Challenges remain with Convention on Cybercrime framework: Unisys

Vendor backs Government decision but privacy/civil liberty issues need to be considered

The Gillard Government's decision to set up legislative framework to allow Australia to sign the Council of Europe Convention on Cybercrime treaty was a good step forward but privacy and civil liberty concerns need to be taken into account, according to a security expert.

Attonery-General, Robert McClelland, announced the Cybercrime Legislation Amendment Bill 2011 which includes three changes to allow Australia to enter the Council. The Council offers international co-operation between signatory countries, as well as establishing procedures to make investigations more efficient.

These procedures include perseveration, which enables agencies to request the preservation of communications by a carrier they intend to seek a warrant over, international co-operation, and the extension of the scope of existing Commonwealth computer offences to fully meet the requirements for such offences under the Convention.

The Cybercrime Legislation Amendment Bill 2011 amends the Mutual Assistance in Criminal Matters Act 1987, the Criminal Code Act 1995, the Telecommunications (Interception and Access) Act 1979 and the Telecommunications Act of 1997.

More than 40 countries have either signed or become a party to the Convention, including the US, UK, Canada, Japan and South Africa.

Unisys Asia Pacific security and industries marketing director, Jane Evans said in a statement that while the company, which made a submission in March to the Government that called for Australia to join the Council, welcomed the decision, privacy and civil liberties issues would need to be taken into account by the Council.

"Striking the right balance between security and privacy will remain a key challenge for international cooperation across jurisdictions," Evans said.

"Sensible safeguards will need to be in place to ensure that investigation and pursuit of crime does not infringe people’s privacy and civil liberties [if innocent], particularly when dealing with electronic and potentially highly sensitive identification information."

According to Evans, the vendor had previously emphasised the importance of treating certain types of information with mandatory sensitivity under the Australian Privacy Act, notably all biometrics including DNA.

"A technology or a security measure that better protects an individual’s personal information from unauthorised hacking, replication or misuse, by its very nature increases privacy protection and builds confidence and trust as a result," Evans said.

"It is in this sense that the Council could play a key confidence building role."

She added that while most Australians were happy to take part in security measures such as biometrics, privacy was an issue that needed to be taken into account as well by the Government and Council.

For example, Unisys Security Index research conducted in February 2011 found that approximately 70 per cent of Australians would be prepared to use a photograph, voice recording or scan of the eye to prove their identity, and 76 per cent would be happy to provide their fingerprint.

Approximately 70 per cent of Australians would be prepared to give a biometric to an airport or airline, or participate in some other traveller identity scheme, if it meant greater security and fast tracking through security procedures at airports.

The same research found that Australians were more concerned about identity theft than any other security issue.

"This is reinforced by the public attention to high profile breaches such as those recently reported at RSA and Sony so clearly, privacy remains important to most people," Evans said.

"We believe it is important to maintain and build public confidence that they are protected wherever a crime against Australia, our people or our interests, is committed."

Got a security tip-off? Contact Hamish Barwick at hamish_barwick at

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU

Join the CSO newsletter!

Error: Please check your email address.

Tags civil libertiessecurityunisysprivacy

More about BillRSASonyUnisys Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Hamish Barwick

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place