The Australian Government has finally released its draft bill on encryption, which would see law enforcement granted unprecedented new powers, including the ability to crack open encrypted communication.
Although this is being presented as yet another crucial mechanism to combat terrorism and organised crime, the measures in this bill will have a catastrophic impact on the digital security and privacy of all Australians.
Despite near-unanimous criticism from privacy experts, technology companies, civil liberties advocates and telecommunication providers, the Department of Home Affairs seems determined to steam ahead, granting “coercion powers” to law enforcement for everything from criminal investigations through to incidents of foreign relations, protection of public revenue, and potential economic impacts. This draft Bill offers insufficient warrant or oversight processes, yet grants broad powers to several agencies to compel access on a whim. The scope for abuse in such a regime is totalitarian in design, and terrifying in reality.
The government’s entire approach to this issue is one of a spiralling rhetoric that is truly vaudevillian to witness.
As a society, we accept that people can meet and discuss things in private, that people can draw the curtains on their bedroom windows so the government can’t see in. We also trust that when we share private information with businesses, the digital infrastructure that facilitates these transactions is strong and secure.
Whether it’s online banking and purchases, secure communications with loved ones and colleagues,or storage of sensitive data —we rely on strong encryption to keep our personal information safe. The government itself makes use of encrypted communications tools beyond the scope of Freedom Of Information (FOI) laws. Encryption and other digital security tools protect us against crimes like identity fraud, and in some circumstances even provide security against physical harm.
The country can either be the testing ground for policies that severely limit privacy and security in the digital era, or it can be a champion for human rights, leveraging its relationships to raise cybersecurity standards for the next generation.
The government’s entire approach to this issue is one of a spiralling rhetoric that is truly vaudevillian to witness. Turnbull claims “The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia”. Despite Turnbull’s best efforts, it is highly doubtful that his self-imposed omnipotence will allow for such an overruling of the basic principles of technological mathematics. Chris Inglis, former head of the NSA has also warned that the technological limitations of any attempt to break encryption could provide fruitless. When the top US snooper is outlining how hard it is to access communications, our government would do well to heed his advice.
Australia is facing a choice on cybersecurity and encryption: support genuine security or break the fundamentals of how private digital communications operate. The country can either be the testing ground for policies that severely limit privacy and security in the digital era, or it can be a champion for human rights, leveraging its relationships to raise cybersecurity standards for the next generation.
Most worrisome is the government’s clear intent to force technology proprietors, such as Apple, to actively break or create falsified versions of systems. This could force tech companies to build new, intentionally vulnerable systems for everyone just so law enforcement can pursue a small number of targets.
It is a massive overreach, however, to use the spectre of terrorism to prevent citizens from exercising their right to privacy and freedom of speech.
For the Department of Home Affairs to compel such widespread access to encrypted messages is a dangerous exercise that would destroy the very architecture that makes our systems work in the first place. Once these weaknesses are introduced, we become more vulnerable to commercial surveillance, data leaks, criminal eavesdropping, national security threats, and misuse by government officials.
Our law enforcement agencies need to have the tools necessary to do their job – there should be no argument here. It is a massive overreach, however, to use the spectre of terrorism to prevent citizens from exercising their right to privacy and freedom of speech. Australian authorities already have extensive technical and legal capabilities at their disposal to gather, store and analyse social and geo-locational data; many of these organisations have suffered substantial breaches themselves. The government would do well to secure the huge datasets already in jeopardy before seeking further access to the more intimate details of its citizens’ lives.
Encryption protocols are the backbone of the digital economy, applied to every single online transaction. Any attempt to weaken it for the sake of further vulnerability, and to give unfettered access to law enforcement, will be a risk no other democracy is taking. Strong encryption is essential to the modern Australian economy, and it would be a mistake to deliberately weaken it.