Labor Has Backed An Encryption Bill With 'Significant Outstanding Issues'

Image: Getty Images

Within a few hours of publishing a story yesterday, whatever faith I had in the federal opposition was dashed. After saying the government's encryption legislation was on shaky ground, the soft underbelly of the opposition was exposed. With the government playing their "soft on terrorism" cards the opposition rolled over and said they would support the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 with a few modifications.

Yesterday, I said the encryption all was on shaky ground. But by later afternoon the opposition said it would support the legislation with a few amendments they negotiated with the Coalition government.

To add some insult to this, the Shadow Attorney General Mark Dreyfus said the bill was “far from perfect and there are likely to be significant outstanding issues”.

In other words, the opposition is going to support a bill they know is flawed.

The legislation was reviewed by a joint parliamentary committee that was struggling to reach a consensus. So, Mr Dreyfus has said the legislation will continue to be reviewed and amended after it is passed. Which is effectively saying that they know its broken but bad laws are better than no laws.

I wrote to Mr Dreyfus personally a week ago saying to him:

I wish to voice my view with regards to the proposed “Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018", better known as the encryption bill.

The proposed laws in the encryption bill won't strengthen national security or thwart the efforts of criminals.

Although it is true that tools like WhatsApp, Apple iMessage, Signal, Telegram and others are used by criminals, the tools to create encrypted communications are freely available through the Open Source community. So, asking large tech companies to provide access to encrypted communications will do little to curb the actions of criminals and to would undermine the privacy of every citizen.

The bad guys will roll their own tools, use VPNs and the government will have weakened security for everyone without making an iota of difference to criminals they say they are trying to hinder.

The slightly revised legislation will define the term "systemic weakness". That's important as the government can compel a service provider to provide access to encrypted communications but they cannot do so in a way that introduces a systemic weakness.

Given the only way to read encrypted communications is with a decryption key, this will mean the systems we use today will either have weaker encryption or a second set of keys.

At least the amended legislation will require some further oversight where such a request to a service provider, called a "technical capability notice" would require both the Attorney General and Communications Minister to sign off.

The opposition's negotiation for ongoing review is basically bullshit. There's no other way to put it. Even if the joint parliamentary committee recommends a change to the legislation, there's no requirement on the government to take that recommendation on board. And I don't recall a single piece of law that expanded the powers of law enforcement ever being rescinded or limited by an amendment.

The government has played their fear card once again, saying that Christmas is a heightened risk period, and that the laws must be passed to protect us. But if there is a credible threat why aren't the police already on the case? And if there isn't, then the new laws won't matter.

I can't see these laws being pulled back when the current climate of fear is so prevalent in government. So, we end up with weaker privacy for all and the criminals won't care.


Comments

    Given the only way to read encrypted communications is with a decryption key, this will mean the systems we use today will either have weaker encryption or a second set of keys.

    The worst part this, this measure is easily circumvented: pre-encrypt one's content before using such a service.

    Even if the private key is handed over, it's not for the content itself. Bad actors don't even have to roll their own solution: they simply combine multiple solutions.

    This will give them more "power" but they are at best only going to get the little fish and string up the innocent at worse.

      One other possible consequence is for companies providing encrypted communications to simply cease having a legal Australian presence and therefore putting themselves out of shot of a technical compliance notice.

    I've just emailed by federal reps member.

    I suggest everyone take the opportunity to do so.

    What the actual fuck, ALP? You guys gave support to something you know was complete bullshit? You were supposed to protect privacy, not destroy it!

      Can't tell if you're being sarcastic or not (the latter part hints as such) thus sorry I have missed it.

      In terms of Labor though, what do you expect?

      Back when they were in office, Conroy tried to "filter" the Internet and kept updating the freedom of information act to hide both what was to be filtered and then some.

      The reason Labor supported this? They always liked such ideas. The filter was just the lite version, now Labor is going for the full cream version.

        I don’t know if I’m being sarcastic or not.

        That’s how terrible our political landscape has become.

Join the discussion!

Trending Stories Right Now