Stupid Politicians – Australia Edition

Thank God this hasn’t happened here in the United States (yet).  It is not for lack of trying by US law enforcement agencies, though.  What am I talking about?  Australia recently passed the controversial and totally STUPID anti-encryption law called Telecommunication & Other Legislation Amendment (Assistance & Access) Act of 2018 (TOLA).

TOLA is supposed to provide access by law enforcement to encrypted communications.  This is another attempt to make police investigations easier.  It unfortunately breaks encryption for all of us.  If you have encryption key escrow or software back-doors for the cops, its will be in the hands of criminals shortly thereafter.

A prominent VPN company as already moved its headquarters and operations from Australia to Hong Kong in order to avoid having to comply with this new law.  Other companies are going to be forced to follow suit.  Countries already headquartered elsewhere will pull encryption products from the Australian market rather than comply with the new law.

This is going to hurt Australia’s citizens most of all, as the country begins to lose jobs as IT companies close up shop and move elsewhere.  Routine online activities such as online banking and bill payment will be negatively impacted.  Companies that use encryption may have to suspended operations or refuse Australian citizens access to sites such as Facebook, LinkedIn, and who knows what else?  Australia will soon be relegated to being a technological backwater.

I can only assume this law will be repealed, hopefully before there is massive damage to Australian companies and individuals.  The Internet, and the encryption that keeps the Internet secure is a world-wide technological marvel.  A country cannot make a unilateral change like this one without creating many more problems than it solves.  Time will tell.  I hope that it is an unmitigated disaster that costs the Australian government billions of dollars.  Maybe that will finally shut-up and scare off the political dolts in the US who are championing this same sort of idea for the US.

To paraphrase a popular saying, “When encryption is criminalized, only criminals will have encryption.”


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at


Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.