Australia To Introduce Own Version of ‘Snooper’s Charter’

Australian Prime Minister Malcolm Turnbull is reportedly seeking to introduce a law that will force technology companies to give law enforcement agencies access to encrypted messages.

Like the UK Investigatory Powers Act

The proposed law is to be introduced with the stated intention of reducing online criminal activity e.g. terrorism, and looks set to be a beefed-up version of the UK’s Investigatory Powers Act (also known as the ‘Snooper’s Charter’).

Give Access To Encrypted Messages

As with the UK’s Act, one of the main aims of Australia’s new law will be to give their government the power to force technology companies to give law enforcement agencies access to encrypted messages / seek an end to the end-to-end encryption model, and oblige them to assist security forces in their investigations in other ways.

Companies that are likely to be targeted by the laws include Facebook and Google, as well as device manufacturers like Apple and Samsung. In the UK for example, the Investigatory Powers Act has also reportedly been used to seek access to encrypted app services such as WhatsApp and Apple's iMessage.

It is believed that although the Australian law will be hard-hitting, it will still require the security forces to produce warrants to access communications.

Same Criticism As In The UK

Australian Prime Minister Malcolm Turnbull’s announcement that he is seeking to introduce such a law has drawn much the same criticism as the UK’s Investigatory Powers Act attracted. For example:

  • Facebook has said that it already has a system in place for helping with investigations (making a new law unnecessary), and that it will be virtually impossible to impose on individual users.
  • New powers could encroach upon freedom and human rights, and could potentially be abused.
  • If encryption was banned or weaknesses / backdoors were built-in to popular platforms, determined criminals would simply obtain encryption products from other sources, and the backdoors would pose an extra security and privacy risk for the vast majority (of law-abiding citizens).

Support For Encryption

Just as the Australian government, like France and the UK, is proposing a law to essentially stop the end-to-end encryption model, new proposed (draft) legislation from the EU’s Committee on Civil Liberties, Justice and Home Affairs is seeking to make end-to-end encryption compulsory for all forms of digital communication.

Also, IBM has recently been in the news for wanting businesses to use its new z14 mainframe to encrypt pretty much everything, and restrict access to the encryption keys as a way to reduce the risk and impact of data breaches.

Challenged in the UK

It is also worth noting that, here in the UK, human rights charity Liberty has recently been given the go-ahead by the High Court to make a legal challenge against the ‘Snooper’s Charter, using £50,000 of crowdfunding via CrowdJustice. The same thing, in theory, could also happen in Australia when a similar law is introduced there.

What Does This Mean For Your Business?

Australian businesses, and international businesses e.g. tech companies with a base / operations in Australia may soon be facing many of the challenges that tech companies in the UK have faced with since the introduction of the Investigatory Powers Act. Security and privacy are of course important in business communications, whether by phone app, social platform, or by email system. Businesses could argue that the immediate and more likely risk (than terrorism, for example) comes from a variety of cyber criminals, many of whom have already shown themselves to be capable of exploiting situations where there are back-doors in software / platforms / systems, or where there is a lack of adequate encryption. Relaxing security protection for all for the sake of a few may, therefore, may not be a response that will benefit businesses right now. In Australia, as in the UK, many tech businesses are uneasy with the extent of ‘snooping’ legislation and what it forces companies to do, how necessary it is, and what effect it will have on businesses publicly known to be snooping on their customers on behalf of whatever state. The debate worldwide looks likely to continue.