Depending on which side of politics you believe, Australia’s planned encryption laws are either a boost to national security or will provide a new way for it to be undermined.
Following on from the U.K.’s contentious 2016 Investigatory Powers Act - also known as the Snoopers’ Charter - the Government in Canberra wants the Parliament to pass legislation that would give security agencies powers to access encrypted communications on applications such as WhatsApp.
The legislation would give the Government the power to issue "technical capability notices" which would make tech companies install spyware on their devices and provide security agencies access.
The Government doesn’t just want the legislation passed; it wants it passed immediately because – according to Prime Minister Scott Morrison – this needs to be done in time for the Christmas and New Year holidays, a time when he believes that terrorists may be more likely to plan action.
Morrison’s besieged Government is under tremendous political pressure and survival seems a day to day struggle. So, it is suddenly very convenient for him to paint his political opponents as being soft on terror.
Recent terror activity, he claimed, was being discussed on WhatsApp and the proposed legislation would have given security services a window into the plans of suspects.
Even putting desperate politics aside, the Australian legislation goes to the heart of the digital privacy dilemma: one billion people around the world use WhatsApp, and a tiny percentage of them are terrorists planning murderous attacks.
So while the overwhelming majority of people are more likely to trust WhatsApp – and let’s use that as a proxy for all similar messaging services – because of its encryption, the Government believes that people need to surrender their privacy in the interests of public safety.
In the U.K., the political reaction to this issue was a total knee-jerk. In the aftermath of the March 2017 Westminster Terror attacks, Home Secretary Amber Rudd wanted to ban end-to-end encryption on messaging apps so they “don’t provide a secret place for terrorists to communicate with each other.”
The sad truth is that most politicians have very little understanding of digital privacy, and want to score points by talking tough.
The Australian Government position ignores the danger that creating any backdoor for security services to access messaging could potentially compromise the data of millions of users.
This is the point the Labor Opposition is making, and why they are not supporting the Legislation.
It is also a viewpoint supported by tech companies such as Senetas, an encryption specialist which provides services to the Australian Taxation Office, the Israeli Parliament and the U.S. military.
Senetas has warned that instead of strengthening security, the “backdoor” approach would potentially expose businesses, governments and private citizens to hacking.
There is also an unrecognized element of hypocrisy here. The Australian Government has continued to ban Chinese telco Huawei from participating in major infrastructure rollouts of the national broadband network or upcoming 5G because the company is required to co-operate with Chinese intelligence services.
As the founder of Senetas, Francis Galbally, told an Australian Parliamentary Committee in late November 2018, the proposed legislation for it to create “backdoors” would put his company in a very similar position to Huawei, and significantly undermine trust in its products.
Galbally said that already the global open source community was debating if they could trust Australian developers, and he forecast that Australian academic institutions could be locked out of international collaborations “because nobody will be able to trust them.”
“They will certainly be suspected of collaborating with the Government to develop tools to interfere with the internet,” said Galbally.
“There is simply no doubt that this will result in a significant reduction in local R&D and manufacturing as a consequence of declining employment and export revenue. Foreign governments and competitors will use the mere existence of this legislation to claim that Australian cyber security products are required to use or collaborate in creating encryption backdoors," he added.
For Senetas, this is a commercial issue. The company tabled a letter from a major client, manufacturer Extel Technologies, saying it would lose up to AUD 3 billion in export sales.
Beyond the Senetas bottom line, the encryption laws go to the heart of the trust issue.
It is universally accepted that trust - in security, privacy and data integrity - is critical to the success of the digital economy.
The question is then how much of privacy should businesses and private citizens be prepared to surrender for security agencies to operate effectively.
These perhaps competing imperatives need to be finely balanced, with all considerations factored in.
In its haste, the Australian legislation fails this test of balance and instead holds privacy hostage to politics.
For as long as that happens, then trust will continue to be an issue and an impediment to digitization.