Australian decryption laws expose users to cyberattack, says tech industry body

null

It was back in July 2017 when Australian Prime Minister Malcolm Turnbull announced the government’s intention to introduce new legislation that would “oblige” tech companies to help decrypt private communications in the name of national security.

The Federal government has now released a draft of the Assistance and Access Bill 2018, which, when passed into law, will force tech giants like Facebook, Google, Apple and Twitter to offer a degree of cooperation in accessing devices or messages on encrypted platforms.

A private industry body called The Digital Industry Group Inc (DIGI), representing the tech giants, has voiced its concerns over the draft bill in a statement on Monday, saying the government’s claim that the companies would not have to build backdoors into their products is false.

According to DIGI, allowing law enforcement authorities access to private messages would open a can of worms which could potentially expose users’ data to hacking.

Read more: Encrypted direct messages may be coming to Twitter

Opening Pandora’s box

The Bill gives Australia’s Attorney-General the authority to permit law enforcement agencies like the Australian Security Intelligence Organisation (ASIO) to intercept private messages, but DIGI says the companies can’t be asked to “implement or build a system weakness, or a systematic vulnerability, into a form of electronic protection”.

DIGI’s managing director, Nicole Buskiewicz, has said that protecting the users should be the government’s and the industry’s top priority, including “protecting the public’s privacy and data from attack” which “would likely be an unintentional consequence of the bill”.

“The reality is that creating security vulnerabilities, even if they are built to combat crime, leaves us all open to attack from criminals,” she added. “This could have devastating implications for individuals, businesses, public safety and the broader economy.”

The pros and cons

According to the Coalition government, more than 90% of private communications already being intercepted by the Australian Federal Police has some form of encryption, making the bill a necessity.

Australia’s law enforcement and cyber security minister Angus Taylor claims that encrypted messages have “directly impacted around 200 serious criminal and terrorism-related investigations in the last 12 months”, building a stronger case for the passing of the bill. 

However, the Opposition is still looking into the pros and cons of the proposed amendment, while the Greens are opposing it in its entirety, saying it is “undermining the very principle of end-to-end encryption”.