The Anti-Terrorism Encryption Laws We Can't Afford To Get Wrong
Home Affairs Minister Peter Dutton is ramping up support for legislation that would allow the government to read encrypted messages, following a foiled terrorist plot in Melbourne.
But what does it mean for you, and how possible is it for the Australian government to read your private messages?
Police say the three men charged with terrorism offences in Melbourne on Tuesday were using an encrypted messaging tool, prompting Dutton to renew calls for greater police access to encrypted communications.
He told Sky News he would like a committee dealing with these laws, chaired by Liberal MP Andrew Hastie, to speed up its deliberations.
In turn, Hastie said despite the urgency the committee was still in the middle of the inquiry. With three public hearings before the end of the year, it's unlikely the bill will pass.
But terrorism and encryption experts are warning that we need to be paying more attention to what our government is trying to push through under the guise of national security.
Not only could the bill do more harm than good, they said, but it could threaten national security, personal freedom, and Australian democracy itself.
How terrorists use encrypted messages?
It's "very common" for terrorists or would-be terrorists to use encrypted messaging platforms, Dr. Andre Obeler, a cyber security expert at the La Trobe University and CEO of the Online Hate Prevention Institute, told 10 daily.
"The applications are free and widely available -- if you were doing something you didn't want monitored, why wouldn't you use encrypted communications?" he said.
About 90 percent of lawfully intercepted data uses some form of encryption, according to the Australian Federal Police, with Signal, WhatsApp, Wickr, Telegram, Viber and Skype all used to some degree.
Essentially, the government wants access to these encrypted messages in the same way they use to be able to listen in on phone calls, Obeler said, but that brings with it a whole host of problems that the government isn't equipped to deal with.
The new laws would give the government the power to require a provider to give them access to encrypted data.
"The problem is, if you build a backdoor like this, there is no guarantee it won't be misused -- either accidentally or intentionally -- or that the company's security won't be compromised," Obeler said.
"Potentially, that backdoor will then be available to terrorist groups."
The 'fear of terrorism' and the Surveillance State
The government are using the "fear of terrorism" after this latest foiled plot to justify increasing the powers of the state at the expense of the people, Obeler said, and that Australia's terror threat doesn't justify this level of intervention into the rights of its citizens.
Dr. Suelette Dreyfus, a Melbourne University expert in cyber-security and privacy, told 10 daily that the proposed legislation as it stands is weak, widely drafted, and doesn't provide enough independent oversight.
"It lends itself to potential abuse of power," said said.
"When we think of traditional phone taps, we think well, if the government wanted to tap your phone, it had to get a warrant from a judge who decided there was good reason -- and evidence-- against each person whose phone was tapped. That is not the level of oversight protection being offered here."
How much do you need to worry?
Some might feel that if you have nothing to hide, you have nothing to fear; that is, unless you're planning on conducting terrorist activity or engaged in high level crime, who cares if the government can access your messages?
But there's a real risk of slipping into a security state, warns Dreyfus.
"You end up taking away the very freedoms that you are trying to protect in the first instance. We live our lives online, so this impact in the IT world is real," she said.
She said the government has used unsupported statistics and vague references to how "the bad guys" are using encryption without making that public.
"We’re giving up rights -- your right to privacy, your protections from misuse by government of its vast powers," she said.
"We also need far more evidence from the government proving that they have used every existing power they already have in this technology space before they ask for yet more powers. Their existing powers are already far-reaching."
Obeler takes this one step further, warning that Australia -- unlike almost all of its Western counterparts -- has no higher power to keep the government in check if they too far with the legislation.
"We're actually in a very weak position when it comes to our rights," he said. "We can't afford to get these laws wrong."
One of the government's stated aims would be to enable decryption, he said, which could cripple Australia's entire e-commerce system and send "Australia back to the Stone Age".
"They were talking about at one point banning strong encryption, which means companies would be banned from using any encryption the government doesn't have a way of breaking," he said.
"Now, if the government can break it, then very large scale criminal organisations will also be able to break it. And if your e-commerce is no longer secure, then that's going to put Australia back to the Stone Age."
Contact the author: email@example.com
Lead photo: Getty