Take care what you type in Australia
As terrorist attacks increased after 2014 amid the Islamic State’s global push, Australian authorities were confronted by a challenge they shared with all other Western agencies: they could identify suspects but accessing their communications to discover their intentions was often impossible.
More than 95 per cent of Australian terrorism suspects use encrypted communications, according to estimates by the country’s cyber security ministry.
On Thursday, Australia’s Parliament passed the most expansive bill of all Western countries that could force major United States tech companies such as Google, Apple and Facebook to provide authorities with access to such encrypted data.
Many messaging apps that are being used by a majority of Australians offer encryption as either the standard or as an option. These include Facebook Messenger and WhatsApp.
Australian law enforcement representatives unsurprisingly celebrated the parliamentary approval.
Australoian attorney-general Christian Porter said the opposition Labor Party had ‘‘put the safety of Australians above political point-scoring,’’ after initially opposing the legislation.
Australia is the first nation in the so-called ‘‘Five Eyes’’ alliance – also composed of Canada, the US, New Zealand and Britain – to move ahead with legislation that will almost inevitably result in a standoff with major private corporations.
In America, Silicon Valley has so far resisted efforts by lawmakers and law enforcement agencies seeking to gain access to the communications of suspects in criminal investigations. Creating a back channel, they say, could open the door for other illegitimate use by state-sponsored foreign entities and criminal groups.
Australia’s decision is the most serious attempt by any national parliament to date to rein in tech companies involuntarily.
Critics fear that the vote sets a dangerous precedent.
‘‘Several critical issues remain unaddressed in this legislation, most significantly the prospect of introducing systemic weaknesses that could put Australians’ data security at risk,’’ read a statement by the Digital Industry Group .
Top tech companies opposed to the new bill are also concerned that Australia’s new standards could also be adopted elsewhere, including in Europe, where lawmakers have already pushed for some of the world’s toughest privacy standards.
Regulatory scrutiny has mostly been a financial threat in Europe, where tech companies can face maximum fines of up to 4 per cent of their annual turnover for privacy breaches, but Australia’s new bill goes further by holding individual representatives liable, as well.
Even though maximum fines are limited to about US$7 million (NZ$10m), individuals who fail to comply with the bill may face arrest and prison sentences.
Until Thursday, it appeared unlikely that the upper house of Australia’s Parliament, the Senate, would agree to those provisions already passed by the lower house.
Then the Labor Party surprisingly changed course, however, saying that it would back the bill in both chambers, provided that minor amendments are made after the legislation is enacted.
The new bill is now set to take effect before Christmas.
Several critical issues remain unaddressed in this legislation.