image

Cybersecurity

Australia to force Facebook, Google to decrypt messages

PUBLISHED : Friday, 14 July, 2017, 2:17pm
UPDATED : Friday, 14 July, 2017, 10:46pm

The Australian government on Friday proposed a new cybersecurity law to force global technology companies such as Facebook and Google to help police by unscrambling encrypted messages sent by suspected extremists and other criminals.

But some experts, as well as Facebook, warned that weakening end-to-end encryption services so that police could eavesdrop would leave the companies vulnerable to hackers.

The new law would be modelled on Britain’s Investigatory Powers Act, which was passed by the British Parliament in November and gave intelligence agencies some of the most extensive surveillance powers in the Western world, the government said.

The Australian bill that would allow courts to order tech companies to quickly unlock communications will be introduced to Parliament by November, officials said.

Under the law, internet companies would have the same obligations telephone companies do to help law enforcement agencies, Prime Minister Malcolm Turnbull said. Law enforcement agencies would need warrants to access the communications.

There is a culture, particularly in the United States, a very libertarian culture, which is quite anti-government in the tech sector
Prime Minister Malcolm Turnbull

“We’ve got a real problem in that the law enforcement agencies are increasingly unable to find out what terrorists and drug traffickers and paedophile rings are up to because of the very high levels of encryption,” Turnbull told reporters.

“Where we can compel it, we will, but we will need the cooperation from the tech companies,” he added. The government expected resistance from some tech companies, many of them based in the United States. But the companies “know morally they should” cooperate, Turnbull said.

“There is a culture, particularly in the United States, a very libertarian culture, which is quite anti-government in the tech sector,” Turnbull said.

“We need to say with one voice to Silicon Valley and its emulators: ‘All right, you’ve devised these great platforms, now you’ve got to help us to ensure that the rule of law prevails,’” he added. Attorney General George Brandis described the growth of encrypted communication applications such as WhatsApp, Signal, Facebook Messenger and iMessage as “potentially the greatest degradation of intelligence and law enforcement capability that we have seen in our lifetime”.

Brandis said he met the British government’s chief cryptographer last week and believed it was technically possible to decode encrypted messages in a time frame that police needed to act.

This could be achieved without so-called back doors – built-in weaknesses that allowed a tech company access to a communication but could also leave it vulnerable to hackers, Brandis said.

Facebook said it had a protocol to respond to requests for police help. But the social media giant said it could not read individual encrypted messages.

Australia launches cybersecurity campaign with budget of A$230 million

“Weakening encrypted systems for them [police] would mean weakening it for everyone,” a Facebook statement said on Friday. Australia was a major driver of a statement agreed at the Group of 20 leaders’ summit in Germany last week that called on the tech industry to provide “lawful and non-arbitrary access to available information” needed to protect against terrorist threats.

The Australian Federal Police say the proportion of communication traffic they monitor that was encrypted had grown from 3 per cent to more than 55 per cent in only a few years.

Police say 65 per cent of organised crime investigations including terrorism and paedophile rings involved some kind of encryption.