Aussie PM seeks anti-encryption power by year end

Australia's Prime Minister Scott Morrison is seeking to introduce laws that would force technology firms to give police and spy agencies access to data from phones and other devices of suspected criminals.
Australia's Prime Minister Scott Morrison is seeking to introduce laws that would force technology firms to give police and spy agencies access to data from phones and other devices of suspected criminals.PHOTO: EPA-EFE

But tech giants oppose proposed law, citing privacy and cyber-security risks

Australia's Prime Minister Scott Morrison is seeking to quickly introduce controversial anti-encryption laws that would force technology firms to give police and spy agencies access to data from phones and other devices of suspected criminals.

But the move has been criticised by technology giants such as Amazon and Facebook, who say it will pose privacy and cyber-security risks. The firms have raised particular concerns about proposals requiring them to alter or introduce software to potentially enable the authorities to access a suspect's data.

The ruling Liberal-National coalition wants to introduce the laws by the end of the year, following warnings that chatter among would-be terrorists tends to increase leading up to Christmas. This would require the Bill to be passed by Parliament before it ends for the year on Dec 6.

The head of Australia's domestic intelligence agency, Mr Duncan Lewis, told Parliament's Committee on Intelligence and Security earlier this week that the laws are needed with "operational urgency". He said his agency, the Australian Security Intelligence Organisation, has cases at this moment "where this legislation will directly assist".

State police chiefs also said the new laws are needed, adding that more than 80 per cent of communication between terror suspects and high-risk criminals is now conducted via secret messaging apps.

The laws come amid growing debate around the world on how to give police access to encrypted data without affecting the public's confidence in giving their personal details for online services such as Internet banking.

After a deadly mass shooting in San Bernardino in 2015, the United States authorities battled with Apple in court over requests to access one of the attackers' iPhone. Eventually, the Federal Bureau of Investigation reportedly paid a third party to obtain access.

In Australia, the federal government wants technology firms to develop capabilities that would allow it to access data rather than seek "backdoor" methods.

The Digital Industry Group, which represents firms such as Amazon, Facebook, Google and Twitter, warned that enabling encryption-busting software and technology could "introduce weaknesses that malicious actors could exploit".

"The proposal for companies to facilitate technical vulnerabilities is of particular concern as it doesn't just create a vulnerability for law enforcement to exploit, it becomes a vulnerability for all, making it easier for criminals to exploit digital technologies to commit crimes," the group said.

The Communications Alliance, which represents communications firms such as Optus and Telstra, warned that some companies may even consider leaving Australia if the laws proceed in their current form.

Head of the alliance John Stanton said the laws could require spyware - or software that secretly monitors users - to be installed without management or other staff being informed.

This, he said, could make it harder for the firm to prevent malicious cyber attacks.

"The company wouldn't know that they were operating a compromised service," he told SBS News.

But national cyber-security adviser Alastair MacGibbon said the laws will help combat child sex offences and terrorism, noting that the warrants required to access encrypted information were similar to traditional search warrants.

"Shrill claims made in submissions by public companies that (the proposed laws) will be used by government to turn smart home devices (such as Google's Home and Amazon's Echo) into listening apparatus acting for the government in some Orwellian dystopian future are absurd," he wrote in The Australian on Monday.

Significantly, the Australian Signals Directorate - a foreign signals intelligence agency - has also weighed in. Director-general Mike Burgess said the agency wants to combat terrorism, cyberthreats and espionage, but "has no interest in communications involving everyday Australians".

"(Encryption) has also presented challenges when it comes to uncovering the secrets of those who pose a threat to Australia's national security, in particular, criminals who commit serious offences, who don't want to be found, hiding in dark places," he said last month.

As the debate continues, the government and the opposition are looking at a compromise.

This could involve quickly passing laws that allow the industry to voluntarily cooperate with the authorities or to decrypt specific messages or devices, but to delay consideration of broader powers such as the installation of spyware.

A version of this article appeared in the print edition of The Straits Times on November 30, 2018, with the headline 'Aussie PM seeks anti-encryption power by year end'. Print Edition | Subscribe