Australia wants Five Eyes to squeeze tech firms on encryption

The political rhetoric against strong encryption continues to crank up. Reuters reports today that Australia will be pushing for greater powers for countries to tackle the use of encrypted messaging services by terrorists and criminals at an upcoming meeting of ministers from the so-called Five Eyes intelligence network.

I will create the need to address ongoing challenges posed by terrorists and felons using encryption, Australian Attorney General Senator Brandis is quoted as telling, ahead of the session of different groups next week.

These deliberations will focus on the need to cooperate with service providers to ensure reasonable assistance is provided to law enforcement and security agencies.

The Five Eyes countries are: the US, the UK, Canada, Australia and New Zealand.

In the UK a legislative framework has already been put in place which is widely interpreted as having powers to obligate companies to remove encryption and/ or limit the use of end-to-end encryption to secure services( aka, the Investigatory Powers Act ).

The final piece is a statutory instrument called a Technical Capability Notice( TCN) intended to be served on comms services providers to obligate decrypted access, i.e. provided the authorities have a warrant and have passed certain proportionality exams intended to safeguard misuse of the power.

Prior to the UKs general election earlier this month, government ministers were reportedly intending to push the instrument through a vote in parliament although the Conservatives went on to lose their majority in the election. Its not yet clear whether their plans will be delayed or face major opposition from opponent MPs.

But it is clear that the UKs legislative lead on decryption powers is having geopolitical ramifications.( The wider Europe Union is also currently considering how to respond to the rising utilize of strong encryption by digital services though no legislative proposals have emerged as yet .)

Earlier this month Australias Brandis told Sky News hes a fan of the UKs IP Act, and said the country wants to encourage all Five Eyes nations to pursue a similar strategy of ramping up the legal obligations on tech companies and device makers to as he set it co-operate with authorities in decrypting communications.

He has also previously told Australia does not want to mandate backdoors in services. However in the same Sky News interview Brandis argues that pressuring companies to break their own encryption does not constitute a backdoor. Which is genuinely a game of semantics.

In the UK under the Investigatory Powers Act that was passed last year their authorities have the capability to issue to a device manufacturer or a social media company a[ TCN] which imposes subject to exams of reasonableness and proportionality imposes on them a great obligation to work with authorities where a notice is given to them to assist in transgressing a communication. So thats not backdooring.

My concern is that the existing[ domestic] law do[ es] nt have had enough in enforcing obligations of co-operation upon the corporates, he added. In the first instance the best route to approach this is to solicit the co-op of companies like Apple and Facebook and Google and so on. I think there has been a change of the culture in the last year or more.

There is a much greater conscious, proactive willingness on the part of the companies to be co-operative. We require the legal sanction as well.

Weve reached out to Facebook, the parent company of end-to-end encrypted messaging service WhatsApp, for comment on this latest push for increased cooperation to break encryption and will update this story with any response.

The company is already facing increasing pressure on this front from UK government ministers. And earlier this month the Home Secretary, Amber Rudd, called on companies to limit the use of end-to-end encryption.

On Friday Facebooks COO, Sheryl Sandberg, met with Rudd for discussionsbilled as including e2e encryption and co-operating with law enforcement, as well as wider tech industry attempts to clamp down on extremism online.

In a statement following the meeting, Sandberg said: We had a constructive meeting with the Home Secretary. We briefed her and her team on our efforts to keep terrorists off Facebook and the launch of our counter speech initiative in the UK earlier today.

Apples iMessage is another e2e encrypted messaging services. The company went through a high profile legal battle against the FBI last year over access to a locked iPhone after the agency tried to use the courts to require the company weaken the security of iOS so the passcode on the device could be brute forced.

In the end the FBI transgressed into the device by buying an iOS vulnerability via a third party company.However the idea that encryption is a blocker to intelligence and law enforcement investigations has gained the attention of some US lawmakers. Senator Dianne Fenstein, for example, has indicated she intends to build another attempt at passing a decrypt law.

Earlier this month The Sydney Morning Heraldalso reported Brandis saying Australia wants its Five Eyes allies to have common standards to enable one countrys warrants to be more easily actionable via authorities in another arguing that mechanisms for warrant exchanges aremore limited than they should be.

Make sure to visit: