Wednesday, February 8, 2023

Australian Government’s Answer to Terror: Let Us Decrypt Everything

Australian Government’s Answer to Terror: Let Us Decrypt Everything

After two Australian citizens were killed in last week’s London terror attack, Attorney General George Brandis has floated the idea of forcing technology companies to decrypt users’ data under the guise of defeating terrorism.

Also read: Scam or Hack? Freewallet App Reportedly Sending ETH to a Single Address

Like many governments around the world, Brandis’s Liberal Party has been pushing for increased access to user data for a number of years. In 2014 the party passed laws requiring ISPs to retain users data for two years. Brandis is now not only making the case for forcible decryption, but also for improved warrant procedures and increased international cooperation between nations, despite Australia already being part of the global “Five Eyes” dragnet.

It seems like a move straight out of the Naomi Klein Shock Doctrine playbook, where policies are ushered into law in the aftermath of a tragedy, while the population is still grieving and in shock: a policy waiting for a crisis.

Facebook Generation’s Attitude to Privacy ‘Entirely Different’

George Brandis Australian senator
George Brandis

Traditionally though, there has been major pushback when it comes to the weakening of privacy laws, with civil liberties groups leading the way. Brandis is trying to downplay those concerns by stating that attitudes to privacy have changed, “In the Facebook generation, when people put more and more of their own personal data out there, I think there is an entirely different attitude to privacy among young people then there was than perhaps a generation or two ago.”

Infamous for a shambolic live interview where he failed to explain the concept of metadata, Brandis is looking to reassure the public that the government will not be asking companies to provide backdoors into their products, yet he goes on to say that “[i]f there are encryption keys then those encryption keys have to be put at the disposal of the authorities”.

Australian Greens senator Scott Ludlam, who led the opposition to Brandis’s metadata proposal, was quick to point out Brandis continues struggles with technological concepts, saying it’s “just so much bullshit” and that “Brandis manages in the same breath to say he doesn’t want backdoors, he just wants the encryption keys, where to even begin?”

Companies Resist Political Pressure to Decrypt

Political pressure to enact similar laws, and examples such as Apple being pushed to unlock the San Bernadino terrorists’ iPhone, has seen a trend in the market whereby companies like WhatsApp design products with end-to-end encryption so they cannot access user data even if they wanted to.

Apart from this market-led move, enforcing decryption is near on impossible due to jurisdictional issues — how can a government force a company to decrypt users’ data when they are located in a country not party to a formal agreement? It goes without saying that if some agreement were to be reached, users would simply migrate to an encrypted application whose server did not reside in a signatory country.

The irony of the Australian government’s stance is that so many scandals seen today are data related: hacked emails, data breaches, leaks and the popularity of darknet ‘carding’ sites. And not just that — in Australia, due to leaks from within the government during the recent overthrow of the former Prime Minister, many politicians themselves resorted to communicating via encrypted messaging app, Wickr.

Governments Already Have Plenty of Info on Terrorists

London telephone boxIt is also interesting to note that the London terrorist attackers, whose actions have reignited the encryption debate, have a murky past as detailed in this article. Investigative journalist John Pilger wrote the Manchester Arena suicide bomber “was part of an extremist group, the Libyan Islamic Fighting Group, that thrived in Manchester and was cultivated and used by MI5 for more than 20 years”. These LIFG jihadists “were allowed to travel unhindered across Europe and encouraged to engage in “battle”: first to remove Mu’ammar Gaddafi in Libya, then to join al-Qaida affiliated groups in Syria.”

This would suggest that encryption isn’t the problem, nor are current policing methods inadequate — the London Bridge attackers had been reported to authorities on numerous occasions. Rather, it suggests that governments see encryption as a threat to their ability to monitor the general public.

Unfortunately for governments, it increasingly looks as though the encryption ship has already sailed. As politicians attempt to try and skew the public discourse surrounding encryption towards fighting crime and terrorism, a post Snowden and post crypto world has emerged, where ransomware is becoming part of the public lexicon. The likely result is mainstream awareness and implementation of better encryption and security standards.

Would the authorities’ greater access to encrypted data make anyone more secure? Let’s hear your thoughts.

Images via Wikipedia, Wikimedia Commons

Bitsonline Email Newsletter