After months of talk, the Federal Government is finally set to introduce new laws that will compel tech companies to help Australian security forces access encrypted messages.
The new laws are expected to bear some resemblance to the United Kingdom’s Investigatory Powers Act 2016, which legislated for an obligation among messaging platform operators, such as Facebook and Google, to cooperate with investigators looking to access such messages.
The proposed legislative package is expected to be put to Parliament by the end of the year.
The Prime Minister, Malcolm Turnbull, who revealed further details of the new laws on 14 July, once again reiterated that the Government is not calling for tech companies to provide a backdoor for the encrypted messages on various platforms.
"One of the big challenges we face is that one of encryption," Turnbull told the media on 14 July. "Increasingly communications across the internet, whether it's messaging applications or voice applications are encrypted end-to-end, that means while they can be intercepted, they can't be read they can't be interpreted other than with great difficulty.
"What we seek to do with other leading economies in the world is to ensure that the brilliant tech companies, in Silicon Valley and their emulators to assist the law, to enable us to be able - not through back doors - but legitimately, appropriately, with the force of law in the usual way that applies in the offline world [to] enable our law enforcement agencies to have access to these communications so that they can keep us safe," he said.
Asked whether what he was proposing is akin to asking tech companies to hand over the decryption keys to their platforms, Turnbull said: "I'm not a cryptographer, but what we're seeking to do is to secure their assistance.
"They have to face up to their responsibility. They can't just, you know, wash their hands of it and say it's got nothing to do with them," he said.
The move comes just weeks after Attorney-General, George Brandis, said the Government planned to address the "involvement of industry in thwarting the encryption of terrorist messaging" at the Five Eyes conference in Canada, which was held last month.
The Five Eyes partners - an alliance comprising Australia, Canada, New Zealand, the United Kingdom and the United States - subsequently emerged from two days of talks late last month, coming out with a joint communique stating their commitment to establish cooperation from the tech industry on protocols for sharing information.
“During the five country ministerial meeting, we committed to joint efforts to counter the spread of violent extremism and recruitment efforts by extremist groups that advocate and utilise violence to achieve their objective,” the communique stated
In addition, the ministers further committed to a shared approach to engaging with Communication Service Providers (CSPs) to address online terrorist activities and propaganda, and to support a new industry forum led by Google, Facebook, Microsoft and Twitter.
Now, Turnbull is talking up the need for the new laws, despite some tech companies previously pushing back against such requests from Government forces.
“In America there is a very strong Libertarian, anti-government sense,” Turnbull told Network Seven's Sunrise program on 14 July, citing the case in which Apple refused to create backdoor to help security forces access data on the iPhone of the man at the centre of the San Bernadino shootings in late 2015.
In that case, Apple chief, Tim Cook, refused to backtrack on his company’s stance to keep its users’ data private. In February 2016, Apple made it clear that such a request, if met, would essentially see the company need to create a backdoor for its devices.
“The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals,” Apple said in a statement.
“The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe,” it said.
Yet Turnbull continues to stress that the Government is not asking tech companies to create a backdoor, but rather assist in investigations, suggesting that the need to access such communications is paramount for law enforcement and national security.
“The rule of law must prevail online as it does offline,” he told Sunrise, “and we expect the big internet companies to ensure that their platforms – wonderful and magnificent and ingenious as they are – cannot be used by people to hide their plots, to commit acts of terrorism or criminal acts.”
Brandis, meanwhile, has made the argument that the move to access encrypted messaging for law enforcement purposes under a new legislative mechanism should be seen as being no different to the ability for relevant Government forces to access non-encrypted messaging, as is provided for under current laws.
"If it was legally, morally, ethically appropriate for unencrypted but private communications to be accessed by lawful means and under warrant before, in order to keep the community safe, why has everything changed because a new encryption technology has been developed?," he told Sky News on 14 July.
"Nothing has changed. Communications do have to be accessed by intelligence and law enforcement, in certain defined circumstances, and under warrant, in order to investigate and protect us against terrorism planning.
"It’s not good enough frankly for anyone to hide behind the fact that there is a new technology that enables these communications to be encrypted, top say, ‘I’m sorry, we’re not prepared to cooperate with you’," he said.
- Govt eyes carrot and stick approach to encryption crackdown
- Vault Systems serves up secure cloud through Govt's ICON network
- Data privacy law compliance ‘not an obstacle’: NetApp lawyer
- NSW govt backs quantum computing with $26m fund
- Tech retailers reign over NSW complaints tally
- What hackers think of your cybersecurity efforts
- Workplace automation won’t destroy finance jobs: report
- Twitter to let users tweet in 280 characters
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.