A step forward for national security, or a step backward for data protection advocates? The new laws passed in Australia on Thursday are launching a new debate about access to encrypted data.
By Mario L. Major
Pixabay
Although the maintenance of energy supplies and raw materials remains a subject of concern, in the 21st century the most important resource has without a doubt become data.
Whether we're discussing virtual private networks (VPNs) or quantum computers, civil society and government are seeking ways to guard the data that is sent around.
As connection capabilities continue to expand and evolve, supported by sophisticated systems, security remains a more important priority than ever. With this in mind, Australia has passed a set of sweeping controversial laws centered around the issue.
A Controversial Stance
The new laws would essentially grant law enforcement permission to access encrypted data.
Not surprisingly, three of the leading tech companies have all formally voiced their opposition: they include Facebook, Google, and Twitter, and it no doubts tech giant Apple will not be too far behind.
Still, the loudest concerns were raised by people who feared the effect it would have on tech startups in the days leading up to the laws' being passed:
Ensure that the #aaBill isn't passed. If the #aaBill passes, all Australian software / tech startups will be non-compatible with E.U. laws like GDPR: you'll be unable to have E.U. customers as clients and users without risking fines.
"Any vulnerability would just weaken the existing encryption scheme, affecting security overall for innocent people," explained Dr. Chris Culnane from the University of Melbourne.
There's even energy gaining from the tech startup community to repeal the law, which came in the form of an open letter to the Australian government.
The Details of the New Laws
Aimed at industry-government cooperation, the laws grew out of the "Assistance and Access Bill", and are are designed around three levels of "assistance" which would be involved specificially in gaining acess to encrypted massages:
Technical assistance notice: This includes issuing a notice for tech companies to cough up decryption "they are already capable of providing that is reasonable, proportionate, practicable and technically feasible", provided that the request is within their "existing means"
Technical capability notice: This one originated from the attorney general, and it's a kind of legal directive for tech companies to "build a new capability" that will assist law enforcement. Strictly worded, it asks them to do this without "remov[ing] electronic protection, such as encryption."
Technical assistance request: This one is the most broadly worded, calling on tech companies to provide "voluntary assistance" to law enforcement with the aims of "safeguarding of national security and the enforcement of the law."
Australia is Creating Momentum in the International Community
The country has become the first in the world to put the landmark measures into law, and the influential place of the country as one part of the Five Eyes (FVEY) security alliance--which also includes the United States, New Zealans, Britain and Canada--means that the sweeping laws could have far-reaching implications.
The discussions around governments' accessing encrypted data has been going on for several months, which means that the laws from Australia are a manifestation of an ongoing debate.
FVEY nations issued a joint statement in September of this year in a document named "Statement of Principles on Access to Evidence and Encryption". In it, they spell out their objectives:
"Should governments continue to encounter impediments to lawful access to information necessary to aid the protection of the citizens of our countries, we may pursue technological, enforcement, legislative or other measures to achieve lawful access solutions."
Any unintended or implied 1984 references aside, this compelling statement and this new set of high stakes laws will--whether one is on the side of government, the tech companies, or both--will fundamentally affect the nature of the way private information is shared.
In the same way that the symbolic bell on Wall Street is rung to start the day of trading, a new set of symbolic bells in the information era have been rung this year.
By Mario L. Major
Pixabay
Although the maintenance of energy supplies and raw materials remains a subject of concern, in the 21st century the most important resource has without a doubt become data.
Whether we're discussing virtual private networks (VPNs) or quantum computers, civil society and government are seeking ways to guard the data that is sent around.
As connection capabilities continue to expand and evolve, supported by sophisticated systems, security remains a more important priority than ever. With this in mind, Australia has passed a set of sweeping controversial laws centered around the issue.
A Controversial Stance
The new laws would essentially grant law enforcement permission to access encrypted data.
Not surprisingly, three of the leading tech companies have all formally voiced their opposition: they include Facebook, Google, and Twitter, and it no doubts tech giant Apple will not be too far behind.
Still, the loudest concerns were raised by people who feared the effect it would have on tech startups in the days leading up to the laws' being passed:
Ensure that the #aaBill isn't passed. If the #aaBill passes, all Australian software / tech startups will be non-compatible with E.U. laws like GDPR: you'll be unable to have E.U. customers as clients and users without risking fines.
"Any vulnerability would just weaken the existing encryption scheme, affecting security overall for innocent people," explained Dr. Chris Culnane from the University of Melbourne.
There's even energy gaining from the tech startup community to repeal the law, which came in the form of an open letter to the Australian government.
The Details of the New Laws
Aimed at industry-government cooperation, the laws grew out of the "Assistance and Access Bill", and are are designed around three levels of "assistance" which would be involved specificially in gaining acess to encrypted massages:
Technical assistance notice: This includes issuing a notice for tech companies to cough up decryption "they are already capable of providing that is reasonable, proportionate, practicable and technically feasible", provided that the request is within their "existing means"
Technical capability notice: This one originated from the attorney general, and it's a kind of legal directive for tech companies to "build a new capability" that will assist law enforcement. Strictly worded, it asks them to do this without "remov[ing] electronic protection, such as encryption."
Technical assistance request: This one is the most broadly worded, calling on tech companies to provide "voluntary assistance" to law enforcement with the aims of "safeguarding of national security and the enforcement of the law."
Australia is Creating Momentum in the International Community
The country has become the first in the world to put the landmark measures into law, and the influential place of the country as one part of the Five Eyes (FVEY) security alliance--which also includes the United States, New Zealans, Britain and Canada--means that the sweeping laws could have far-reaching implications.
The discussions around governments' accessing encrypted data has been going on for several months, which means that the laws from Australia are a manifestation of an ongoing debate.
FVEY nations issued a joint statement in September of this year in a document named "Statement of Principles on Access to Evidence and Encryption". In it, they spell out their objectives:
"Should governments continue to encounter impediments to lawful access to information necessary to aid the protection of the citizens of our countries, we may pursue technological, enforcement, legislative or other measures to achieve lawful access solutions."
Any unintended or implied 1984 references aside, this compelling statement and this new set of high stakes laws will--whether one is on the side of government, the tech companies, or both--will fundamentally affect the nature of the way private information is shared.
In the same way that the symbolic bell on Wall Street is rung to start the day of trading, a new set of symbolic bells in the information era have been rung this year.