Friday, 07 December 2018 08:31

Encryption laws sought to right the balance between spies and tech Featured

Encryption laws sought to right the balance between spies and tech Pixabay

ANALYSIS The Australian encryption laws were devised for one reason: so that spy agencies could get back on an equal footing with technology firms and have a big stick with which to beat them whenever they want.

Over the years, the tech companies have won most battles with intelligence agencies over access to data, until legislation arrived to help the latter. The most recent example of this — before Australia's encryption laws were passed on Thursday — was the passage of the CLOUD Act by the US to give its law enforcement agencies access to data stored by US companies in any part of the world.

During a recent interview, the head of the Australian Cyber Security Centre, Alastair MacGibbon, provided some insight into the thinking that drove the bill, when he said that, once the laws are passed, "what I do think it will have is reasonable discussions between frankly, often US-based tech companies that for years have seen themselves beyond the reach not just of our law but our social expectations and nothing in this is unreasonable".

And at another point in the same exchange, he said, "...all they wanted was a tool that would give them the ability to work with tech companies in a reasonable and proportionate manner under the rule of law".

So, just another mine-is-bigger-than-yours situation in other words and this morning MacGibbon will doubtless be feeling that the playing field is now level again, or even a bit tilted in favour of the security agencies. It may be a false dawn, though.

The most prominent recent defeat suffered by a big intelligence agency was in 2016, when the FBI challenged Apple over gaining access to the contents of an iPhone belonging to one of the terrorists involved in an attack in San Bernardino, California, in December 2015.

The FBI spoilt its own chances of achieving what it said it wanted, by first changing the iCloud account password for this phone. This meant that scheduled backups from the phone to iCloud could not take place. Else, the data could have been obtained from iCloud by Apple.

The second, probably more grievous, FBI mistake lay in making a hue and cry over the matter. Apple officials have reportedly said that if the FBI had quietly gone to them, the whole thing could have been sorted out and everyone would have been happy.

But when the spooks took the matter to court, the hackles rose on the neck of Apple chief executive Tim Cook. And the rest of the story is well-known; ultimately the FBI paid out nearly a million dollars to the Israeli firm Cellebrite to obtain the data from that phone.

So, given the actual reason for loose laws of this kind to be sought, the ramifications have really not been thought through. Law and order can often prove to be an election-losing issue for politicians and so the Coalition Government used every tactic in the book, including tarring the Labor Party as supporters of terrorists, to push the statute through.

During the interview referred to earlier, MacGibbon raised the fact that Australia's laws are not unique and that the UK already has tougher laws. But he did not offer a couple of additional facts that would have put this in perspective: so far, the UK has never used this law, known as the Snoopers Charter. And the UK has a bill of rights, something Australia lacks.

Additionally, parts of the UK law have been found to be unlawful by the London Court of Appeal. But then, mentioning those qualifiers would have watered down MacGibbon's arguments.

The truth is, no agency needs access to content to decipher what is going on. Metadata cannot be encrypted and metadata often tells a much more detailed and thorough story than the actual data.

Additionally, when third parties are used for data storage and processing, that data cannot be encrypted. Most users, terrorists or law-abiding citizens, fall squarely into this territory.

And since every device is becoming a little computer and therefore a surveillance device, law enforcement has a myriad more new data streams that will not be encrypted to look for evidence of this or that. They don't really need access to content of encrypted messages. These aren't my conclusions, by the way, they come from a man with some pedigree.

No, this entire exercise is about a power struggle, and law enforcement now feels it has won the first crucial battle.

There is one more aspect to this whole episode that we have just gone through. The Australian laws will be used by spy agencies from the other Five Eyes countries — the US, the UK, Canada and New Zealand — under the intelligence-sharing agreements that exist between them.

The types of devices used across these countries are similar and therefore information obtained about one by an Australian agency will benefit its counterparts in the other four countries as well. Many birds have been slain by the one stone.

Reminds one of the old Beatles' ditty, "with a little help from my friends".

When the fallout from the existence of the laws will start is anyone's guess. MacGibbon dismissed the prospect of any fallout, saying, "So in the United Kingdom they have much tougher laws [than] here. Those tech companies, the sky hasn't fallen, people aren't rioting in the streets of the UK saying that their rights have been infringed."

Something tells me that that bit of commentary could prove to be somewhat short-sighted. But for the moment, MacGibbon's spin has served its purpose.

Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News