Defence launches crackdown on Australian crypto research
Ahead of Thom export control review findings.
The Department of Defence has significantly tightened exemptions for Australian information security and cryptographic researchers through tough export control laws, a move likely to stifle collaboration with the overseas research community outside intelligence circles.
Defence's export controls arm (DEC) has quietly revoked the permits of researchers subject to the Defence Trade Controls (DTC) Act 2012, which regulates the supply of military and so-called dual-use technologies overseas.
The permits were introduced on a trial basis in 2017 in response to feedback during the implementation of the legislation to allow researchers in the field of information security and cryptography to communicate with their counterparts in any non-sanctioned country.
Since then, Defence has launched an unprecedented bid to be able to retrospectively re-classify research as dual use or security sensitive, a power academia has warned will fundamentally undermine funding certainty for research across the sector.
At the same time, sections of the the information security industry remain at loggerheads with the government over new controversial crypto-busting powers.
With the date of the delivery of highly anticipated defence exports controls review by Vivienne Thom - a former Inspector General of Intelligence and Security - still up in the air amid protracted uncertainty, leading academics say they are already feeling the heat.
Defence initially said the permits issued to academic researchers would achieve a balance between the need for free flow of information for research purposes in the initial stages of a research project and national security interests.
But two years after the trial was introduced, Defence now looks to have pulled the plug on the general permission permit allowing organisations to communicate about cryptography research with any non-sanctioned countries.
The University of Melbourne is one such organisation that has been affected by what appears to be an undisclosed policy change amid an independent review of the DTC Act.
Cryptographic researcher and associate professor at the School of Computing and Information Systems Dr Vanessa Teague told iTnews the decision not to renew the universitys general permit had limited her communication about cryptography to only three countries.
She said this had occurred without any warning or explanation of why, including if there had been a change in policy.
The result is that each time the university wants to communicate with researcher from a non-approved country they will need to fill out a new form and ask permission, which Teague described as unworkable in the context of an international, competitive scientific community.
What they [Defence] dont understand is asking permission in advance and waiting a few months to get around to granting a permit is just unworkable in the context of scientific research, she said.
Its also the very reason the permits were introduced in the first place, following the introduction of the DTC Act.
Teague warned that other research organisations potentially affected may not yet be aware.
Because the pe ...Read full story on iTnews