Menu
Updated: NZ government leaves cloud guidance unchanged after Aussie backdoor law

Updated: NZ government leaves cloud guidance unchanged after Aussie backdoor law

New Zealand Privacy Commissioner addresses issue with Reseller News

Privacy Commissioner John Edwards

Privacy Commissioner John Edwards

The New Zealand government is leaving its guidance on cloud computing unchanged after Australia passed a controversial law giving authorities power to access network and cloud-based information.

The Department of Internal Affairs (DIA) said its initial assessment of the Australian Assistance and Access Act is that the government chief digital officer’s guidance on managing jurisdictional risks stands "as is".

"Australian government agencies still require warrants and notifications to access data from cloud providers, as is the case in other countries," the DIA said.

"In addition, while there has been some commentary in the media that this legislation require cloud providers to introduce weakened encryption, the practical consequences of implementing this have yet to be well understood.

"For these reasons we don’t see that anything has changed at this time, but we will be working through this in more detail as part of the planned refresh of the guidance on managing jurisdictional risks this year."

Among other provisions, the Act requires tech companies to provide law enforcement and security agencies with access to encrypted communications.

The bill, which was opposed by global tech and cloud giants, provides for fines of up to $10 million for institutions and prison terms for individuals for failing to hand over data linked to suspected illegal activities.

Opponents of the law charged it was vaguely worded and open to abuse and would require carriers and other providers to build tools, or backdoors, to deliver access to law enforcement and security agencies.

It also potentially threatens New Zealand government and private data held in Australian data centres operated on behalf of major cloud providers such as Amazon Web Services and Microsoft.

New Zealand Privacy Commissioner John Edwards told Reseller News government agencies’ adoption of offshore-based cloud services was supported by a number of Cabinet decisions and the government chief digital officer.

"It is for the Department of Internal Affairs to revise and update any guidance and recommendations in light of this new law," he said.

Agencies that have migrated to data centres in Australia should also do their own assessment of the risks, as the commissioner had done.

"My office migrated to Microsoft’s Azure service in late 2018, storing our data in Microsoft’s data centres in Sydney," Edwards said. "We have considered the impact of the change in Australian law and have formed the view that it does not materially affect our risk.

"We continue to be satisfied with our current arrangement, which has provided significant efficiencies and benefits to our business."

Lowndes Jordan partner and technology and privacy specialist Rick Shera said, while he hadn’t looked at the Australian provisions in detail, he wasn't sure the Australian law was much different from New Zealand's new Telecommunications Interception Capability and Security Act (TICSA) in terms of central government review and approval of infrastructure change by network providers and in terms of interception access.

"It seems to me that the position with respect to over the top providers remains unclear on both sides of the ditch," he said. "Particularly with respect to requirements to decrypt.  

"I can therefore understand DIA not wanting to depart from the status quo until there are some use cases under the new Australian legislation that they can assess."


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags governmentCloud

Featured

Slideshows

EDGE 2019: Thought leaders share how to build a channel of the future

EDGE 2019: Thought leaders share how to build a channel of the future

Day 2 of EDGE was opened by in-depth research from TRA's Tim Dillon, which outlined the partner view on the channel's future. The following day saw Forrester's Jay McBain and Odgers Berndtson's Tim Sleep conclude the keynote line-up, while HPE and Cisco rounded off the thought leadership.

EDGE 2019: Thought leaders share how to build a channel of the future
Tech credentials on show during Ingram Micro One APAC

Tech credentials on show during Ingram Micro One APAC

Ingram Micro outlined the key technologies for future channel growth on the second day of Ingram Micro One APAC in Singapore, in front of more than 1300 business leaders.

Tech credentials on show during Ingram Micro One APAC
Show Comments