The Australian government has recently passed an extremely controversial legislation called The Assistance and Access Bill 2018. This is the first legislation of its kind across the globe, and it gives law enforcement agencies authority to compel tech companies to provide users’ encrypted messages.
End-to-end encryption is a code that enhances the privacy of messages being shared between individuals over online platforms such as WhatsApp, iMessage, Facebook Messenger, etc. This law essentially compels internet service providers and technology companies to build features that will allow the police to crack the encryption code when needed.
Technology industries and privacy groups have been unanimous in their condemnation of this law as it has the potential to obliterate encryption security and also undermine the Australian tech industry.
The Two Sides of the Argument
Government’s Point of View
The Australian Prime Minister, Scott Morrison, said this legislation was passed for public security. He said encryption allows “terrorists and organized criminals and … pedophile rings to do their evil work.” This has been the general sentiment expressed by the government, that this law will allow them to monitor individuals that might threaten the national security.
Critics’ Point of View
Outside the government, The law has been roundly criticized by technology companies, human rights interest groups, privacy advocate groups, lawyers, and many others. They believe that this law has gone too far and it provides an unprecedented power to government agencies to access their users’ private information.
Critics are also concerned that Australian technology companies will lose clients to overseas competitors because their services will be seen as compromised and lacking in security. It is also feared that the repercussions of this legislation will also be felt across the globe as governments in the U.S., U.K., and other countries emulate the Australian government.
A Brief History of the Assistance and Access Bill, 2018
This legislation has been in contention for over a year now. Government agencies around the world have been concerned about their inability to access encrypted data in order to catch suspected law-offenders.
While debates regarding the bill had been raging for a year, the Senate rushed this bill to pass in the final sitting days of the year. The primary opposition party too caved in eventually and the opposition leader Bill Shorten agreed that delaying the legislation would threaten national security. He said,
Do I go home and say well I hope nothing happens and I hope that the Government’s politics don’t backfire on the safety of Australians? I’m not prepared to do it.
– Bill Shorten
One of the primary concerns with this bill is the creation of backdoors. Encrypted messages, as they now stand, cannot be accessed by anyone, not even the technology companies that handle the platform. As such, the only way to give government bodies access to encrypted data is to create a backdoor at either the point of sending or receipt to allow the companies to access the data. Doing this, however, risks systemic weakness as hackers and other malicious parties will be able to access encrypted data using the backdoor.
The government has been adamant in denying the creation of backdoors. However, experts remain dubious about it.
Impact on the Australian Tech Industry
Australian tech companies are concerned that this bill will be a major blow for them on the international front. Essentially, any product that is developed in Australia could be subject to modifications requiring the government to access the data without informing the clients. This will sow immense distrust for Australian products.
This concern has precedence in the international treatment of Chinese company Huawei. The company was suspected of aiding the Chinese government in surveillance and data collection of their users. In fact, even Australia took a stand against Huawei and banned them from rolling out 5G networks in their country. The company has also been condemned and blocked out by various other countries.
Furthermore, technology companies can now be compelled to install malware on users’ devices to get around encryption and give them access to private information without the user’s consent. Companies that refuse can be fined up to AU$10 million and individuals can be fined up to AU$50,000.
Is it still worth using a VPN in Australia?
It is yet to be seen exactly how this law will affect VPN providers. Users are naturally concerned that using VPNs in Australia will no longer safeguard their privacy because the government can simply compel the VPN companies to hand over users’ data.
However, most VPN providers have a strict “No Logging” policy. These VPN providers do not maintain any logs of their users’ activities. As such, since they don’t keep or access their users’ data, they cannot hand it over to the government. If you’re using a VPN service, be sure that they have a reliably enforced “No Logging” policy.
Furthermore, most major VPN providers are located outside major jurisdictions. So even if you use their service within Australia, they aren’t subject to Australian law and thus don’t have any obligation to cooperate with the government.
It is impossible to predict the exact specifics how this legislation will affect the future of security, but it is certainly a matter of grave concern.
DISCLAIMER: This article does not constitute legal advice, is not intended to be a substitute for legal advice and should not be relied upon as such. You should seek legal advice or other professional advice in relation to any particular matters or
