Menu
Updated: NZ government leaves cloud guidance unchanged after Aussie backdoor law

Updated: NZ government leaves cloud guidance unchanged after Aussie backdoor law

New Zealand Privacy Commissioner addresses issue with Reseller News

Privacy Commissioner John Edwards

Privacy Commissioner John Edwards

The New Zealand government is leaving its guidance on cloud computing unchanged after Australia passed a controversial law giving authorities power to access network and cloud-based information.

The Department of Internal Affairs (DIA) said its initial assessment of the Australian Assistance and Access Act is that the government chief digital officer’s guidance on managing jurisdictional risks stands "as is".

"Australian government agencies still require warrants and notifications to access data from cloud providers, as is the case in other countries," the DIA said.

"In addition, while there has been some commentary in the media that this legislation require cloud providers to introduce weakened encryption, the practical consequences of implementing this have yet to be well understood.

"For these reasons we don’t see that anything has changed at this time, but we will be working through this in more detail as part of the planned refresh of the guidance on managing jurisdictional risks this year."

Among other provisions, the Act requires tech companies to provide law enforcement and security agencies with access to encrypted communications.

The bill, which was opposed by global tech and cloud giants, provides for fines of up to $10 million for institutions and prison terms for individuals for failing to hand over data linked to suspected illegal activities.

Opponents of the law charged it was vaguely worded and open to abuse and would require carriers and other providers to build tools, or backdoors, to deliver access to law enforcement and security agencies.

It also potentially threatens New Zealand government and private data held in Australian data centres operated on behalf of major cloud providers such as Amazon Web Services and Microsoft.

New Zealand Privacy Commissioner John Edwards told Reseller News government agencies’ adoption of offshore-based cloud services was supported by a number of Cabinet decisions and the government chief digital officer.

"It is for the Department of Internal Affairs to revise and update any guidance and recommendations in light of this new law," he said.

Agencies that have migrated to data centres in Australia should also do their own assessment of the risks, as the commissioner had done.

"My office migrated to Microsoft’s Azure service in late 2018, storing our data in Microsoft’s data centres in Sydney," Edwards said. "We have considered the impact of the change in Australian law and have formed the view that it does not materially affect our risk.

"We continue to be satisfied with our current arrangement, which has provided significant efficiencies and benefits to our business."

Lowndes Jordan partner and technology and privacy specialist Rick Shera said, while he hadn’t looked at the Australian provisions in detail, he wasn't sure the Australian law was much different from New Zealand's new Telecommunications Interception Capability and Security Act (TICSA) in terms of central government review and approval of infrastructure change by network providers and in terms of interception access.

"It seems to me that the position with respect to over the top providers remains unclear on both sides of the ditch," he said. "Particularly with respect to requirements to decrypt.  

"I can therefore understand DIA not wanting to depart from the status quo until there are some use cases under the new Australian legislation that they can assess."


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags governmentCloud

Featured

Slideshows

Tech industry comes out in force as Lancom turns 30

Tech industry comes out in force as Lancom turns 30

A host of leading vendors and customers came together to celebrate the birthday of Lancom Technology in New Zealand, as the technology provider turned 30.

Tech industry comes out in force as Lancom turns 30
The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Show Comments