The Australian government recently passed the Telecommunications Access and Assistance Bill, which upends a lot of established practices tech companies have relied upon for encryption, security and privacy. Setting aside whether Australia’s recently passed encryption bill is a good idea, or even good law (it’s neither), the question now comes down to implementation.
We’re starting to see companies try to explain why encryption isn’t just a matter of principal, it’s a part of their application design. Signal has been out front with this, saying that by design they have no access to encryption keys. This seemingly makes it impossible for them to operate in the country, at least legally.
Apple is another company that is being vocal about putting encryption backdoors in iMessage and other software. Back in 2016, Apple took quite a bit of heat about unlocking the iPhone of the San Bernardino shooter. The issue there was the US government asking Apple to create software out of whole-cloth to help break into the phone. Apple does and continues to provides technical assistance to law enforcement, but stops short of creating new software to break their phones.
Now Apple and any other company using encryption will have to proactively create such software backdoors to operate in Australia.
The law is far from settled, it seems like it will be an election issues, and all parties who voted for it agreed that it will need to be amended to be practical. But the fact remains that for now, it puts a lot of companies in a tough spot.
Preston de Guise comments:
Last week, the Australian government, in its never-ending war with itself to up the ante on technological ineptness (not to mention fear-mongering) pushed through legislation somewhat innocuously referred to as a “telecommunication assistance and access” bill. More correctly, an anti-encryption bill.
Read more at: Australia demands an end to data protection