Posted on 01/14/2019 9:53:50 AM PST by rarestia
In a move supported by both major political parties in Australia, a bill named the Telecommunications Assistance and Access Bill 2018, has passed the House of Representatives and is headed to the upper House for a vote. Given its bi-partisan support and the position of PM Michael Turnbull regarding encryption, passage into law seems certain.
A Hacker News article provides additional details about the bill and its ramifications, not only for tech companies like Apple, Samsung, WhatsApp, Signal and others but also for individuals. The intended purpose of the legislation is to give the Australian government and security and law enforcement bodies leverage over companies that provide products with encryption capabilities in efforts to,
fight serious offenses such as crime, terrorist attacks, drug trafficking, smuggling, and sexual exploitation of children.
While all seem like good reasons for wanting access to the data and communications of suspected villains and bad actors, our Libertarian antennae are twitching. What is to prevent government agencies, and hackers once the means of accessing data become available, from expanding their surveillance at will? Naturally, the Australian government is quick to point out this will never be allowed since a court order to obtain the data is required.
Australia is the first of a group of five countries called the Five Eyes Nations to pass this type of legislation. Given the stances and statements from certain of the other four members; the United States, United Kingdom, New Zealand, and Canada, it seems inevitable that similar legislation will one day advance in those countries as well.
The bill does not require manufacturers to build systemic weaknesses or backdoors into their hardware or software. It just requires those companies to provide the ability to gather data on suspects when ordered to by Australian authorities. The bill requires tech companies to provide access to data before it is encrypted, either on the sending or receiving end. The problem with this approach is that once developed, hackers and bad actors wont be far behind in gaining the same capabilities.
PM Michael Turnbull, along with the United States FBI, seems unconcerned with the civil liberties that might be trampled. All that matters is national security. Again, a noble sentiment, but history repeatedly demonstrates how powers like these end up being abused.
Here are the three levels of cooperation the bill creates, as spelled out in the Hacker News article:
Technical Assistance Request (TAR): A notice to request tech companies for providing voluntary assistance to law enforcement, which includes removing electronic protection, providing technical information, installing software, putting information in a particular format and facilitating access to devices or services. Technical Assistance Notice (TAN): This notice requires, rather than request, tech companies to give assistance they are already capable of providing that is reasonable, proportionate, practical and technically feasible, giving Australian agencies the flexibility to seek decryption of encrypted communications in circumstances where companies have existing means to do it (like at points where messages are not end-to-end encrypted). Technical Capability Notice (TCN): This notice is issued by the Attorney-General requiring companies to build a new capability to decrypt communications for Australian law enforcement.
The Hacker News article excerpts two statements from the bill and provides a link to the bills PDF.
The Bill could allow the government to order the makers of smart home speakers to install persistent eavesdropping capabilities into a persons home, require a provider to monitor health data of its customers for indications of drug use, or require the development of tool that can unlock a particular users device regardless of whether such [a] tool could be used to unlock every other users device as well
While we share the goal of protecting the public and communities, we believe more work needs to be done on the Bill to iron out the ambiguities on encryption and security to ensure that Australian are protected to the greatest extent possible in the digital world.
Pretty chilling stuff. And, just when I have gotten the hang of Alexa. Apple responded to the passage of the bill in the House of Representatives with the following statements,
Encryption is simply math. Any process that weakens the mathematical models that protect user data for anyone will by extension weaken the protections for everyone.
It would be wrong to weaken security for millions of law-abiding customers in order to investigate the very few who pose a threat, the tech giant added.
As the old saying goes, the genie is out of the bottle, with the passage, and likely signing into law, of the legislation. As individuals, groups, and companies, we should all be watchful of the effects this legislation has in Australia and elsewhere.
Because if your message can't fit on a postcard, you're verbose!
How will Australia prevent individuals from continuing to use encryption?
The tech wizards who come up with this stuff are smarter than your average legislator by several degrees of magnitude. It won’t be long until they come up with something new that will get their knickers into even more of a twist.
“PM Michael Turnbull, along with the United States FBI, seems unconcerned with the civil liberties that might be trampled. All that matters is national security. “
And it never occurs to them that this -very- concept ends the republic we used to have. Universal surveillance and all privacy stripped away...to protect the republic our founders created.
As George Carlin said, that’s like F-ing for virginity.
“I wonder if The Founders would have outlawed ENVELOPES..?”
Fantastic analogy.
Depending upon how the law is written, you may only be able to "get around restrictions" until you're caught. Penalties would obviously have to be quite severe to dissuade others from violating the law - likely a capital offense in some countries - and since everyone who broke such laws, by acting in cooperation would be conspirators, penalties would likely have provisions for this as well.
While you may have secret codes/words between individuals, it isn't able to be automated to any real extent, which hampers the ability to communicate ideas, news, data, etc., worldwide.
Secure freedom, by putting a stop to government/corporate intrusiveness, or become slaves to those at the top for generations to come.
DL’d sample. TY for your dedication to freedom and service to country!
Use open source GPG. It is functionally unbreakable.
That’s just fine- until it’s YOU they are investigating. Commies now, conservatives later...goose, gander.
The FBI has been pushing for the same thing here since Comey’s tenure.
In other words, what about my own data at rest? Without sending anything anywhere, I can encrypt data stored on my own device. In fact, I can encrypt data stored on a usb stick and then deliver (hand carry, mail, UPS, DHL, a friend, a mule...) that stick anywhere. I can put my key on another stick, and separately deliver that stick to wherever I sent the encrypted data one.
Is there any requirement to share my key with the government?
How would they know I even encrypted my own data?
Another thing...
What about the cloud?
Suppose I encrypt some data on my local server, using a very secure, not-government hacked encryption system (I won’t mention which, but there are several).
Then, I upload the encrypted data to storage on AWS, as raw data.
Then I copy that encrypted data from AWS to Azure, and then move it to a storage account in the East Australia Azure region. I kept it raw in each transfer.
I personally, stayed here in Alabama while I sent my encrypted data to all those locations...
Have I violated Australian law, and can they extradite me?
“government is quick to point out this (surveillance at will) will never be allowed since a court order to obtain the data is required.”
...unless a single judge signs an order for everything - as they already have done for the NSA. Stroke of the pen...
“Australia Bans Encryption!”
The type of control freak pukes who become politicians, bureaucrats, HOA board members, city councilmen, etc get their rocks by banning things.
“Lots of ways to get around restrictions on encryption. “
Once the “authorities” find out, they will criminalize it. But you are right...you can create your own unbreakable encryption system.
Post of the Day!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.