Can you explain why? It seems like a straightforward application of the law making some activity illegal, when its jurisdiction is explicitly defined as extending beyond the nation's borders. If you forget the border for a moment and just consider it all a single jurisdiction, aren't you basically saying that somebody can break the law and claim immunity from prosecution on the basis that their job requirements demanded that law to be broken?
3. You say we have code review the backdoor will be caught.
Now at this point the following might happen.
4a. make sure your code is reviewed by X.
4b. ok I guess it won't work.
4c. here is the code to put in, it has a very hard to catch bug that we can exploit.
in no way would I expect them to say
4d. well we're going to take you to court because you took a job that makes entering backdoors difficult.
on edit: improved formatting
on 2nd edit: I removed the leading No but, because I can't remember why I started off with that.
Is there a protection that prevents the government from requiring an employee take an action that may be discovered?
Or even a reason? I mean, unless the backdoor has a hard-coded URL like `www.ThisIsAGovernmentBackdoor.gov.au`, then a backdoor wouldn't seem to automatically implicate the government. Then an employer might well assume that the employee is just doing their own hacking. And presumably the employee can't say otherwise, right?
Or does the law say that employees can refuse if they fear discovery? And if so, couldn't employees always just refuse on that basis?
I'm not saying the employees can refuse, I'm saying the employees can say I will be discovered because of this reason. I naively suppose the police are like me in that they do things with a purpose in mind, and if they cannot achieve their purpose by an action they refrain from it as a waste of energy.
If their purpose is to hack company X, are informed that the way they intend to do it will be discovered and expose the tool they were going to use, then I expect they would refrain from doing that and try to find some other way. If they do not refrain then their purpose must not be to hack company X but really just to expose the tool for some reason.
However if they just say I will likely be discovered because of this reason, the police will probably just say "that's a risk we're willing to take!" and go for it.
so it's not that the job requirements demand that law be broken but rather the job requirements are such that the actions being demanded by the law will be ineffective or even worse, be caught out leading to termination of the only Australian 'asset' the government has in the team.
I suppose Australia can attempt to make a law saying any company based in Australia or selling products in Australia or with an internet presence available inside the country of Australia must stop using code review in case you ever hire an Australian citizen we want to put backdoors in your code.
Just imagining it is giving me quite the entertainment value.
