealand’s Prime Minister to resettle the refugees. The UN has condemned Australia’s actions repeatedly.
CLAIM 7: The government “prosecutes journalists who report on [the children in camps]”
We haven’t had time to check this one out yet. Want to get stuck in for us?
CLAIM 8: The government “gave half a billion of … tax dollars to a foundation full of [their] friends”.
Half True. Questions certainly surround the bequeathment of 400+ million dollars to The Great Barrier Reef foundation, a tiny previously unknown charity run by people associated with the Australian Business Council which has a conservative leaning. People say the group was considered politically safe as it avoided [check me on the details of this]
In the words of David Vaile
CLAIM 9: “Snowden wannabes” who disclose abuse of the new powers face 10 years in jail.
The government’s explanatory document states:
Unauthorised disclosure of information about, or obtained under, a computer access warrant is an offence. The maximum penalty for the offence is 2 years imprisonment or 10 years if the disclosure endangers the health or safety of any person or prejudices an investigation into an offence
CLAIM 10 Australia is a testing ground for this novel and invasive law because it one of the Five Eyes countries, but lacks a bill of rights.
According to the Australia Human Rights Commission (a body which is funded by but operates independently from the Australian government):
In Australia, human rights are protected in different ways. Unlike most similar liberal democracies, Australia has no Bill of Rights to protect human rights in a single document.
Rather rights may be found in the Constitution, common law and legislation – Acts passed by the Commonwealth Parliament or State or Territory Parliaments.
David Vaile from the Australian Privacy Foundation says this is “Largely true” though UK does not have a bill of rights. UK political culture more robust than Australia’s, he goes on to say.
Furthermore, he says Australia only has the privacy act, full of loopholes, “authorised by law” or “required by law”
“No right to sue for breach of privacy written into this law” (2001 the high court found this, and asked parliament to write one, they did not.) Privacy act only allows you to appeal to a commissioner, (already being harassed and non-assertive regulator).
Open ended discretion
CLAIM 11: “International data requests” from the other Five Eyes governments will be “funnelled through” Australia, compromising the privacy of Canadians, New Zealanders, Americans and citizens of the UK.
Yes Mutual Legal Assistance Treaties.mostly
Butt also less regulated processes under intelligence arrangement
Forward looking role, not reactive like police, makes things much harder.
The Government is accepting public submissions about the bill on [email protected] until 10 September
True. Have your say.