Encryption in mobile messaging apps promises a semblance of privacy in an increasingly public web, but the Australian government doesn’t see it that way. On July 14, Australian Prime Minister Malcolm Turnbull announced legislation that would force tech companies to hand over messages upon request.
“At the end of the day, what has happened here is legislation has not yet kept pace with technology,” Michael Phelan, deputy commissioner of the Australian Federal Police (AFP), said during a press conference. More than 65 percent of serious investigations now involve some form of encryption, the agency said.
The new rules are expected to be based in part on the United Kingdom’s Investigatory Powers Act, which forces tech companies to hand authorities data web histories and create backdoors that can use to read messages. The AFP would also gain the power to remotely monitor computer networks and devices, according to The Guardian.
Normally, the end-to-end encryption prevents third parties from snooping on communications. In a two-person conversation within an encrypted app like Apple’s iMessage, one person’s phone encrypts messages specifically for the other person’s device using a “public key,” a series of random characters that can only be read with a corresponding “private key” on the other person’s device. WhatsApp and other encrypted chat services don’t possess private keys, which effectively prevents them from decrypting messages.
But the Australian government could require apps to store a copy of encrypted keys as they’re created, or force them to copy the contents of the messages before and after they’re encrypted.
“I’m not a cryptographer, but what we are seeking to do is to secure their assistance. They have to face up to their responsibility […] They can’t just, you know, wash their hands of it and say it’s got nothing to do with them” Turnbull said. “What we need is the cooperation where we can compel it, but we will need the cooperation from the tech companies to provide access in accordance with the law.”
That cooperation won’t come easy.
Facebook, which enabled end-to-end encryption in Messenger late last year, said it wouldn’t succumb to pressure to roll back protections. “We appreciate the important work law enforcement does, and we understand their need to carry out investigations,” a Facebook spokesperson said via email. “That’s why we already have a protocol in place to respond to requests where we can. At the same time, weakening encrypted systems for them would mean weakening for everyone.”
WhatsApp, which Facebook owns, promised to “fight any government request to create a backdoor.” Apple CEO Tim Cook said the company would never allow backdoor access to its products to any government agency.
The Australian parliament isn’t expected to take up the issue until later this year. But George Brandis, the Australian attorney general, and Amber Rudd, the U.K. Home Secretary, have pledged to meet with agencies in the U.K. and U.S. to coordinate efforts.
- Encryption-busting law passed in Australia may have global privacy implications
- Will U.S. government force Facebook to decrypt Messenger?
- Brexit may get messy, but free EU roaming is safe, U.K. government says
- Facebook’s latest data breach could earn Europeans thousands in compensation
- Was your Facebook account hacked in the latest breach? Here’s how to find out