You may be being watched, but you’ll never know, writes
Shaun Prescott writes on the things that matter in tech
Last month, Australia became the first country in the world to legislate the requirement for tech companies to provide backdoor access to encrypted messages. More specifically, the law will allow police and intelligence agencies to selectively target users – presumably suspects of crime – via encryption backdoors. Police have long called upon technology companies trading in encrypted communication to help with access, but now, in Australia, they must.
As an example: if Australian police or intelligence wants to access Joe Blogs’ messaging history on Facebook, Facebook will be required, under Australian law, to either help the police access these messages, or else, hinder the encryption in order for the police to more readily access what they need.
Despite months and years of lip service, Bill Shorten’s Labor party allowed the Coalition’s bill to pass with no changes. Lawyers, and advocates for privacy and internet freedom are naturally unnerved; not only does it signal an unprecedented amount of state access to internet communication services, but it’s also abundantly obvious that no Australian politician really understands what encryption is.
“The laws of mathematics are very commendable,” former prime minister Malcolm Turnbull said last year, “but the only laws that apply in Australia is the law of Australia.”
As always, the looming, ever-present threat of terrorists was the stated motive for passing this bill. What Turnbull and undoubtedly Morrison – not to mention more qualified politicians – don’t seem to understand, is that one does not simply burrow a hole through encryption. During a senate hearing last month, Francis Galbally, a chairman of encryption company Senetas, explained that making changes to one aspect of a telecommunication service’s encryption can have a dire ripple effect. “The bill, should it become law, will profoundly undermine the reputations of Australian software developers and hardware manufacturers in international markets,” he said.
But it’s the thought that counts, right? And anyway, what does it all mean for us lowly citizens? Well, from moment-to-moment, not much. If the police decide they want to access our messages we won’t know if they’ve done so. For that matter, if police or intelligence decides it wants to access a politician’s messages, they won’t know either. There’s the potential for security as a whole to be reduced, as designed weaknesses built especially for one person, might fall prey to hackers or terrorists. In an age when a hacked Twitter account message can lead to a stock market crash, it’s not very reassuring.
As for companies like WhatsApp, Facebook, Signal, and more – if they want to continue operating in Australia they’ll need to comply. And more than likely, they will. But Australia isn’t a huge priority market in the global scheme of things, so it’s very possible that future apps and services will just avoid the region altogether.