Govt eyes carrot and stick approach to encryption crackdown
- 17 July, 2017 10:18
George Brandis - Australian Attorney General (picture courtsey of Neil Duncan & Deutsche Messe via Flickr)
It looks as though the Federal Government hopes to adopt a carrot and stick approach to the implementation of its proposed laws to compel tech companies to help Australian security forces access encrypted messages.
Prime Minister, Malcolm Turnbull, confirmed on 14 July that the Government would seek to introduce the new legislation by the end of the year, in a bid to give Australian law enforcement and security agencies greater ability to access encrypted messages for investigations.
As yet, the Government has provided little additional detail about the proposed legislation.
However, Attorney-General, George Brandis, has since revealed that the Government intends to give the tech companies set to be affected by the laws, such as Google and Facebook, the opportunity to voluntarily cooperate to investigation requests before the new laws compel them to cooperate.
“The Government hasn’t said that it won’t legislate unless it doesn’t get cooperation,” Brandis told Sky News on 16 July. “What we have said is that we will legislate but that we would prefer there to be voluntary protocols as a first preference so this is not an either or proposition.
“We’ll be pursing both of those avenues,” he said. “We will be seeking and, in particular, Australia’s Five Eyes partners will also be seeking voluntary cooperation from the tech companies but we will also be legislating so that we do have that coercive power if need be, if we don’t get the cooperation we seek.”
Brandis reiterated the Government’s move to model the proposed laws on the United Kingdom’s Investigatory Powers Act 2016, which legislated for an obligation among messaging platform operators to cooperate with investigators looking to access such messages.
“What we’ll be guided by is, in particular, the provisions that was enacted by the British Parliament last year in its Investigatory Powers Act, which sets up a scheme – a time of warrant, in effect – called a technical capability notice,” Brandis said. “And the way that works is that a proper authority may issue to a tech company a notice requiring them to assist authorities in accessing communications, subject to overriding requirements reasonableness and proportionality.
“Now, the point I’m at pains to make is that this is not a new kind of legal obligation. All we are doing is trying to make sure the law stays abreast of developments in technology,” he said.
However, it remains to be seen how tech companies operating locally will respond to the proposed legislation, with Brandis revealing that he intends to meet with some of the biggest players in the Australia market to gauge their stance.
“I don’t want to pre-empt any discussions that the Government is having,” he said. “I’m, for example, seeing Apple this coming week and I want these discussions to be as constructive and as cooperative as they can possibly be because as I said a moment ago, our first preference is voluntary cooperation.
"So for that reason I’m not going to essay a critique of the companies at this early point in the discussions,” he said.
This might be tricky, given Apple’s famous and steadfast refusal to help US law enforcement officials help in getting access to data on the iPhone of the man at the centre of the San Bernardino shootings in late 2015.
In that case, Apple chief, Tim Cook, refused to backtrack on his company’s stance to keep its users’ data private.
As the Government works to get tech companies onside, some commentators have said that the proposed laws could, in fact, weaken cybersecurity and encourage more cyberattacks by terrorists –one of the very things the new laws are aimed at cracking down on.
“Weakening security in one area to protect against terrorist attacks on the ground could increase the risk of cyberattacks by terrorists and hostile nations, and increase the likelihood of cybercrime,” the director of the University of Western Australia’s Centre for Software Practice, David Glance, said in an article he penned for The Conversation.
“While it is clear that being able to read encrypted messages would be an advantage for law enforcement and security in the short term, terrorists and criminals would quickly shift to other non-regulated forms of encryption,” Glance argued.
Meanwhile, the Minister Assisting the Prime Minister for Counter-Terrorism, Michael Keenan, is talking up the Government’s activities to combat cybercrime.
“This Coalition Government has put real money – $230 million – behind a National Cyber Security Strategy, and the Defence White Paper contains up to $400 million to enhance the cyber capabilities of our defence forces,” Keenan said.
“The Coalition Government will continue to collaborate with industry, business, academia, and the community to prepare for and respond to cyber threats,” he said.