EncryptionNew Australian law would compel tech firms to hand over encrypted data

Published 5 December 2018

Australia’s parliament earlier today (Thursday) passed a controversial measure which will force tech firms to give police access to the encrypted communications of suspected terrorists and criminals. The law, fiercely opposed by big tech firms, has engendered heated debate over national security and privacy at a time law enforcement agencies are struggling with how to access encrypted information to monitor illegal activities. The passage of the law may have global implications for encrypted communications. Critics say the law may unleash unintended consequences.

Australia’s parliament earlier today (Thursday) passed a controversial measure which will force tech firms to give police access to the encrypted communications of suspected terrorists and criminals.

The law, fiercely opposed by big tech firms, has engendered heated debate over national security and privacy at a time law enforcement agencies are struggling with how to access encrypted information to monitor illegal activities.

Techcrunch reports that under the law, Australian security services can force local and international communication giants such as Google, Facebook, or WhatsApp to remove encryption, help conceal government snooping from users, and hand over data linked to suspected illegal activities.

Police must still first obtain a warrant to require compliance by the tech companies.

The new law passed the Senate after a last minute deal was struck with the opposition Labour Party, which had demanded for more oversight and safeguards in how the powers authorized by the law are used by government agencies. Under the deal, the Conservative-led coalition government agreed to add amendments next year. The bill passed the lower house earlier on Thursday.

The conservative government has argued police need greater powers to access personal communications to thwart terror attacks and organized crime.

Global communications firms have argues that the law would force them to create vulnerabilities in their products which could then be used by bad actors – state-sponsored or criminal — to gain a back door access to users’ data. They tech firms are also concerned with how the law’s secrecy provisions will impact their business models and consumer privacy.

Techcrunch notes that the Australian Law Council, an organization representing the legal profession, supports giving intelligence agencies additional powers to ensure security, but had warned of unintended consequences of ramming the bill through.

Failing to properly scrutinize this bill risks unintended consequences which may impact on the privacy and rights of law-abiding Australian citizens, the media and corporate sector,” Arthur Moses, president-elect of the Law Council of Australia, said earlier this week.

The law has also raises questions about what some analysts describe as “policy laundering” through Australia: Australia is a member of the “Five Eyes” intelligence-sharing group which includes the United States, Britain, Canada, and New Zealand.

There is an extraterritorial dimension to it, where for example the U.S. would be able to make … a request directly to Australia to get information from Facebook or a tech company,” Queensland University of Technology’s technology regulation researcher Monique Mann told AFP news agency.