Australia’s Crusade on Encryption

Back in December, Australia’s legislature passed an unprecedented and far-reaching cybersecurity law—the first of its kind globally. This law, called the Assistance and Access Bill, gives authorities unlimited access to data and information protected by end-to-end encryption. It allows the government to request user data from tech companies that provide this type of encryption in their service. It also mandates that companies create the tools necessary to access their users’ encrypted information if needed. Essentially, every piece of information on the web or in the cloud could now potentially be available to the Australian government if it wishes to request it.

Proponents claim that allowing the government broader access to citizens’ information is a counter-terrorism measure. Applications like WhatsApp provide end-to-end encryption, meaning people can communicate with one another without worrying that their contents could become available to other people—or even WhatsApp itself. Messages and images sent on the app are not stored on WhatsApp’s servers. Other services, like Facebook’s Messenger, provide end-to-end encryption as an option, but not by default.

But in several high-profile terrorist incidents over the last couple of years, assailants were found to have used messaging platforms with end-to-end encryption to coordinate and share information with one another. For example, In 2017’s attack on Westminster Bridge in London, which claimed the lives of 6 people and injured 49 others, authorities found that the terrorist responsible—Khalid Masood—used Whatsapp two minutes before carrying out the attack. Members of ISIS have long used apps offering encryption for planning and recruitment purposes. Those responsible for two separate terrorist attacks in France during the summer of 2016 reportedly coordinated their actions over the messaging service Telegram.

Back in 2016, Russia passed sweeping anti-terrorism laws, which included providing governments backdoor access to encrypted applications. One of these applications, in fact, was Telegram. The messaging service, which provides end-to-end encryption to over 200 million users worldwide, was subsequently blocked in Russia for failing to comply with these laws. Opponents, however, claimed this was an effort to block freedom of speech in the country and thwart the dissemination of information sensitive to the government.

Now, with a similar law passed in Australia, civil society and companies alike are worried that the bill’s results will be counterproductive to its goal: protecting Australian society. In October of last year, Apple condemned Australia’s new bill, asserting that the encryption technology on its products actually strengthened security by making it harder for hackers to access users’ sensitive information. In an open letter to Australia’s legislature, Apple maintained that “increasingly stronger — not weaker — encryption is the best way to protect against [cybersecurity] threats.” On the other hand, members of civil society, including the Law Council of Australia, condemned parliament for rushing the bill through without allowing time for proper debate.

Indeed, Australia’s decision to pass sweeping laws regarding online information and encryption remains hugely controversial, and could set precedent with regards to how governments utilize users’ private information. While terrorist groups have taken advantage of encryption to further their agenda and spread their violent ideology in the past, citizens’ concerns regarding the removal of encryption and the encroachment on privacy must also be addressed. Finally and most crucially, media and civil society worldwide must recognize the links between Russia’s 2016 anti-terrorism laws and Australia’s 2018 Assistance and Access Bill, and the potential of both to limit citizens’ freedoms in their respective countries.