| [disclaimer: happy fastmail user, 30+ year Aussie programmer] What I really really like about this blog entry and the Fastmail service in general is that it is practical and clear. Fastmail does not and has not ever offered data privacy from properly constituted legal requests. Within the service they offer of email (and calendaring and contacts), they protect their user data by having it encrypted at rest and in transit. Email protocols are not suited to E2E encryption because of the historical evolution of those protocols. So if you want E2E, there are appropriate solutions. In terms of people who want access to your data, there are two types, bad/illegal actors and those operating under the judicial system. Under the judicial system in place in Australia, as has been explained, warrants (and the equivalent for non-law enforcement security services) are still required for access to an identified person's information. Fastmail has always been clear that they would respond to a properly constitued legal request. In terms of lobbying, it is up to all Australian tech people to respond to this legislation and its ill-considered requirements. I've already written to Mark Dreyfus as Shadow Attorney General and also the senior ALP person on the PJCIS which is responsible for this legislation. I intend to engage further in the new year with all those relevant MPs, ministers and shadow ministers, with the primary goal of clarifying that the tradeoff between security and privacy is not a zero-sum game, that invading privacy in such a ham-fisted manner as defined in the legislation is more damaging to both our industry and our community than the stated objectives of our security services to avoid bad actors "going dark". |