Brandis Is Big On Words, Small On Answers On Encryption

Earlier this week Attorney General Brandis and Minister for Immigration and Border Protection Dutton visited Ottawa for meetings with their Five Eyes counterparts. One of the topics on the table was access to encrypted messaging data from services such as Signal, WhatsApp and iMessage. So, how did that all go?

During an interview earlier this week, following the meeting in Ottawa, Brandis was asked, on RN Breakfast, what the government was planning to do and, specifically, whether they were going to ask service providers to plant back doors into systems.

Brandis said

Well we’re not specifically asking them to do that and it’s not as simple as that. What we need is to develop, and what we’ll be asking the device makers and the ISPs to agree to, is a series of protocols as to the circumstances in which they will be able to provide voluntary assistance to law enforcement.

We already know tech companies comply with warrants, subpoenas and other legal instruments when they can hand data across but we are dealing with an entirely different matter here.

Citing laws in the UK, Brandis said those provisions "impose an obligation, subject to reasonableness of proportionality, upon providers to do whatever they reasonably can be expected to do to enable law enforcement to inspect messages that are the subject of encryption, or inspect devices.".

The "inspect devices" phrase in light of his earlier comment about device makers is the interesting one. When systems that employ strong encryption are attacked, the hackers usually work around the encryption. If the government is able to push a law that forces device makers to provide access to locked devices, thereby giving law enforcement access to the messages, then they could find a way around the message encryption.

What it sounds like is the government is not interested in using the encrypted messages during surveillance - perhaps they've given up that goal for now - but for use after a crime is committed as part of the discovery process for evidence.

Brandis didn't provide any specific guidance on what the government is planning but his words seemed quite careful and that he sees end-points as the gateway to encrypted data rather than "wire tapping" encrypted traffic.


Comments

    It's really not a surprise he has no in depth knowledge. He's just spouting buzz words and half truths that sound good in sound bytes on TV news.

    Knowing the competence of Mr. Brandis, he is likely still trying to steam open the "metadata envelope" the encrypted device was mailed in.

    A long time ago, a senator with hopes and dreams for his security policy to store metadata, was shattered at the first press conference when he was told it could be circumvented by any chat application that was standard on most MPs phones... this has been an itch he has to scratch, screw your rights to privacy or security. He wants control!

    Brandis and Dutton should both be put in a dinghy and dragged out to sea. ScoMo should be attached to said dinghy on rubber tube.

    The man's a Luddite, put someone in who knows what a VPN is and understands why it's a necessity.

Join the discussion!

Trending Stories Right Now