Australia passes controversial anti-encryption law

The law will compel companies to comply with law enforcement demands to hand over data

Encryption

The Australian government has passed a controversial new law which will allow law enforcement to compel tech and telecoms companies to break their own encryption for messages if it's believed a crime has been or will be committed.

The 'Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018' was approved by a 46-11 majority earlier this month and could help authorities make faster arrests, but tech companies are uncertain as to how this will work without installing backdoors or vulnerabilities in their services. Failure to comply with the new law will lead to a fine.

Advertisement - Article continues below

Popular apps such as WhatsApp and Signal, which both use end-to-end encryption, could be forced to cease their service in Australia.

The Australian government says encrypted communications have affected around 200 operations in 2018 and that agencies have seen a 55% increase in encrypted traffic over the year.

However, experts argue that concerns remain as to how companies will abide by the law. End-to-end encryption, by design, blocks access to any parties other than the sender and recipient of a message, and therefore there's no way of breaking it for one targetted user. This leaves the likely possibility that a backdoor in the encryption will have to be made, which, in theory, would give anyone with knowledge of its existence, or a means to exploit said backdoor, access to messages.

Advertisement
Advertisement - Article continues below

"This is an extremely bad idea, while the intention is to make a safe and secure physical society to live in, the major problem is that our lives are more online than ever and such actions make our digital society exposed to cybercrime and cyber attacks," said Joseph Carson, chief security scientist at Thycotic.

Advertisement - Article continues below

"This weakens the foundation on what security is built on which is secure communications and any methods to weaken security opens up society to cyber crime across borders. This will likely have a major impact on the Australia economy over time."

Joshua Lund, a developer for Signal, an end-to-end encrypted messaging app, said in a blog post that "the end-to-end encrypted contents of every message and voice/video call are protected by keys that are entirely inaccessible to us. In most cases now we don't even have access to who is messaging whom."

Carson also criticised the government for the apparent likeness to states where encrypted communications are banned, such as Saudi Arabia, Russia and China.

"Any weakening of encryption reduces the security of a country's citizens, such a move means that Australia is no different than China or Saudi Arabia when it comes to citizens' privacy and will be exposed to citizens' rights abuse without sufficient independent oversight," he said.

Advertisement - Article continues below

Whether or not service providers will be able to comply without risking the security of their platform is yet to be seen, however, governments across the world, including the UK, continue to wrestle with technology companies over protecting national security and maintaining privacy.

The UK has also seen a rise in drug crime which is said to have been largely facilitated by encrypted messaging apps, such as Wickr. The billionaire-backed app, which unlike WhatsApp isn't linked to an identifying mobile phone number, uses the same encryption methods as other apps like it, but is particularly loved by criminals because the messages automatically vanish after a time period set by the user.

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement
Advertisement

Recommended

Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020
Visit/security/cyber-security/355267/zoom-hires-ex-facebook-cso-to-boost-platform-security
cyber security

Zoom hires ex-Facebook CSO Alex Stamos to boost platform security

8 Apr 2020
Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020

Most Popular

Visit/software/video-conferencing/355257/taiwan-first-country-to-ban-zoom-amid-security-concerns
video conferencing

Taiwan becomes first country to ban Zoom amid security concerns

8 Apr 2020
Visit/security/cyber-security/355271/microsoft-gobbles-up-corpcom-domain-to-keep-it-from-hackers
cyber security

Microsoft gobbles up corp.com domain to keep it from hackers

8 Apr 2020
Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020