Imagine a world where law enforcement and government agencies can access your data on demand. That may sound like something out of a spy novel or oppressive regime, but it’s a situation that’s facing everyday Australians now.
Don’t we have a right to privacy?
Not according to the Australian Parliament, who recently passed what’s being called an “encryption-busting” piece of legislation. It gives authorities unprecedented powers that amount to an alarming degree of overreach. The new law, commonly known as the Assistance and Access Bill 2018, was passed last year amidst a lot of protest, but without allowing input from the tech community and the general public.
Such laws are being considered in other Five Eyes Alliance nations (FVEY), and they’re watching how everything plays out in Australia very carefully. FVEY is a federation of English-speaking countries who have an informal agreement to share intelligence. Other member nations are the US, UK, Canada, and New Zealand.
What Does the “Assistance and Access” Bill Mean for You?
The ultimate goal is to compel tech companies to turn over customer data or provide them with a backdoor into individual and business devices. For now, the bill gives authorities the right to force companies and individuals working for them, like network administrations, software engineers, and developers of apps like WhatsApp, to turn over data without letting their employer or the target know. Anyone who refuses to comply faces prison and high fines.
The stated purpose is national security, but opponents fear that the language of the bill can be misinterpreted and used as an excuse to spy on individuals. This applies not only to Australian citizens in our own country, but visitors and companies doing business in Australia as well as Australians working or travelling in other countries. Industry leaders like Microsoft and Apple say they’ll stop doing business in Australia, which will further hurt the population.
5 Ways Australians Can Protect Themselves
The Reform Government Surveillance coalition is working hard to get the government to repeal, or at least amend the law. but with little success so far. That means it’s up to each of us to protect our own networks and devices from prying eyes and government overreach.
Control Access to Your Devices and Accounts
One of the main ways hackers get into peoples devices and accounts is through weak passwords and simple human negligence. Start making your digital life safer right off the bat by deleting easy or default passwords and using a password manager to create and store secure, unique ones in a virtual vault. You can also use two factor authentication keys to add an extra layer of security.
Read the TOS of any apps your use or websites that require account creation before clicking “Accept” or “Agree”. Avoid any that force you to install third-party apps or access portions of your mobile phone that are unnecessary. Why would a game, banking, or lifestyle app need access to your contact list or camera, anyway?
Use Strong End-to-End (E2E) Encryption
Encryption allows you to enter passwords and credit card information safely by scrambling data fields into undecipherable strings of letters, numbers, and characters that are hard to guess or hack. Make sure that any website you do business with and any apps you install use the latest E2E encryption standards, and install encryption on your own devices and networks.
Firewalls are software that blocks you from accessing websites that are known for malicious activity, those whose security status is unknown, and unauthorized login attempts on your devices or accounts. They’re virtually impenetrable as long as they’re properly configured and updated regularly.
Use Anti-Virus and Anti-Spyware
You should always use solid anti-virus, anti-malware, and anti-spyware software on your networks and any connected device. There are close to half a million new viruses and versions of malware unleashed on the internet every day. Make sure that you set it to auto-update the software for the latest fixes or perform a manual search at least once a day as part of routine maintenance.
Use a Virtual Private Network (VPN)
If it isn’t practical to tell you to delete social media accounts and turn off the WiFi on your mobile devices until you need it, then you should at least use a virtual Private Network (VPN) to keep your online activity hidden from view. Virtual networks hide internet activity by running it through an encrypted tunnel. You should install one on your router and every connected network or device. Many allow you to configure more than one network, so segment your lines for personal use, smart home components, business, and guest WiFi access for each of your IoT, business networks, and personal devices. IoT is one of the areas where malware can easily be lurking, so be aware.
Make sure that you choose a paid VPN rather than a free service; many “free” networks make their money with ads or by selling your data to third parties. Even premium VPNs are inexpensive, most use high-grade military, E2E encryption, and they won’t log your data, identity, or activities. Many are located in jurisdictions outside of the reach of FVEY surveillance, which means they don’t have to comply with intrusive snooping laws.
Australians need to do their research when looking for a VPN. This includes reading reviews and understanding if the VPN company stores data or not. Sites like Privacy Australia review VPNs and compare speeds/security.
Government crackdowns and hacking exploits can only go as far as we let them. There’s is no 100 percent solution that will protect us. But, taking the above measures will provide extra layers of security that will make it much harder for outside actors to spy or steal your sensitive information.