Tech Thoughts

The new Australian anti-encryption bill is so deeply flawed it hurts

4 minutes to read

New anti-encryption legislation was passed by the Australian government in hope to combat potential online terrorism and crime, but technology giants believe it will fall short.

Do you use WhatsApp, iMessage or Wicker? If so, listen up because your so-called privacy has been undermined due to this new legislation.

The “Assistance and Access Bill” allows law enforcement authorities to force technology companies to hand over any user information deemed necessary, reduce encryption on devices and applications to allow increased surveillance on “personal communications.”

The bill is a world first, and has been greatly criticized since its passing. The major concern is that it could undermine the security of all users, and further the privacy of users, which has been a hot topic in 2018.

Silcon Valley hot shot companies like Apple and Microsoft are greatly against the new laws, believing it will weaken the data security of all Australians, as well as companies around the world.

Technology companies that are part of the Reform Government Surveillance Coalition (RGS) released a joint statement in objection to the new Australian law.

“The new Australian law is deeply flawed, overly broad, and lacking in adequate independent oversight over the new authorities,” the joint statement said.

The RGS is in deep opposition to the law, and believes that the new law will weaken security rather than the intention to strengthen it.

“RGS has consistently opposed any government action that would undermine the cybersecurity, human rights, or the right to privacy of our users – unfortunately, the Assistance and Access Bill that was just passed through the Australian Parliament will do just that.”

Will this law really make a big change to our everyday lives?

Well, yes and no. Australia already had laws that forces providers to hand over suspect personal or business communications to the police. However, in recent years apps like WhatsApp have increased their encryption to a level known as “end to end” encryption. This is why it’s a popular app by many for the privacy that it presumably provided, especially after the scandals with Cambridge Analytica and the breaches of online privacy in the past year.

This new law allows law enforcement agencies to require the handover of user information even if it is protected by “end to end” encryption. If the information is not easily accessible, law enforcement can compel companies to create tools to access the encrypted messages, totally unknown to the user.

Basically, this means that all user information is now accessible by law enforcement agencies even through heavy encryption. Which means, the messages you used to believe were private, are now not so private.

The Attorney General Christian Porter, in support of the bill, stated, “This ensures that our national security and law enforcement agencies have the modern tools they need, with appropriate authority and oversight, to access the encrypted conversations of those who seek to do us harm.”

Apple, argued that encryption is actually a tool of defense against any possible cyber-attacks and potential online terrorism, so really, we’re removing safety rather than increasing it.

The bill has been claimed to be “dangerously ambiguous”, with dangerous loopholes and that the government’s access to “end to end” encryption may be subject to exploitation by hackers.

So, is this bill really safe at all?

This bill affects you if you use WhatsApp, Wicker, iMessage and any other encrypted messaging service.

Under the legislation, law enforcement must give a 28-day notice period prior to tech companies being required to develop tools to access encrypted communications. This means it will be well after Christmas before these new powers are used, but that’s really not too far away.

Law Council of Austrlia President Morry Bailes, stated “It’s not just the rights of citizens that are potentially compromised by this outcome, but intelligence agencies and law enforcement that are at risk of acting unlawfully,”

This new legislation means if you do anything remotely illicit online, mention it in your text messages or have anything in an online format, you’re at risk of law enforcement agencies gaining access to your personal information.

If you thought you had some online security and privacy before, it’s definitely been removed now.

The biggest take away from this new legislation is to be careful about what you’re doing online, not only on apps such as Facebook, but also in apps like iMessage or WhatsApp that you previously thought to be secure.

Your information could be accessed by the government if deemed a criminal act, so our advice? Be careful what you say online, because now you definitely don’t know who is accessing your information.