CyberCrimeGovernement-ITRegulationSecuritySecurity ManagementSurveillance-IT

Australia To Force Tech Firms To Provide ‘Encryption Access’

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

Australian government to introduce law to force tech firms to provide access to encrypted messages

The Australia government could be the first Western nation to breach the last bastion of online privacy, namely encryption.

It is reported that on Friday the Australian government proposed new laws to compel tech companies such as Facebook, Apple and Microsoft to provide security agencies with ‘access to encrypted messages.’

The implications of this move could soon be felt in the UK, which is also considering similar moves. And it should be remembered that Australia is part of the ‘Five Eyes’ intelligence-sharing network that consists of the USA, UK, Canada, Australia and New Zealand, so any information decrypted there, would likely be shared among its allies.

google, encryption keyEncryption Law

The attempt by the Australian government to gain access to encrypted messages comes after a number of terrorist attacks around the world, where the perpetrators used encrypted applications ahead of the attacks.

This has led Western countries such as France and the UK to publicly commit themselves to new laws requiring access to encrypted messages.

Australian Prime Minister Malcolm Turnbull said law enforcement needed more help after his country suffered a number of terrorist outrages in recent years.

“We need to ensure the internet is not used as a dark place for bad people to hide their criminal activities from the law,” Turnbull was quoted by Reuters as telling reporters in Sydney.

“The reality is, however, that these encrypted messaging applications and voice applications are being used obviously by all of us, but they’re also being used by people who seek to do us harm,” he reportedly said.

It seems that the Australian proposal will require tech firms and device makers to help its law enforcement agencies intercept and read messages sent by suspects.

It is not known at this time whether this means providing law enforcement just access to encrypted messages, or encryption keys or a backdoor.

According to Reuters, the proposal will be introduced when the Australian parliament resumes in August. Lawmakers reportedly said it could be adopted within months.

Privacy Debate

Of course, this Australian move is likely to be resisted by tech firms, and it could soon become a global issue as other nations potentially follow the Australian example.

Most tech firms including Microsoft and Apple have fiercely resisted handing over customer data, because of privacy concerns.

Facebook for its part reportedly rejected the need to introduce the new law, and said it already had a system in place to work alongside security agencies.

“Weakening encrypted systems for them would mean weakening it for everyone,” Antonia Sanda, a spokeswoman for Facebook told Reuters.

ENISA, the EU’s IT security advisory agency, has previously warned that encryption backdoors would not improve law enforcement’s ability to gain access to criminals’ communications, and might well have exactly the opposite effect.

UK to follow?

The whole encryption issue has gained prominence in the UK after March’s Westminster terror attack which resulted in the deaths of seven people.

In the wake of the attack, home secretary Amber Rudd publicly slammed WhatsApp for its “completely unacceptable” use of encryption which made the attacker’s messages inaccessible to third parties.

This was followed by Prime Minister Theresa May’s calls for increased internet regulation following the attack on London Bridge and the revelation of government plans to ask Parliament for more power over technology companies.

The British government has already passed controversial legislation nickamed the “Snooper’s Charter”, which is intended to legitimise broader surveillance practices, including obliging Internet services providers to store users’ communications records and make them available to government agencies.

It should also be noted that the tech industry has already taken steps to combat terrorists using its systems.

The world’s biggest tech firms for example have pledged to work harder to tackle terrorist propaganda online, with many using technology such as artificial intelligence to do so.

Quiz: How much do you know about privacy?