Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Tuesday, 19 March 2019 09:58

Like Splunk, Aust firms may also have to give up business abroad

By
Like Splunk, Aust firms may also have to give up business abroad Image by Christine Schmidt from Pixabay

The same fate that befell big data analytics company Splunk last month — having to pull out of doing business in Russia — is likely to be shared by many Australian technology companies in the same or other countries once the Federal Government's encryption law begins to make its presence felt.

Splunk announced it would no longer sell its software and services to organisations in Russia, and, to date, no reason, apart from some bizspeak — "[we are] continually evaluating where we are investing and focusing our company resources" — has been advanced to account for the decision.

But is fair to assume that Moscow would have asked for access to the source code of the application – and many companies are now fighting shy of granting such requests, especially given the hostile state of relations that the US enjoys (!) with many other nations.

If that same demand was made of an Australian company which had complied with a demand from the authorities to build in functionality — which can be demanded under the encryption law — there is no way it could accede to a request to provide its source code. That would mean a term behind bars.

There is nothing unusual about requests for source code: China allowed Microsoft to supply a version of Windows for its public sector only after the Redmond giant had allowed Beijing to look at the source in its entirety. Given the oodles of money in that market, Microsoft did not hesitate.

But then it has no vulnerabilities built into its code by the US Government. Or, at least none that have been discovered so far.

For the uninitiated, or those who have been living under a rock for the last eight months, the Australian encryption law — officially known as the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 — was passed in December 2018.

(An inquiry is now underway by the Parliamentary Joint Committee on Intelligence and Security. The PJCIS is expected to submit a report to government by 3 April.)

Under the law, the authorities can get industry to aid in gaining access to encrypted material in three ways. A technical assistance request (TAR) allows for voluntary help by a company; in this case, its staff would be given civil immunity from prosecution.

Else, an interception agency can issue a technical assistance notice (TAN) to make a communications provider offer assistance.

Finally, a technical capability notice (TCN) can be issued by the attorney-general at the request of an interception agency; the communications minister of the day would also need to agree. This would force a company to help law enforcement, by building functionality.

But if the company or individual who is asked to build in functionality breathes so much as a word about it, then he/she/they would all end up eating dry bread and water in one of the many prisons in this big, brown land.

So, if an ambitious Australian company wants to sell its wares abroad — many already do and are much valued — and if the prospective buyer asks for an assurance that there are no doodahs in the code of the product, how does the Aussie firm offer that assurance if it has been approached and has satisfied a request for "help"?

Without that assurance — and often an inspection of the code itself — no buyer would be satisfied.

Australia has used similar logic to exclude Chinese telco equipment vendor Huawei Technologies from its 5G networks – even though Huawei has offered its source code to the authorities for inspection!

There have been muttered arguments about Communism and capitalism, and angry noises that the Australian and Chinese systems cannot be compared.

But such arguments — "trust us, we are fair dinkum Aussies" — will be worth nothing if it comes to a request for source code and the company which is seeking business abroad cannot meet the request.

The only option left will be to dig up some bizspeak the way Splunk did. This site should help.

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments