Australia to force tech firms to hand over encryption keys

PM Turnbull declares laws of Australia trump laws of mathematics

The Australian government wants to introduce new cyber security laws that would force technology companies to give law enforcement agencies access to encrypted messages, in an effort to clamp down on criminal activity.

Australian prime minister Malcolm Turnbull said on Friday that a law modelled on the UK's Investigatory Powers Act would be necessary in order to curb the growing use of social media a means for terrorists and criminals to communicate.

Advertisement - Article continues below

The proposed law would oblige technology companies to assist security forces in their investigations, although warrants would still be needed to access communications. This includes social media companies such as Facebook and Google, but also device manufacturers like Apple and Samsung.

"We need to ensure that the internet is not used as a dark place for bad people to hide their criminal activities from the law," said Turnbull, speaking to Guardian reporters on Friday.

"The reality is, however, that these encrypted messaging applications and voice applications are being used obviously by all of us, but they're also being used by people who seek to do us harm."

When asked how the new law would prevent users opting for third-party encryption software, such as virtual private networks, Turnbull said: "The laws of Australia prevail in Australia, I can assure you of that. The laws of mathematics are very commendable, but the only laws that apply in Australia is the law of Australia."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Australia faces the same criticism levied at the UK government following the London terrorist attack, when Home Secretary Amber Rudd demanded that WhatsApp give police agencies access to user messages that forcing social media giants to create encryption back doors for law enforcement would in effect create back doors for cyber criminals as well. Turnbull denied that the proposed law would involve the use of these, however.

"A back door is typically a flaw in a software program that perhaps the developer of the software program is not aware of, and that somebody who knows about it can exploit," said Turnbull. "We're not talking about that. We're talking about lawful access."

Facebook has criticised the news, saying that it already has a system for cooperating with security forces, and that the proposed law would be impossible to impose on individual users.

"Weakening encrypted systems for them would mean weakening it for everyone," said Facebook spokesperson Antonia Sanda, speaking to Reuters.

Advertisement - Article continues below

Yet Australia's stance is shared by a number of other countries, including France and Britain, which have expressed a commitment to ensuring security agencies are able to access encrypted messages.

However, proposed legislation from the European Union seeks to take the opposite approach, by making end-to-end encryption compulsory for all forms of digital communication. The draft proposal would prevent service providers from accessing encryption keys, and would render it impossible for companies to 'hand over' messages to security forces.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/security/cyber-security/355185/165-million-britons-experienced-a-cyber-crime-in-the-past-year
cyber security

Report: 16.5 million Britons fell victim to cyber crime in the past year

1 Apr 2020
Visit/cloud/amazon-web-services-aws/355183/aws-launches-amazon-detective
Amazon Web Services (AWS)

AWS launches Amazon Detective for investigating security incidents

1 Apr 2020
Visit/security/privacy/355182/government-to-launch-coronavirus-contact-tracking-app
privacy

UK government to launch coronavirus 'contact tracking' app

1 Apr 2020
Visit/software/video-conferencing/355180/zoom-does-not-use-end-to-end-encrypted
video conferencing

Zoom admits meetings don't use end-to-end encryption

1 Apr 2020

Most Popular

Visit/security/privacy/355211/google-releases-location-data-to-showcase-effectiveness-of-coronavirus
privacy

Google releases location data to show effectiveness of coronavirus lockdowns

3 Apr 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

2 Apr 2020