Australian Encryption Laws

The controversial encryption laws passed by the Australian government was intended to form loop holes that accorded police and security agencies with the right to access encrypted messages that were transmitted on the platforms created by these tech companies.

Although the intentions of these laws are noble enough as they are targeted towards combatting terrorism and crime, it has left many individuals questioning their own positions in the scheme of things. Critics from all over the globe have condemned the act citing wide-ranging concerns mostly surrounding the fact that these laws would be inadvertently undermining the rights to privacy of individual users throughout the country.

The law which was rushed through towards the end of the deadline received reluctant support from the Labour opposition that held that they supported the encryption laws only to protect Australians during the festive season and maintained that the party’s top representatives had “legitimate concerns” about the laws.

The existing laws in Australia which require service providers and tech companies to hand over the communication transcripts of ‘persons of interest’ to the police was deemed to be inadequate due to the recent developments where tech companies added additional layers of security commonly referred to as end-to-end encryption.

The spin –off for this law could be traced back to the claims made by the FBI that device encryption ‘ has become a huge problem’ as End-to-end encryption does not allow any other party apart from the sender and the receiver to view messages which had been exploited by terrorists and criminals in their id to avoid surveillance.

These laws are non-existent in countries such as China and Russia among others as services that offer end-to-end encryption are banned altogether. These new laws however, will force companies that provide end-to-end encryption to create new functions that would allow these security agencies to access encrypted messages without prior consent from users.

This means that a ‘backdoor’ will be created to enter into these platforms which could also be exploited by hackers at whim which jeopardises users across the board simply based on the fact that if these security agencies are able to get it, so would others. In essence, this new law is creating vulnerability as there is no such thing as creating a “back door” decryption that only targets one individual.

To put this in a simpler manner, this vulnerability would basically weaken the existing infrastructure of the encryption scheme which would have a drastic impact on the overall security for everybody and thus innocent people could eventually suffer the consequences of such ‘security holes’.

Although the laws have implemented mitigating factors whereby a safeguard has been placed that indicates the decryptions will not be rolled out if it is observed to cause “systemic weaknesses”, this mitigating factor is vague and application of this mitigating factor is unclear even to the lawmakers themselves.

As reported by the BBC, reactions to this move are being seen as a transgression against human rights as the lacks of checks and balances indicates that the security agencies (known for their nosiness in other people’s affairs) could sanction individuals to create backdoors without the knowledge of their employer potentially leaving Australian tech firms in the dark about whether they are even subject to the order.