Encryption laws to run up against CLOUD Act and GDPR: Law Council

As predicted, Australian law is now at odds with European and US regulatory frameworks. This may lead to fragmentation of service offers…:

[…] In a submission to the Parliamentary Joint Committee on Intelligence and Security’s encryption law review, the Law Council said Australian law enforcement will have to continue seeking data through the slower mutual legal assistance treaties (MLAT), rather than the expedited service the CLOUD Act would offer once Canberra and Washington enter into an agreement.

“The Law Council considers that the current law in Australia as it relates to storing and accessing telecommunications data will be insufficient to allow Australia to qualify for entry into an ‘executive agreement’ with the US,” the Council said.

The Law Council’s reasoning said Australia fell foul of the need for orders to US companies to be “specific and identify the relevant individual, account, address or personal device or another specific identifier”, as well as the fact that US companies cannot be compelled to break US law.

“In this context, the requirements under the Assistance and Access Act and the CLOUD Act clearly differ, as the US law does not allow for the mandating of the decryption of data as is now permitted under Australian law,” it said.



Original Article