Search
This area does not yet contain any content.
Justinian News

Balkan intrigues ... Old coppers stagger into the Croatian Six inquiry ... 15-year jail terms in 1980 for alleged terrorism ... Miscarriage of justice under review ... Verballing ... Loading-up ... Old fashioned detective "work" ... Evidence so far ... Hamish McDonald reports ... Read more >> 

Politics Media Law Society


Splitting heirs ... How to get rid of the Royals – a Republican tours Orstraya … Underneath their robes – sexual harassment on the bench … Credit card fees – so tricky that only economists know what to do … Muted response to Drumgold vindication … Vale Percy Allan ... Read on ... 

The Financial Times examines criminal trial delays in England & Wales ... About 70,000 cases on waiting lists at Crown Courts ... More >>

Free Newsletter
Justinian Columnists

Blue sky litigation ... Another costly Lehrmann decision ... One more spin on the never-never ... Arguable appeal discovered in the bowels of the Gazette of Law & Journalism ... Odious litigants ... Could Lee J have got it wrong on the meaning of rape? ... Calpurnia reports from the Defamatorium ... Read more >> 

Blow the whistle

 

News snips ...


This area does not yet contain any content.
Justinian's Bloggers

Online incitements ... Riots in English cities fed by online misinformation about refugees ... Policing and prosecution policies ... Fast and furious processing of offenders ... Online Safety Act grapples with new challenges ... Increased policing of speech on tech platforms ... Hugh Vuillier reports from London ... Read more >> 

"Mistakes of law or fact are a professional inevitability for judges, tribunal members and administrative decision makers."  

Paul Brereton, Commissioner of the National Corruption Concealment Commission, downplaying the Inspector's finding of bias and procedural unfairness with his conflicted involvement in the decision making about Robodebt referrals ... Read more flatulence ... 


Justinian Featurettes

Vale Percy Allan AM ... Obit for friend and fellow-traveller ... Prolific writer on economics and politics ... Public finance guru ... Technocrat with humanity and broad interests ... Theatre ... Animals ... Art ... Read more ... 


Justinian's archive

A triumph for Victorian morality ... Ashton v Pratt ... In the sack with Dick Pratt ... Meretricious sexual services renders contract void on public policy grounds ... Justice Paul Brereton applies curious moral standard ... A whiff of hypocrisy ... Doubtful finding ... Artemus Jones reporting ... From Justinian's Archive, January 24, 2012 ... Who knew the NACC commissioner had strong views on the sanctity of marriage ... Read more ... 


 

 

« Rethinking the delivery of law | Main | Herogram for a CLC »
Wednesday
Oct312018

Encryption legislation is "fatally flawed" 

The government's proposed law to unscramble encrypted communications ... Threats to citizens and journalists in particular ... Confidential sources placed at greater risk of exposure ... A new invasion of privacy amid an abundance of government intrusions ... Cybersecurity threatened ... Criticism from UN privacy rapporteur ... Nick Bonyhady reports 

The United Nations Special Rapporteur for Privacy, Professor Joseph Cannataci, has criticised the Morrison government’s planned anti-encryption legislation, describing it as “fatally flawed”. 

The Assistance and Access Bill 2018, gives law enforcement agencies broad powers to access online communications.

While warrants are still required, the method by which information is accessed has alarmed Professor Cannataci:

“The Bill is… a poorly conceived national security measure equally as likely to endanger security as not; it is technologically questionable if it can achieve its aims and avoid introducing vulnerabilities to the cybersecurity of all devices.”  

Encryption protects online communications by scrambling the contents of a transmission – which could be anything from a text message, to stock market data, to self-driving instructions – using a randomised key.

When the transmission arrives at the correct device it is unscrambled using the proper key, which is determined through an exceptionally complex mathematical process.

This prevents third parties by intercepting and reading the contents without the key. With encryption, companies can trust critical online services with market-sensitive information and information about individuals’ political preferences, sexuality and personal lives would less likely be accessible online to bad actors.

recent United States Supreme Court case on a similar issue illustrates the potential for overreach using digital surveillance.

In that case, US authorities tracked suspected thieves using the locations of their mobile phones. It showed which church one target attended, where his family was located, and also that he was having an affair.

According to the Department of Home Affairs fact sheets, the government is alive to this issue. 

“Systemic weakness, so-called ‘backdoors’, weaken the digital security of Australians and others,” according to this report on the Department of Home Affairs website.

The legislation purports to only target specific devices used by criminals rather than authorising wholesale weakening of encryption.

ASIO has defended the new legislation, pointing out that without it future surveillance of terror plots may be made difficult by encryption.

Yet any method employed by the government to access encrypted data – such as installing secret monitoring apps on targets’ smartphones – could conceivably be used by Australia’s enemies, whether criminals or states.

With concerns about Russian interference in the United States election and Chinese government theft of intellectual property, this is not an idle consideration. 

“At a practical level, it is difficult to see how the Australian government can achieve its aims without weakening encryption and thereby Australia’s cybersecurity”, Professor Cannataci concludes.

Cannataci: the legislation will weaken cybersecurity In a previous era of communications surveillance, police could tap suspects’ phones, revealing only what was spoken by a suspect.

The new bill goes much further. It permits authorities to demand technology companies give them access to almost any device or service that transmits information over the internet, so long as it is for a purpose connected to the enforcement of the criminal law or a law with a pecuniary penalty.

That could include accessing smart home speakers and cameras and continuously recording everyone in a private residence, including children.

Agencies do not even have to be seeking to enforce an Australian law; foreign laws are included too.

And Dr Chris Culnane, a lecturer in IT at the University of Melbourne, also notes that the oversight mechanisms in the legislation are weak.

Technology companies can only reveal how many demands for access they have received from the government every six months, and cannot reveal any information about those demands.

Where the government issues a voluntary request for help – which is secret – technology companies are not to release any information.

Culnane says that companies have strong incentives to comply with these voluntary requests.

“The government wields enormous amounts of soft power, [so] the suggestion that companies, whose revenue could be impacted by the exercising of that soft power, are going to sacrifice profit for their users is fanciful.”

Users trying to work around the legislation are at risk as well. The Bill makes it an offence to “aid, abet, counsel or procure a contravention of” a government demand for access to an online communication.

It is clearly reasonable that a criminal or foreign actor ought to be prohibited from protecting their own communications, but the language of the legislation is broad. It suggests that a journalist who writes a guide to the use of a new secure messaging service so that confidential whistleblowers can get in touch may have procured a contravention of the legislation and opened themselves to prosecution.

In its submission to the Joint Committee on Law Enforcement, which is considering the bill, the Law Council of Australia draws on the work of David Kaye, the UN special rapporteur on the promotion and protection of the right to freedom of opinion and expression. The Law Council notes:

“The regulation of encryption by other nations has not been shown to be necessary to meet a legitimate interest, when considering ‘the breadth and depth of other tools, such as traditional policing and intelligence and transnational cooperation, that may already provide substantial information for specific law enforcement or other legitimate purposes’.”

In a 2015 report, Kaye points out that the European Union Court of Human Rights has held that encryption is a means by which freedom of expression can be exercised.

The technical complexity of encryption and the vague drafting of the legislation has not produced any significant public response. It is hoped that great attention will be paid to the problems inherent in this proposed law – for citizens generally and journalists in particular.

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.
Member Account Required
You must have a member account on this website in order to post comments. Log in to your account to enable posting.