Australian Law Will Allow Agencies to Circumvent Encryption
December 10, 2018
In the United States, Congress has resisted calls by the FBI and Department of Justice that would require tech companies to create a “back door” to allow them to bypass devices’ encryption. But other U.S. allies are moving forward on just such legislation, with Australia about to adopt a tough encryption law permitting intelligence agencies these powers. The country believes that its agencies need the power to circumvent encryption to protect it from terrorist attacks during the holiday season, often a high-threat period.
The Wall Street Journal quotes Duncan Lewis, director general of the Australian Security Intelligence Organization, that “plotters were using encrypted systems to evade detection.”
In the U.S., the standoff between the FBI and other law enforcement agencies with technology companies “briefly came to a head in February 2016, when the Justice Department under President Barack Obama filed a motion to force Apple to comply with a judicial order to unlock an encrypted phone used by a shooters in the San Bernardino, Calif., terrorist attack.” The FBI found a third-party to unlock the device, so the government ceased its efforts to pressure Apple.
Australia’s new law builds on the approach adopted by the U.K. Parliament in December 2016 when it voted in the Investigatory Powers Act, which allows “security agencies with a warrant to hack into computers, but stopp[ed] short of mandating back doors.” Experts say that the laws could require tech firms to “develop new tools to circumvent security and crack passwords if necessary.”
That’s what Apple stated to Australian lawmakers, saying the “extraordinarily broad and vague powers” of the law could force it to “develop custom software to bypass encryption.” The Australian company Senetas, which provides encryption for the Israeli Knesset, U.S. Defense Department and Australian police, said the bills were “the equivalent of dropping an atom bomb in order to find some nefarious character,” and would create “an officially sanctioned weakness that would find its way around the world.”
While Australia pushed its new legislation, U.S. Deputy Attorney General Rod Rosenstein “attacked American technology companies for not being more open to potential compromises.” “We cannot accept a culture in which technology companies consider it part of their responsibility to defeat legitimate law enforcement,” he said.
In the United Kingdom, two intelligence officers, in an article published in Lawfare, described a “proposal where technology providers would allow law enforcement the ability to be added to encrypted group calls or messages for the purpose of intercepting conversations.” Other cybersecurity experts, however, denounced the proposal as dangerous.
No Comments Yet
You can be the first to comment!
Sorry, comments for this entry are closed at this time.