The political rhetoric against strong encryption continues to crank up. Reuters reports today that Australia will be pushing for greater powers for countries to tackle the use of encrypted messaging services by terrorists and criminals at an upcoming meeting of ministers from the so-called ‘Five Eyes’ intelligence network.
“I will raise the need to address ongoing challenges posed by terrorists and criminals using encryption,” Australian Attorney General Senator Brandis is quoted as saying, ahead of the meeting of the group next week iphone 3g cases
“These discussions will focus on the need to cooperate with service providers to ensure reasonable assistance is provided to law enforcement and security agencies.”
The Five Eyes countries are: the US, the UK, Canada, Australia and New Zealand.
In the UK a legislative framework has already been put in place which is widely interpreted as having powers to compel companies to remove encryption and/or limit the use of end-to-end encryption to secure services (aka, the Investigatory Powers Act).
The final piece is a statutory instrument called a Technical Capability Notice (TCN) intended to be served on comms services providers to compel decrypted access, i.e. provided the authorities have a warrant and have passed certain proportionality tests intended to safeguard misuse of the power storage shelving
Prior to the UK’s general election earlier this month, government ministers were reportedly intending to push the instrument through a vote in parliament — although the Conservatives went on to lose their majority in the election. It’s not yet clear whether their plans will be delayed or face major opposition from opposition MPs.
But it is clear that the UK’s legislative ‘lead’ on decryption powers is having geopolitical ramifications. (The wider Europe Union is also currently considering how to respond to the rising use of strong encryption by digital services — though no legislative proposals have emerged as yet.)
Earlier this month Australia’s Brandis told Sky News he’s a fan of the UK’s IP Act, and said the country wants to encourage all Five Eyes nations to pursue a similar strategy of ramping up the legal obligations on tech companies and device makers to — as he put it — “co-operate with authorities in decrypting communications”.
He has also previously said Australia does not want to mandate backdoors in services. However in the same Sky News interview Brandis argues that pressuring companies to break their own encryption does not constitute a backdoor. Which is really a game of semantics.
“In the UK under the Investigatory Powers Act that was passed last year their authorities have the capability to issue to a device maker or a social media company… a [TCN] which imposes — subject to tests of reasonableness and proportionality — imposes on them a great obligation to work with authorities where a notice is given to them to assist in breaking a communication. So that’s not backdooring.”
“My concern is that the existing [domestic] law… do[es]n’t go far enough in imposing obligations of co-operation upon the corporates,” he added. “In the first instance the best way to approach this is to solicit the co-op of companies like Apple and Facebook and Google and so on. I think there has been a change of the culture in the last year or more VPN HK
“There is a much greater conscious, proactive willingness on the part of the companies to be co-operative. We need the legal sanction as well.”
We’ve reached out to Facebook, the parent company of end-to-end encrypted messaging service WhatsApp, for comment on this latest push for increased “cooperation” to break encryption — and will update this story with any response.