If anyone refuses to hand over encryption keys, they could be criminally charged
This week’s threat to privacy comes from Australia and the main actor is none other than the country’s Attorney General who wants new laws to force users and providers of encrypted Internet communication services to hand over the keys that would allow them to decode the data intercepted by authorities.According to ITNews, the proposal isn’t plain as day, but rather got buried into a submission by the department to a Senate inquiry on revision of the Telecommunications Interception Act, as they hoped no one would find it.
While the Attorney General’s office fears that there are too many encrypted communications which make the intercepted data unreadable, the obvious problem is that privacy means nothing to them.
Furthermore, they seem to find it irritating that more and more people adopt encryption to mess with authorities engaging into mass surveillance.
“Sophisticated criminals and terrorists are exploiting encryption and related counter-interception techniques to frustrate law enforcement and security investigations, either by taking advantage of default-encrypted communications services or by adopting advanced encryption solutions,” the note reads.
Of course, companies such as Google, Yahoo and Microsoft have already made SSL the default option for their services, in an effort to protect everyone’s privacy and some even upgraded the certificates to 2,048 bit, making things even more difficult for anyone trying to snoop in.
If the Department has its way, anyone receiving a notice, be it person or company, will be required to provide “information or assistance” to place information obtained under the warrant into an intelligible form. That translates into providing the SSL keys to decrypt data.
Failure to comply would constitute a criminal offence, putting everyone between a rock and a hard place.
What the Australian authorities are trying to do is to make encryption obsolete. Basically, they don’t want anyone to protect their communications in any way and if they dare do so, they should immediately unveil their private conversations when asked.
Ever since the NSA scandal broke through, involving numerous countries, including Australia, one of the members of the Five Eyes nations, it seems that governments have stopped hiding behind niceties and started trying to legalize their spying practices.
One example is this Australian effort to neutralize encryption, another is the American revived CISPA that would put everyone’s privacy at risk.
Before this, agencies were secretly sending requests to providers of web services to obtain the decrypted communications or even asking them to provide master encryption keys, such as the one demand sent to Ladar Levison and his mailing project Lavabit.