Hong Kong activists now face a choice: stay silent, or flee the city. The world must give them a path to safety



Sipa USA Willie Siau / SOPA Images/Sipa U

Brendan Clift, University of Melbourne

In recent days, the prime ministers of the UK and Australia each declared they are working toward providing safe haven visas for Hong Kong residents. In the US, lawmakers passed a bill that would impose sanctions on businesses and individuals that support China’s efforts to restrict Hong Kong’s autonomy.

The prospect of a shift from rhetoric to action reveals just how dire the situation in China’s world city has become.

July 1 is usually associated with Hong Kong’s annual pro-democracy march. This year, it saw around 370 arrests as protesters clashed with police under the shadow of a brand new national security law.




Read more:
‘We fear Hong Kong will become just another Chinese city’: an interview with Martin Lee, grandfather of democracy


Hong Kong police have been cracking down hard on demonstrators for over a year – with Beijing’s blessing – and most of this week’s arrests were possible simply because police had banned the gathering.

But ten arrests were made under the national security law for conduct including the possession of banners advocating Hong Kong independence.

Already, a pro-democracy political party has disbanded and activists are fleeing the city.

What’s in the national security law and how it could be applied

The national security law had been unveiled just hours earlier, its details kept secret until this week. It was imposed on Hong Kong in unprecedented circumstances when Chief Executive Carrie Lam, Beijing’s appointed leader in the city, bypassed the local legislature and promulgated it directly.

The law creates four main offences: secession, subversion, terrorism and collusion with foreign forces to endanger national security.

Hong Kong law already contains some offences of this sort, including treason, a disused colonial relic, and terrorism, tightly defined by statute. The new national security offences are different beasts – procedurally unique and alarmingly broad.

Secession, for example, includes the acts of inciting, assisting, supporting, planning, organising or participating in the separation or change of status of any part of China, not necessarily by force. This is calculated to prevent even the discussion of independence or self-determination for Hong Kong.

More than 300 people were detained at a protest this week and ten were arrested under the new law.
e: Sipa USA Willie Siau/SOPA Images/Sipa U

Collusion includes making requests of or receiving instructions from foreign countries, institutions or organisations to disrupt laws or policies in or impose sanctions against Hong Kong or China.

This is aimed at barring Hong Kongers from lobbying foreign governments or making representations at the United Nations, which many protesters have done in the past year.

The law contains severe penalties: for serious cases, between ten years and life imprisonment. It also overrides other Hong Kong laws. The presumption in favour of bail, for instance, will not apply in national security cases, facilitating indefinite detention of accused persons.

Defendants can be tried in Hong Kong courts, but in a major departure from the city’s long-cherished judicial independence, the chief executive will personally appoint the judges for national security cases.

The chief executive also decides if a trial involves state secrets – a concept defined very broadly in China. In these cases, open justice is abandoned and trials will take place behind closed doors with no jury.

A black Hong Kong flag burning last month during an anti-government demonstration.
Viola Kam/SOPA Images/Sipa USA

While Hong Kong courts can apply the new national security law, the power to interpret it lies with Beijing alone. And in the most serious cases, mainland Chinese courts can assume jurisdiction.

This raises the prospect of political prisoners being swallowed up by China’s legal system, which features no presumption of innocence and nominal human rights guarantees. China also leads the world in executions.

Much of the national security law’s content contradicts fundamental principles of Hong Kong’s common law legal system and the terms of its mini-constitution, the Basic Law.

Even the territory’s justice minister – another unelected political appointee – has admitted the systems are incompatible.




Read more:
Hong Kong: does British offer of citizenship to Hongkongers violate Thatcher’s deal with China?


Why it is deliberately vague

In the typical style of mainland Chinese laws, the national security law is drafted in vague and general terms. This is designed to give maximum flexibility to law enforcement and prosecutors, while provoking maximum fear and compliance among the population.

The government has said calls for independence for Hong Kong, Tibet, Xinjiang and even Taiwan are now illegal, as is the popular protest slogan “liberate Hong Kong; revolution of our times”.

Posting Hong Kong independence stickers can now lead to severe punishments.
Sipa USA Willie Siau / SOPA Images/Sipa U

A Beijing spokesman has said the charge of collusion to “provoke hatred” against the Hong Kong government could be used against people who spread rumours that police beat protesters to death in a notorious subway station clash last year, echoing the infamous mainland Chinese law against “picking quarrels and provoking trouble”.

The law does not appear to be retroactive, but fears that it could be interpreted that way have caused a flurry of online activity as people have deleted social media accounts and posts associating them with past protests.

This is unsurprising given the Hong Kong government’s record of trawling through old social media posts for reasons to bar non-establishment candidates from standing at elections.

Dissent in any form becomes extremely hazardous

Despite the promise of autonomy for Hong Kong, enshrined in a pre-handover treaty with the UK that China claims is now irrelevant, the national security law has escalated the project to “harmonise” the upstart region by coercive means, rather than addressing the root causes of dissatisfaction.

Under the auspices of the new law, the Chinese government will openly establish a security agency, with agents unaccountable under local law, in Hong Kong for the first time. It has also authorised itself in the new law to extend its tendrils further into civil society, with mandates to manage the media, the internet, NGOs and school curricula.

Under the weight of this authoritarian agenda, dissent in any form becomes an extremely hazardous prospect. It is no doubt Beijing’s intention that it will one day be impossible – or better yet, something Hong Kongers would not even contemplate.




Read more:
China is taking a risk by getting tough on Hong Kong. Now, the US must decide how to respond


The aim of silencing all opposing voices – including those overseas – is clear from the purported extraterritorial operation of the law.

The international community has condemned Beijing’s actions, but its members have a responsibility to follow words with actions. The least that democratic countries like the US, UK, Australia and others can do is offer a realistic path to safety for the civic-minded Hong Kongers who have stood up to the world’s premier authoritarian power at grave personal risk.

Some 23 years after China achieved its long-held ambition of regaining Hong Kong, it has failed to win hearts and minds and has brought out the big stick. Its promises may have been hollow, but its threats are not.The Conversation

Brendan Clift, Teaching Fellow and PhD candidate, University of Melbourne

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Don’t be phish food! Tips to avoid sharing your personal information online



Shutterstock

Nik Thompson, Curtin University

Data is the new oil, and online platforms will siphon it off at any opportunity. Platforms increasingly demand our personal information in exchange for a service.

Avoiding online services altogether can limit your participation in society, so the advice to just opt out is easier said than done.

Here are some tricks you can use to avoid giving online platforms your personal information. Some ways to limit your exposure include using “alternative facts”, using guest check-out options, and a burner email.

Alternative facts

While “alternative facts” is a term coined by White House press staff to describe factual inaccuracies, in this context it refers to false details supplied in place of your personal information.




Read more:
Hackers are now targeting councils and governments, threatening to leak citizen data


This is an effective strategy to avoid giving out information online. Though platforms might insist you complete a user profile, they can do little to check if that information is correct. For example, they can check whether a phone number contains the correct amount of digits, or if an email address has a valid format, but that’s about it.

When a website requests your date of birth, address, or name, consider how this information will be used and whether you’re prepared to hand it over.

There’s a distinction to be made between which platforms do or don’t warrant using your real information. If it’s an official banking or educational institute website, then it’s important to be truthful.

But an online shopping, gaming, or movie review site shouldn’t require the same level of disclosure, and using an alternative identity could protect you.

Secret shopper

Online stores and services often encourage users to set up a profile, offering convenience in exchange for information. Stores value your profile data, as it can provide them additional revenue through targeted advertising and emails.

But many websites also offer a guest checkout option to streamline the purchase process. After all, one thing as valuable as your data is your money.

So unless you’re making very frequent purchases from a site, use guest checkout and skip profile creation altogether. Even without disclosing extra details, you can still track your delivery, as tracking is provided by transport companies (and not the store).

Also consider your payment options. Many credit cards and payment merchants such as PayPal provide additional buyer protection, adding another layer of separation between you and the website.

Avoid sharing your bank account details online, and instead use an intermediary such as PayPal, or a credit card, to provide additional protection.

If you use a credit card (even prepaid), then even if your details are compromised, any potential losses are limited to the card balance. Also, with credit cards this balance is effectively the bank’s funds, meaning you won’t be charged out of pocket for any fraudulent transactions.

Burner emails

An email address is usually the first item a site requests.

They also often require email verification when a profile is created, and that verification email is probably the only one you’ll ever want to receive from the site. So rather than handing over your main email address, consider a burner email.

This is a fully functional but disposable email address that remains active for about 10 minutes. You can get one for free from online services including Maildrop, Guerilla Mail and 10 Minute Mail.

Just make sure you don’t forget your password, as you won’t be able to recover it once your burner email becomes inactive.

The 10 Minute Mail website offers free burner emails.
screenshot

The risk of being honest

Every online profile containing your personal information is another potential target for attackers. The more profiles you make, the greater the chance of your details being breached.

A breach in one place can lead to others. Names and emails alone are sufficient for email phishing attacks. And a phish becomes more convincing (and more likely to succeed) when paired with other details such as your recent purchasing history.

Surveys indicate about half of us recycle passwords across multiple sites. While this is convenient, it means if a breach at one site reveals your password, then attackers can hack into your other accounts.

In fact, even just an email address is a valuable piece of intelligence, as emails are used as a login for many sites, and a login (unlike a password) can sometimes be impossible to change.

Obtaining your email could open the door for targeted attacks on your other accounts, such as social media accounts.




Read more:
The ugly truth: tech companies are tracking and misusing our data, and there’s little we can do


In “password spraying” attacks“, cybercriminals test common passwords against many emails/usernames in hopes of landing a correct combination.

The bottom line is, the safest information is the information you never release. And practising alternatives to disclosing your true details could go a long way to limiting your data being used against you.The Conversation

Nik Thompson, Senior Lecturer, Curtin University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Australia doesn’t need more anti-terror laws that aren’t necessary – or even used



Mick Tsikas/AAP

Keiran Hardy, Griffith University

Home Affairs Minister Peter Dutton has introduced a new bill that will amend the controversial questioning and detention powers held by the Australian Security Intelligence Organisation (ASIO).

While some changes are welcome, others are a cause for concern. One major change is that the legislation will allow ASIO officers to coercively question children as young as 14.

For this bill to be passed, Home Affairs must offer a stronger justification as to why the expanded powers are needed in the current security climate.




Read more:
Australia has enacted 82 anti-terror laws since 2001. But tough laws alone can’t eliminate terrorism


Calls for new counter-terrorism powers have become commonplace in Australia, to the point where we now have more than 80 laws directed at the threat of terrorism.

Any call for additional powers should be met with careful scrutiny, particularly when the rights of children are at stake.

Repealing controversial detention powers

One of the biggest changes in the bill is that it would repeal ASIO’s power to detain people for questioning. Currently, ASIO has the power to seek a questioning and detention warrant (QDW) that allows people to be detained for up to one week. Detention can be approved if a person is likely to fail to appear for questioning, alert someone involved in terrorism, or tamper with evidence.

During that period, a person can be questioned in eight-hour blocks up to a maximum of 24 hours. This is purely an intelligence-gathering exercise, and is not related to any investigation for a criminal offence. The questioning can be approved if it would

substantially assist the collection of intelligence that is important in relation to a terrorism offence

The questioning is coercive, in that a person faces five years in prison for failing to answer any of ASIO’s questions. The powers are also highly secretive: it’s five years in prison for anyone who reveals anything about a warrant.

These powers are some of Australia’s most controversial anti-terror laws, as no democratic country has granted its domestic intelligence agency the same power to detain people for questioning.

Reviews by the Independent National Security Legislation Monitor, the Parliamentary Joint Committee on Intelligence and Security and the COAG review of counter-terrorism legislation have all recommended this power be repealed. Such a move would be welcome.

Expanded powers to question minors

At the same time, the bill will expand ASIO’s power to seek questioning warrants (QWs). These trigger all the same questioning processes and criminal offences as QDWs, they just don’t allow ASIO to detain the person outside the questioning period.

If the bill passes, QWs will be split into “adult questioning warrants” and “minor questioning warrants”. Minor questioning warrants will be available for children as young as 14 who are “likely to engage in” politically motivated violence.

This significantly widens the current thresholds. QWs are currently available for 16-year-olds only when the attorney-general is satisfied the person “will commit, is committing or has committed a terrorism offence”.

Some additional safeguards will protect minors under the new measures. Before issuing a questioning warrant, for instance, the attorney-general will need to consider the “best interests” of the child.

This is consistent with international law requirements and Australia’s expanded control order regime, which can include electronic tagging and curfews.




Read more:
Control orders for kids won’t make us any safer


Under the proposed laws, a young person can only be questioned in blocks of two hours or less, and a lawyer must be present during all questioning.

However, restrictions currently placed on lawyers will be retained. Lawyers, whether acting for young people or adults, are not allowed to intervene in questioning, except to clarify an ambiguous question. They can even be kicked out of the room, and a new lawyer appointed, if they “unduly” disrupt the questioning.

These restrictions will significantly undermine the ability of lawyers to protect children from any forceful or inappropriate questioning by ASIO officers.

Are the changes even needed?

Dutton has justified the proposed changes by claiming Australia faces a significant threat of terrorism from young people. While we cannot know the intelligence on which this assessment is based, the urgent need for these changes is doubtful.

The statistics show that questioning warrants are used very rarely. The last QW was issued in 2010, and the last one before that in 2006.

Only 16 QWs have ever been issued since their introduction in 2003, and none since the threat from Islamic State emerged.




Read more:
Australia’s quest for national security is undermining the courts and could lead to secretive trials


Given this record, it is difficult to see how QWs for 14-year-olds are suddenly needed to prevent acts of terrorism.

Indeed, in a recent PJCIS inquiry, ASIO explained their lack of use by saying the powers were difficult to approve on a short timeframe. This made them not very useful for the kinds of low-tech attacks seen in recent years, such as stabbings and shootings, which require little advance planning.

If the new powers are passed in the bill, they should at least be sunsetted to expire after three years, rather than the proposed ten. Without this amendment, more extraordinary counter-terrorism powers will be on Australia’s statute books for the foreseeable future.The Conversation

Keiran Hardy, Postdoctoral Research Fellow, Griffith Criminology Institute, Griffith University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

How safe is COVIDSafe? What you should know about the app’s issues, and Bluetooth-related risks



Shutterstock

James Jin Kang, Edith Cowan University and Paul Haskell-Dowland, Edith Cowan University

The Australian government’s COVIDSafe app has been up and running for almost a fortnight, with more than five million downloads.

Unfortunately, since its release many users – particularly those with iPhones – have been in the dark about how well the app works.

Digital Transformation Agency head Randall Brugeaud has now admitted the app’s effectiveness on iPhones “deteriorates and the quality of the connection is not as good” when the phone is locked, and the app is running in the background.

There has also been confusion regarding where user data is sent, how it’s stored, and who can access it.

Conflicts with other apps

Using Bluetooth, COVIDSafe collects anonymous IDs from others who are also using the app, assuming you come into range with them (and their smartphone) for a period of at least 15 minutes.

Bluetooth must be kept on at all times (or at least turned on when leaving home). But this setting is specifically advised against by the Office of the Australian Information Commissioner.

It’s likely COVIDSafe isn’t the only app that uses Bluetooth on your phone. So once you’ve enabled Bluetooth, other apps may start using it and collecting information without your knowledge.

Bluetooth is also energy-intensive, and can quickly drain phone batteries, especially if more than one app is using it. For this reason, some may be reluctant to opt in.

There have also been reports of conflicts with specialised medical devices. Diabetes Australia has received reports of users encountering problems using Bluetooth-enabled glucose monitors at the same time as the COVIDSafe app.

If this happens, the current advice from Diabetes Australia is to uninstall COVIDSafe until a solution is found.

Bluetooth can still track your location

Many apps require a Bluetooth connection and can track your location without actually using GPS.

Bluetooth “beacons” are progressively being deployed in public spaces – with one example in Melbourne supporting visually impaired shoppers. Some apps can use these to log locations you have visited or passed through. They can then transfer this information to their servers, often for marketing purposes.

To avoid apps using Bluetooth without your knowledge, you should deny Bluetooth permission for all apps in your phone’s settings, and then grant permissions individually.

If privacy is a priority, you should also read the privacy policy of all apps you download, so you know how they collect and use your information.

Issues with iPhones

The iPhone operating system (iOS), depending on the version, doesn’t allow COVIDSafe to work properly in the background. The only solution is to leave the app running in the foreground. And if your iPhone is locked, COVIDSafe may not be recording all the necessary data.

You can change your settings to stop your iPhone going into sleep mode. But this again will drain your battery more rapidly.

Brugeaud said older models of iPhones would also be less capable of picking up Bluetooth signals via the app.

It’s expected these issues will be fixed following the integration of contact tracing technology developed by Google and Apple, which Brugeaud said would be done within the next few weeks.




Read more:
The COVIDSafe bill doesn’t go far enough to protect our privacy. Here’s what needs to change


Vulnerabilities to data interception

If a user tests positive for COVID-19 and consents to their data being uploaded, the information is then held by the federal government on an Amazon Web Services server in Australia.

Data from the app is stored on a user’s device and transmitted in an encrypted form to the server. Although it’s technically possible to intercept such communications, the data would still be encrypted and therefore offer little value to an attacker.

The government has said the data won’t be moved offshore or made accessible to US law enforcement. But various entities, including Australia’s Law Council, have said the privacy implications remain murky.

That said, it’s reassuring the Amazon data centre (based in Sydney) has achieved a very high level of security as verified by the Australian Cyber Security Centre.

Can the federal government access the data?

The federal government has said the app’s data will only be made available to state and territory health officials. This has been confirmed in a determination under the Biosecurity Act and is due to be implemented in law.

Federal health minister Greg Hunt said:

Not even a court order during an investigation of an alleged crime would be allowed to be used [to access the data].

Although the determination and proposed legislation clearly define the who and how of access to COVIDSafe data, past history indicates the government may not be best placed to look after our data.

It seems the government has gone to great lengths to promote the security and privacy of COVIDSafe. However, the government commissioned the development of the app, so someone will have the means to obtain the information stored within the system – the “keys” to the vault.

If the government did covertly obtain access to the data, it’s unlikely we would find out.

And while contact information stored on user devices is deleted on a 21-day rolling basis, the Department of Health has said data sent to Amazon’s server will “be destroyed at the end of the pandemic”. It’s unclear how such a date would be determined.

Ultimately, it comes down to trust – something which seems to be in short supply.




Read more:
The COVIDSafe app was just one contact tracing option. These alternatives guarantee more privacy


The Conversation


James Jin Kang, Lecturer, Computig and Security, Edith Cowan University and Paul Haskell-Dowland, Associate Dean (Computing and Security), Edith Cowan University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Cyber threats at home: how to keep kids safe while they’re learning online



Shutterstock

Paul Haskell-Dowland, Edith Cowan University and Ismini Vasileiou, De Montfort University

Before COVID-19, children would spend a lot of the day at school. There they would be taught about internet safety and be protected when going online by systems that filter or restrict access to online content.

Schools provide protective environments to restrict access to content such as pornography and gambling. They also protect children from various threats such as viruses and unmoderated social media.

This is usually done using filters and blacklists (lists of websites or other resources that aren’t allowed) applied to school devices or through the school internet connection.

But with many children learning from home, parents may not be aware of the need for the same safeguards.

Many parents are also working from home, which may limit the time to explore and set up a secure online environment for their children.

So, what threats are children exposed to and what can parents do to keep them safe?

What threats might children face?

With an increased use of web-based tools, downloading new applications and a dependence on email, children could be exposed to a new batch of malware threats in the absence of school-based controls.

This can include viruses and ransomware – for example, CovidLock (an application offering coronavirus related information) that targets the Android operating system and changes the PIN code for the lock-screen. If infected, the user can lose complete access to their device.

Children working at home are not usually protected by the filters provided by their school.

Seemingly innocent teaching activities like the use of YouTube can expose children to unexpected risks given the breadth of inappropriate adult content available.

Most videos end with links to a number of related resources, the selection of which is not controlled by the school. Even using YouTube Kids, a subset of curated YouTube content filtered for appropriateness, has some risks. There have been reports of content featuring violence, suicidal themes and sexual references.




Read more:
Can you keep your kids safe watching YouTube?


Many schools are using video conferencing tools to maintain social interaction with students. There have been reports of cases of class-hijacking, including Zoom-bombing where uninvited guests enter the video-conference session.

The FBI Boston field office has documented inappropriate comments and imagery introduced into an online class. A similar case in Connecticut resulted in a teenager being arrested after further Zoom-bombing incidents.




Read more:
‘Zoombombers’ want to troll your online meetings. Here’s how to stop them


Because video conferencing is becoming normalised, malicious actors (including paedophiles) may seek to exploit this level of familiarity. They can persuade children to engage in actions that can escalate to inappropriate sexual behaviours.

The eSafety Office has reported a significant increase in a range of incidents of online harm since early March.

In a particularly sickening example, eSafety Office investigators said:

In one forum, paedophiles noted that isolation measures have increased opportunities to contact children remotely and engage in their “passion” for sexual abuse via platforms such as YouTube, Instagram and random webchat services.

Some families may be using older or borrowed devices if there aren’t enough for their children to use. These devices may not offer the same level of protection against common internet threats (such as viruses) as they may no longer be supported by the vendor (such as Microsoft or Apple) and be missing vital updates.

They may also be unable to run the latest protective software (such as antivirus) due to incompatibilities or simply being under-powered.

Error message when attempting to install a new application on an older device.
Author provided

What can parents do to protect children?

It’s worth speaking with the school to determine what safeguards may still function while away from the school site.

Some solutions operate at device-level rather than based on their location, so it is possible the standard protections will still be applicable at home.

Some devices support filters and controls natively. For example, many Apple devices offer ScreenTime controls to limit access to apps and websites and apply time limits to device use (recent Android devices might have the Digital Wellbeing feature with similar capabilities).

Traditional mechanisms like firewalls and anti-virus tools are still essential on laptops and desktop systems. It is important these are not just installed and forgotten. Just like the operating systems, they need to be regularly updated.

There is a wealth of advice available to support children using technology at home.

The Australian eSafety Commissioner’s website, for instance, provides access to:

But if you’re feeling overwhelmed by these materials, some key messages include:

  • ensuring (where appropriate) the device is regularly updated. This can include updating the operating system such as Windows, Android or Mac

  • using appropriate antivirus software (and ensuring it is also kept up to date)

  • applying parental controls to limit screen time, specific app use (blocking or limiting use), or specific website blocks (such as blocking access to YouTube)

  • on some devices, parental controls can limit use of the camera and microphone to prevent external communication

  • applying age restrictions to media content and websites (the Communications Alliance has a list of accredited family friendly filters)

  • monitoring your child’s use of apps or web browsing activities

  • when installing apps for children, checking online and talking to other parents about them

  • configuring web browsers to use “safe search”

  • ensuring children use devices in sight of parents

  • talking to your children about online behaviours.




Read more:
Children can be exposed to sexual predators online, so how can parents teach them to be safe?


While technology can play a part, ensuring children work in an environment where there is (at least periodic) oversight by parents is still an important factor.The Conversation

Paul Haskell-Dowland, Associate Dean (Computing and Security), Edith Cowan University and Ismini Vasileiou, Associate Professor in Information Systems, De Montfort University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

In the wake of bushfires and coronavirus, it’s time we talked about human security



AAP/Lukas Coch

Dennis Altman, La Trobe University

The term “human security” was first adopted by the United Nations Development Program in 1994. We speak far less of it now than we did then. Yet the cataclysmic events of this year should remind us national security is no longer to be thought of in terms of conventional warfare and military expenditure.

Put simply, human security encompasses all those threats to survival that are not military or state-sponsored, and therefore tend to fall beneath the radar of those who imagine security in conventionally “hard” terms.

The recent bushfires and the coronavirus pandemic reveal imminent threats from climate change and global diseases that threaten the very survival of what we take for granted. Yet governments have been far less willing to commit to responding to these issues than to increasing military budgets.

When the concept of human security emerged it was designed to address seven themes: “economic, food, health, environmental, personal, community and political security”. While these terms may seem too broad to be useful, all of them are directly related to the crises now facing the world.

These crises have taken me back to a large research project with several colleagues on rethinking the relevance of human security.

There is a voluminous literature on the meaning and limitations of human security. When he launched the book based on our research, the former foreign minister Gareth Evans defined it as an attempt to link conventional understandings of national security with the needs of human development:

The concept of human security was broad enough to advance both freedom from fear and freedom from want.

In the book, I wrote:

Australia is unlikely to face a military invasion, of the sort we might have experienced in World War II, but its security is threatened by a series of global upheavals around food, water, new epidemics, transnational crime and climate change.

I might now add cybersecurity to that list.

Over the past few years, the Australian government has increased military expenditures to the point where we are now among the top 15 countries ranked on defence spending.

Of course, our expenditure is trivial compared to the United States and China, but there is a powerful lobby pushing to increase it. At the same time, the government has made major cuts to overseas development assistance, is resisting the need to seriously cut emissions and appeared unprepared for the severity of the coronavirus epidemic.

Growing concern about the rise of China and the unpredictability of the United States has meant we ignore the more immediate threats to our security, even as they are looming around us. Most troubling, perhaps, is the government’s dislike of global institutions in a period when we need global cooperation more than ever.

Prime Minister Scott Morrison has made several attacks on what he terms an “unaccountable internationalist bureaucracy”. In this he appears to be following the lead of US President Donald Trump. Our declining foreign assistance budget is lessening the capacity of countries in our region to respond to health and climate emergencies.

The failure of the United States to provide leadership on either climate change or the coronavirus has emphasised the importance of great powers grasping that even their survival depends upon global action. Arguably the authoritarian Chinese regime, for all its unpleasantness, understands this better than the Trump administration.

It is a common aphorism that generals always fight the last war. Debates about the rise of China and the need to increase our military capabilities overlook the fact the most immediate threats to national security are not conventional military ones.

There are hints of this in Australia’s foreign policy. A statement from Foreign Minister Marise Payne noted:

Australia’s longstanding and ongoing security cooperation with Pacific countries covers defence, law enforcement, transnational crime, climate and disaster resilience, border management and human security.

But the shadow minister, Penny Wong, has argued:

‘Security’ has a much broader connotation than the more threat-based protective and response concepts on which a lot of public policy concentrates.

But these statements stand apart from mainstream debates about “national security”, which remain dominated by concerns about military build-ups and terrorism.

After unparalleled bushfires and coronavirus, the concept of human security gives us the language to reassess the most immediate threats to our survival and the need for global cooperation to respond to them.The Conversation

Dennis Altman, Professorial Fellow in Human Security, La Trobe University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Why the government’s proposed facial recognition database is causing such alarm



Andrew Hastie said the broad objectives of the identity-matching system were sound, but key changes were needed to ensure privacy and transparency.
Lukas Coch/AAP

Sarah Moulds, University of South Australia

Since before the 2019 election, the Morrison government has been keen to introduce a new scheme that would allow government agencies, telecos and banks to use facial recognition technology to collect and share images of people across the country.

While there are some benefits to such a system – making it easier to identify the victims of natural disasters, for example – it has been heavily criticised by human rights groups as an attempt to introduce mass surveillance to Australia and an egregious breach of individual privacy.

The plan hit a roadblock when the government-controlled Parliamentary Joint Committee on Intelligence and Security (PJCIS) handed down an extensive report calling for significant changes to the legislation to ensure stronger privacy protections and other safeguards against misuse.




Read more:
Close up: the government’s facial recognition plan could reveal more than just your identity


What are the identity-matching laws?

The identity-matching bills aim to set up a national database of images captured through facial recognition technology and other pieces of information used to identify people, such as driver’s licenses, passports, visa photos. This information could then be shared between government agencies, and in some cases, private organisations like telcos and banks, provided certain legal criteria are met.

The proposed database follows an agreement reached by the Commonwealth and the states and territories in 2017 to facilitate the “secure, automated and accountable” exchange of identity information to help combat identity crime and promote community safety.

Critical to this agreement was that the system include “robust privacy safeguards” to guard against misuse.

The agreement gave the federal government the green light to introduce laws to set up the identity-matching system.




Read more:
Why regulating facial recognition technology is so problematic – and necessary


Access to the service could potentially encompass a wide range of purposes. For example, a government agency could use the system to identify people thought to be involved in identity fraud or considered threats to national security.

But the bill also includes more pedestrian uses, such as in cases of “community safety” or “road safety”.

The proposed laws contain some safeguards against misuse, including criminal sanctions when an “entrusted person” discloses information for an unauthorised purpose. In addition, access by banks or other companies and local councils can only occur with the consent of the person seeking to have their identity verified.

However, much of the detail about precisely who can access the system and what limits apply is not set out in the bills. This will be determined through government regulation or subsequent intergovernmental agreements.

Concerns about scope and safeguards

The Coalition government’s bills were first introduced in 2018, but didn’t come up for a vote. After the government reintroduced the bills in July, the PJCIS launched an inquiry and invited public submissions.

Legal bodies have argued that amendments are needed to tighten the boundaries of who can access the identity-matching services and for what purposes. They note that as currently drafted, the proposed laws give too much discretionary power to government officials and actually create opportunities for identity theft.




Read more:
DNA facial prediction could make protecting your privacy more difficult


This is particularly problematic when coupled with the potential for the rapid spread of facial recognition technology in Australian streets, parks and transport hubs.

The Human Rights Law Centre said the proposed system is “more draconian” than the one launched in the UK. Another concern is that it could be used by a wide range of agencies to confirm the identity of any Australian with government-approved documentation (such as a passport or driver’s license), regardless of whether they are suspected of a crime.

The Australian Human Rights Commission also pointed to research suggesting the software used to capture or match facial imagery could result in higher error rates for women and people from certain ethnic groups.

What’s next for the bills?

When handing down the committee’s unanimous report, Andrew Hastie said the broad objectives of the identity-matching system were sound, but key changes were needed to ensure privacy protections and transparency.

While the PJCIS cannot actually stop the bills from being passed, it has a strong track record of turning its recommendations into legislative amendments.

The states and territories also have an interest in ensuring a national identity-matching scheme gets the balance right when it comes to addressing identity crime and assisting law enforcement and protecting individual privacy.

The question is whether these calls for improvements will be loud enough to put these bills back on the drawing board.

The future of the legislation will tell us something important about the strength of human rights protections in Australia, which rely heavily on parliamentary bodies like the PJCIS to help raise the alarm when it comes to rights-infringing laws.The Conversation

Sarah Moulds, Lecturer of Law, University of South Australia

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Australia’s quest for national security is undermining the courts and could lead to secretive trials



Bernard Collaery’s whistleblower trial will be a key test of the National Security Information Act and the restrictions it places on defendants and the courts.
Lukas Coch/AAP

Keiran Hardy, Griffith University

This is part of a new series looking at the national security challenges facing Australia, how our leaders are responding to them through legislation and how these measures are impacting society. Read other stories in the series here.


In August, the intelligence officer known as Witness K indicated he would plead guilty to a conspiracy charge under section 39 of the Intelligence Services Act. That section prohibits the disclosure of information acquired or prepared by the Australian Secret Intelligence Service (ASIS).

His lawyer, Bernard Collaery, will contest the same charge in the ACT Supreme Court.

Concerns have been raised about the use of the National Security Information Act (NSIA) in the Collaery trial. Anthony Whealy, a former judge who presided over several of Australia’s recent terrorism trials, said

This could be one of the most secretive trials in Australian history.

Both cases will be back in court this month. A hearing is also scheduled to consider how national security information will be dealt with in the Collaery trial.

There has been significant media discussion around the ASIS bugging that Witness K and Bernard Collaery exposed, but less about the NSIA.

So what is the National Security Information Act? Why was it introduced and how could it lead to secretive trials?

Having its cake and eating it, too

The purpose of the NSIA is to protect national security information while allowing it to be used in Australian courtrooms. It applies in federal court proceedings, both civil and criminal.

Before the NSIA, prosecutors faced a difficult choice. They could prosecute someone for terrorism, national security or secrecy offences and risk having sensitive information disclosed publicly, or they could keep the information secret and possibly have the prosecution fail.

The act was introduced in 2004 as part of Australia’s vast suite of counter-terrorism laws, designed specifically to help prosecutors convict people for terrorism offences.

Now, the government can have its cake and eat it too: it no longer needs to choose between protecting sensitive information and prosecuting someone for disclosing it.




Read more:
Australia has enacted 82 anti-terror laws since 2001. But tough laws alone can’t eliminate terrorism


What does the NSIA do?

The NSIA creates special procedures by which national security information can be protected while still being used as evidence.

National security information is defined broadly under the act as any information relating to

Australia’s defence, security, international relations or law enforcement interests.

There are two circumstances in which the NSIA procedures can be triggered. The first is when the parties know in advance they are likely to reveal national security information during the trial. The parties must notify the attorney-general of this, or face two years in prison.

The second set of circumstances relates to when a witness is being questioned on the stand and an answer has the potential to reveal national security information. If a lawyer or the defendant knows this could happen, he or she must stop the witness from answering and notify the court, or the same penalty applies.




Read more:
Why an Australian charter of rights is a matter of national urgency


In either of these circumstances, the attorney-general can issue a non-disclosure certificate that prohibits the information from being revealed or allows it to be revealed in summary or redacted form. The court then holds a closed hearing in which the judge will determine whether and how the information may be used.

In a closed hearing, not only are journalists and members of the public barred from attending, but also the jury. The judge may even exclude the defendant, the defendant’s lawyer or a court official if revealing the information to them would be likely to compromise national security.

Supporters of Bernard Collaery and Witness K protesting outside Supreme Court in Canberra in August.
Lukas Coch/AAP

Withholding information from defendants

That the legislation permits closed hearings is not necessarily the main issue, though this certainly undermines the principles of open justice. However, closed hearings are an option in other sensitive cases, such as those involving child victims of sexual assault.

The main problem with the NSIA is that it creates a situation in which national security information can be used in a courtroom without the defendant, jury, media or general public knowing the details of that information.

Producing evidence in summary or redacted form means that the gist of the information is provided, but key details are kept secret. In fact, it is not even clear under Australian law that something approximating a gist needs to be given.




Read more:
From Richard Boyle and Witness K to media raids: it’s time whistleblowers had better protection


This undermines the defendant’s ability to argue their innocence. A core aspect of procedural fairness and the right to a fair trial is that defendants must know the case against them. This allows their lawyers to contest the veracity of the evidence through cross-examination.

Without knowing when or how the prosecution’s evidence was collected, or even the precise claims the evidence is making, lawyers cannot adequately defend their clients. They are fighting with one hand tied behind their backs.

Weighing national security vs a fair trial

Moreover, in deciding how potentially sensitive information can be used in court, judges must give greater weight to national security than the defendant’s right to receive a fair hearing.

In other words, the NSIA does not require a judge to balance national security and a fair trial equally. More weight must be given to the former under the law.

It may be that judges can still strike an appropriate balance so defendants receive a fair hearing in cases like these. But if a contest between national security and a fair trial needs to be decided, it is clear which one wins.

Using the NSIA in the Collaery trial is also significant because the accused is a whistleblowing lawyer and not someone accused of terrorism.

After the recent police raids on the ABC headquarters, the home of a News Corp journalist and the home of an Australian Signals Directorate officer, the Australian media will be watching this trial closely.

It is likely, given the sensitive nature of the ASIS bugging scandal, that information will be withheld from Collaery’s defence team for national security reasons. This is a significant test case for whether whistleblowers can receive a fair trial in the current climate of government secrecy.The Conversation

Keiran Hardy, Postdoctoral Research Fellow, Griffith Criminology Institute, Griffith University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

There’s no clear need for Peter Dutton’s new bill excluding citizens from Australia


Sangeetha Pillai, UNSW

Yesterday, the government introduced a bill into Parliament that, if passed, would allow the home affairs minister Peter Dutton to temporarily exclude some Australian citizens – including children – from returning to Australia.

The bill is aimed at mitigating threats posed by foreign fighters coming back to Australia from conflicts in Syria and Iraq. It was first put before Parliament in February, and has now been reintroduced with some amendments.




Read more:
Why is it so difficult to prosecute returning fighters?


The bill draws on similar legislation in the UK and, if passed, would add to an arsenal of around 75 pieces of anti-terrorism legislation currently operating in Australia.

National security laws must continue to adapt to changing circumstances. But the government has not made it clear how the bill would fill an identified gap in Australia’s already extensive national security regime.

How would the bill work?

If passed, the bill will allow the minister to issue a Temporary Exclusion Order (TEO) preventing an Australian citizen who is overseas from re-entering Australia. These exclusion orders aren’t designed to exclude citizens from Australia forever, but rather to provide a system that manages their return.

A TEO can be imposed on a citizen outside Australia if they are at least 14 years old, and:

  • the minister reasonably suspects that issuing the TEO would substantially help prevent terrorism-related acts, or

  • ASIO has assessed the person to be a direct or indirect risk to security, for reasons related to political violence. ASIO doesn’t need to be satisfied to any standard of proof when making this assessment.

But neither of these criteria actually requires a TEO candidate to have engaged in any wrongdoing.

A person may not enter Australia while a TEO is in force against them. If they do, they can face up to two years behind bars. A TEO may also require the person to surrender their Australian passport.

Each TEO can be issued for a maximum of two years, but a person may have multiple TEOs issued against them. This means the actual period of exclusion from Australia can be much longer.

So how does a return to Australia work?

The return of citizens with TEOs against them is managed through “return permits”. This is designed to allow the government to monitor and control foreign fighters’ entry and presence in Australia. A return permit must be issued if the person applies for one, or if a foreign country moves to deport them to Australia.




Read more:
How can we understand the origins of Islamic State?


A return permit may prescribe various conditions. Significantly, it doesn’t guarantee an immediate right to return to Australia – a person may be prohibited from entering Australia for up to 12 months after the permit is issued.

Once in Australia, a range of post-entry conditions may also be imposed. These can include passport surrender, and requirements to report changes to residence or employment, contact with particular individuals and technology use.

Breaching the conditions of a return permit is an offence, punishable by up to two years in prison.

Are the proposed laws constitutional and compatible with international law?

The right to return to one’s country is commonly regarded as a core aspect of citizenship. And some experts have argued that a citizen’s right to return home is constitutionally protected in Australia.

But the High Court has never ruled on the question of whether a constitutional right of this nature exists, so it’s impossible to say for certain whether the bill, if passed, would be unconstitutional. Still, it’s likely to face constitutional challenge.

In any case, international law protects an individual’s right to voluntarily return to their country of citizenship. The government acknowledges that TEOs restrict a person’s capacity to do this, but says the bill is justified because it’s “reasonable, necessary and proportionate”. This, however, isn’t clear.

Does the bill contain adequate safeguards?

In April, when reviewing the original bill, the Parliamentary Joint Committee on Intelligence and Security recommended 18 changes, aimed at improving safeguards.

But the new bill only took on seven changes in full, including requiring the minister to consider specific criteria when imposing a TEO on a child, and providing independent oversight of decisions to issue TEOs.




Read more:
If Dutton had defeated Turnbull, could the governor-general have stopped him becoming prime minister?


Importantly, some of the committee’s most significant recommendations have been ignored, such as narrowing the criteria for issuing a TEO. And others have only been partially implemented.

Given the significant impact a TEO has on a person, the bill should adopt the committee’s recommendations in full.

Is the bill even necessary?

In parliament, Dutton said national security agencies advise that many Australians who have travelled to conflict zones in Syria and Iraq to support extremist groups are “likely to seek return to Australia in the very near future”, and the bill is needed to keep Australians safe.

But the government hasn’t explained why Australia’s extensive suite of existing anti-terrorism mechanisms doesn’t already adequately protect against threats posed by Australians returning from conflict zones.

Australia’s 75 pieces of legislation provide for criminal penalties, civil alternatives to prosecution, expanded police and intelligence powers, and citizenship revocation.

And they protect Australia from the risks posed by returning foreign fighters in a variety of ways.

For example, a person who returns to Australia as a known member of a terrorist organisation can be charged with an offence punishable by up to 10 years’ imprisonment. Where the person has done more – such as fight, resource or train with the organisation – penalties of up to 25 years each apply.

Although gathering sufficient evidence to prosecute returning foreign fighters can prove challenging, there are mechanisms in our legislation that already account for this.

For instance, a control order may be imposed on a person in cases where they are deemed a risk but there is not enough evidence to prosecute. This restricts the person’s actions through measures such as curfews and monitoring requirements.




Read more:
Explainer: why some acts are classified as terrorism but others aren’t


Evidence shows the existing measures work effectively. Police and intelligence agencies have successfully disrupted a significant number of terror plots using existing laws, most recently just days ago.

Arguably, this suggests Australia has not only the capacity, but also the responsibility to use the full force of our laws to bring foreign fighters to justice in Australia, rather than leave them stranded in conflict zones where their only connections may be to terrorist groups, thereby weakening global security.

Of course, if it’s to remain fit for purpose, Australia’s national security framework must continue to adapt to changing circumstances. But with extensive, demonstrably effective mechanisms in place, the government must clearly explain what gap this bill would fill. This has not been done.The Conversation

Sangeetha Pillai, Senior Research Associate, Andrew & Renata Kaldor Centre for International Refugee Law, UNSW Law School, UNSW

This article is republished from The Conversation under a Creative Commons license. Read the original article.