Aus­tralia data en­cryp­tion laws ex­plained

Iran Daily - - Science & Technology -

Aus­tralia passed con­tro­ver­sial laws de­signed to com­pel tech­nol­ogy com­pa­nies to grant po­lice and se­cu­rity agen­cies ac­cess to en­crypted mes­sages.

The gov­ern­ment said the laws, a world first, are nec­es­sary to help com­bat ter­ror­ism and crime, ac­cord­ing to BBC.

How­ever, crit­ics have listed wide-rang­ing con­cerns, in­clud­ing that the laws could un­der­mine the over­all se­cu­rity and pri­vacy of users.

The laws were rushed through par­lia­ment on its fi­nal day of the year.

The La­bor op­po­si­tion said it had re­luc­tantly sup­ported the laws to help pro­tect Aus­tralians dur­ing the Christ­mas pe­riod, but on Fri­day it said that “le­git­i­mate con­cerns” about them re­mained.

Cy­ber­se­cu­rity ex­perts have warned the laws could now cre­ate a “global weak point” for com­pa­nies such as Facebook and Ap­ple.

Why are en­crypted mes­sages an is­sue?

Aus­tralia al­ready has laws which re­quire providers to hand over a sus­pect’s com­mu­ni­ca­tion to po­lice.

This may al­ready be pos­si­ble if a ser­vice provider uses a form of en­cryp­tion that al­lows them to view a user’s mes­sage.

But in re­cent years, ser­vices such as What­sapp, Sig­nal and oth­ers have added an ad­di­tional layer of se­cu­rity known as endto-end en­cryp­tion.

End-to-end en­cryp­tion al­lows only the sender and re­cip­i­ent to view a mes­sage, pre­vent­ing it from be­ing un­scram­bled by the ser­vice provider.

Aus­tralia and other coun­tries have said that ter­ror­ists and crim­i­nals ex­ploit this tech­nol­ogy to avoid sur­veil­lance.

Aus­tralia data en­cryp­tion laws ex­plained

Un­der Aus­tralia’s leg­is­la­tion, po­lice can force com­pa­nies to cre­ate a tech­ni­cal func­tion that would give them ac­cess to en­crypted mes­sages without the user’s knowl­edge.

“This en­sures that our na­tional se­cu­rity and law en­force­ment agen­cies have the modern tools they need, with ap­pro­pri­ate au­thor­ity and over­sight, to ac­cess the en­crypted con­ver­sa­tions of those who seek to do us harm,” At­tor­ney-gen­eral Chris­tian Porter said.

How­ever, cy­ber­se­cu­rity ex­perts say it is not pos­si­ble to cre­ate a “back door” de­cryp­tion that would safely tar­get just one per­son.

“Any vul­ner­a­bil­ity would just weaken the ex­ist­ing en­cryp­tion scheme, af­fect­ing se­cu­rity over­all for in­no­cent peo­ple,” said Dr. Chris Cul­nane from the Uni­ver­sity of Mel­bourne.

Such a “se­cu­rity hole” could then be abused or ex­ploited by crim­i­nals, he said.

In a bid to ad­dress these con­cerns, Aus­tralia’s law of­fers a safe­guard which says de­cryp­tions will not go ahead if they cre­ate a “sys­temic weak­ness.”

How­ever, crit­ics say the def­i­ni­tion of “sys­temic weak­ness” is vague, mean­ing it is un­clear how it may be ap­plied.

What are the other con­cerns?

Dig­i­tal rights ad­vo­cates are highly crit­i­cal of Aus­tralia’s move, say­ing it lacks suf­fi­cient checks and bal­ances.

The Elec­tronic Fron­tier Foun­da­tion said po­lice could or­der in­di­vid­ual IT de­vel­op­ers to cre­ate tech­ni­cal func­tions without their com­pany’s knowl­edge.

“This has the po­ten­tial for Aus­tralian tech firms to have no clue whether they were even sub­ject to an or­der,” the foun­da­tion’s Nate Car­dozo told the BBC.

There is also crit­i­cism over how fast the laws were passed. A draft bill was pre­sented only in Au­gust.

A par­lia­men­tary com­mit­tee ex­am­in­ing the leg­is­la­tion did not re­lease its re­port un­til late on Wed­nes­day.

La­bor ini­tially pro­posed 173 amend­ments to the bill, but agreed to drop them on Thurs­day so that the law would be passed this year.

In re­turn, the gov­ern­ment pledged to de­bate pos­si­ble amend­ments next year.

But the na­tion’s top le­gal so­ci­ety, the Law Coun­cil of Aus­tralia, said on Fri­day that the laws had been “rammed” through the par­lia­ment with in­ad­e­quate con­sid­er­a­tion.

What does it mean for tech firms?

If com­pa­nies do not com­ply with the laws, they risk be­ing fined.

That has led to spec­u­la­tion that some global firms which have vo­cally op­posed the laws could with­draw from the Aus­tralian mar­ket.

How­ever, Dr. Cul­nane said that most com­pa­nies are likely to com­ply – partly be­cause users will not be aware if their mes­sages have been ac­cessed.

How­ever, ex­perts say the full im­pli­ca­tions are un­clear and much uncer­tainty re­mains. Some firms have al­ready sug­gested that they may not be sub­ject to Aus­tralian law.

Ex­perts add that, given the de­bate in­volves na­tional se­cu­rity, many as­pects may play out be­hind closed doors.

GETTY IM­AGES

Newspapers in English

Newspapers from Iran

© PressReader. All rights reserved.