By the end of 2017, the Australian federal government will propose new legislation that will force the hand of technology giants. These laws will oblige companies like Facebook and Apple to decrypt messages that are sent or received by suspected criminals, drug traffickers, pedophile rings and terrorists upon the request of law enforcement agencies. The government will also have the ability to monitor devices and networks.
Encrypted messaging applications protect the user's conversations by scrambling the sender's original message (or the plaintext) so it becomes incomprehensible (or ciphertext). To decrypt such messages a decryption key consisting of a series of letters and numbers is required. This key is only available on the receiver's phone which automatically deciphers the message.
The possible range of decryption codes is so large that it is nearly impossible to crack, but there are several ways in which decryption keys can be provided. One way to do this is by encrypting the message for the receiver and the service provider so that they both have the decryption key. Alternatively, tech companies can copy the message prior to it being encrypted for sending or after it is decrypted upon receival.
However, this can only be implemented if a warrant is served to the company, obliging them by law to assist in police investigations. But a Facebook spokesperson said, "Weakening encrypted systems for law enforcement would mean weakening it for everyone". If this law is successfully implemented, Australians will be exposed to a higher risk of attack from cybercriminals.
While Prime Minister Malcolm Turnbull claims that these laws are for the sake of protecting Australians, the country's track record for keeping its citizens secure online is questionable. In July of 2017, a Guardian journalist was able to buy his own Medicare details from a Darknet seller. What is worse is that the breach was not thoroughly investigated until he brought it to the attention of the authorities.
As a result, concerns are mounting and people are worried about what that could mean for them. If decryption keys become available to the service provider and government agencies, privacy can no longer be guaranteed. Consequently, wary citizens may choose to switch to more secure service providers even if they risk breaking the law.
These laws have also sparked a major controversy regarding whether they require creating a backdoor into social media systems. When Prime Minister Turnbull was asked about this, he said, "We're not talking about that (backdoors), we're talking about lawful access". However, he did not try to explain how this initiative is any different to a backdoor.
There has been discussion regarding the ability of international software providers to simply refuse to cooperate since they are located abroad and are free of Australian law. But it seems that Prime Minister Turnbull has taken this into consideration. During a press conference he said, "What the G20 agreed, at Australia's initiative, is that we need to say in one voice to Silicon Valley and its emulators--you've devised these great platforms. Now, you've got to help us to ensure that the rule of law prevails..." This could mean that other G20 member countries might assist the Australian Government in enforcing these new laws by implementing similar ones.
The United Kingdom and New Zealand have already put similar laws in place over recent years and it appears many more countries may follow. In 2013, New Zealand introduced the Telecommunications (Interception Capability and Security) Act. Like Australia's upcoming law, this act was extremely vague and was not clarified even after Tech Liberties NZ, a civil liberties group released a statement suggesting some clarifications. Similarly, in 2016 the UK passed the Investigatory Powers Act without much objection from the public or the opposition party.