While the world is laughing at UK PM David Cameron for his pledge to
ban encryption, Australia is on the way to implementing legislation that
could feasibly have a similar effect.
Moreover, the little-debated Defence Trade Control
Act (DCTA) is already law – it's just that the criminal sanctions it
imposes for sending knowledge offshore without a license are being
phased in, and don't come into force until May 2015.
As
noted in
Defence Report,
the lack of an academic exclusion in the law, which passed parliament
under the previous Labor government in 2012, could mean “an email to a
fellow academic could land you a 10 year prison sentence”.
The control of defence research isn't new or
surprising, and in fact this law was put into place to align Australia's
regime with that of the USA (the International Traffic in Arms
Regulations), but the haste with which it was implemented means someone
forgot that academic researchers routinely discuss sensitive
technologies.
While consumer-grade encryption is excluded from
control by the Defence and Strategic Goods List (the 350 page-plus
regulation that describes what's prohibited by the DCTA), researchers
are warned off 512-bits-plus key lengths, systems “designed or modified
to perform cryptanalytic functions, or “designed or modified to use
'quantum cryptography'” (the latter, in an explanatory note, also
covering quantum key distribution).
Hence after May, the various quantum labs in
Australian universities will have to think twice before collaborating
with overseas partners.
At least systems protecting personal data are
allowable, so long as the users have no control over the cryptographic
capability (section 5A002 of the strategic goods list).
As
Defence Report notes:
"Without the exclusion for academics, as
enjoyed by the US and UK, university researchers would need prior
permission from a Minister at the Department of Defence (DoD) to
communicate new research to foreign nationals or to publish in any
research journals."
Was the government warned that it was making a mistake? Apparently so: Vulture South has had its attention drawn to several
submissions made to the Senate
committee overseeing the bill's implementation.
Air Power Australia's Peter Moon and retired Air
Commodore Edward Bushell describe the bill as “clearly defective”. Even
the ITAR regime has been problematic for researchers, they note, since
academics have to partition conferences according to whether or not
they're ITAR-compliant.
Even though “public domain” technologies are
exempted, the Moon/Bushell submission notes, a defendant is required to
prove that the technology they're discussing is in the public domain,
rather than the regulator having to do the research for themselves.
The law, they write, represents “censorship controls on all publishing on all topics covered by the DTCA, embracing:
- All open-sourced research on any topic related to DSGL technologies.
- All open-sourced research on any topic impinging upon military operations.
- All open-sourced research impinging upon military technological
strategy, as this cannot be conducted in the absence of capability
analysis.
- All applied research in areas of DSGL and related technologies.
- All submissions to parliamentary inquiries covering any matters involving defence operations, strategy or technologies.
Universities Australia was no less critical in its
submission, saying the bill as it now stands would impact everything
from what universities are allowed to teach (and who may teach them)
through to whom researchers can contact and what they're allowed to
publish
