Here’s a view from inside Tesla by one of it’s former employees. Taking the report at face value, which is of course an arguable proposition, you can see how technical debt can build up to a point where it’s near impossible to pay it down. That in turn can have significant effects on the safety performance of the organisation, see the Toyota spaghetti code case as another example. The take home for this is for any software safety effort it’s a good idea to see whether the company/team is measuring technical debt in a meaningful fashion and are actively retiring it, for example by alternating capability and maintenance updates.
So, in submissions to the parliamentary joint committee on intelligence and security (PJCIS) it’s been disclosed that government agencies, including local councils, are using loopholes in our current metadata legislation to lodge up to 35,000 requests for personal metadata a year. These requests are made without warrants and with little to no oversight.
My Australian readers will remember the Telecommunications (Interception and Access) Act that was passed three years ago to allow access our telecommunications metadata. They’d also remember how solemnly our government and ministries of state security swore that there’d be ‘robust protection’? Right, well as it turns out the earlier 1997 Telecommunications Act has a large existing loop hole that requires metadata disclosure, “if in any other case the disclosure or use is required or authorised by or under law.” All of which makes the provisions for privacy in the later act kind of moot.*
Then on top of this mess of existing legislation the Morrison government is now rushing additional security legislation through requiring the communications companies to provide access to encrypted data. From the weakening of encryption to covert insertion of spyware there’s pretty much nothing the government can’t demand a communications company provide. Weighing in on the issue are officials from the five eyes in a strongly worded communique. My guess is that’s because the legislation is seen as a stalking horse for the suite of powers that the security communities of the five nations have wanted for decades.
With a Bachelor’s in Mechanical Engineering and a Master’s in Systems Engineering, Matthew Squair is a principal consultant with Jacobs Australia. His professional practice is the assurance of safety, software and cyber-security, and he writes, teaches and consults on these subjects. He can be contacted at firstname.lastname@example.org