CANBERRA/ MELBOURNE: The Australian government began seeking controversial powers to crack encrypted communications almost two years before unveiling landmark anti-encryption legislation branded “dangerous” by tech industry leaders, newly obtained documents reveal.
Australia in 2018 passed world-first laws to force tech companies and service providers to build capabilities allowing law enforcement secret access to messages on platforms like WhatsApp and Facebook, such as push notifications that download malware to a target’s computer or phone.
The legislation, which Canberra said was necessary to prevent “terrorists” and other serious criminals from hiding from the law, drew fierce opposition from privacy experts and tech industry players, who warned that undermining encryption could compromise the privacy and security of millions of people worldwide.
Previously unseen documents obtained by a media outlet under freedom of information laws show that Canberra’s push to get around encrypted communications, which are invisible to third parties, was in the works at least as far back as 2015.
Former Prime Minister Malcolm Turnbull unveiled legislation to tackle encrypted communications in July 2017, declaring the internet should not be used as “a dark place for bad people to hide their criminal activities from the law”.
In a letter to government agency heads on November 27, 2015, Katherine Jones, a top national security official within the Attorney-General’s Department (AGD), outlined the need for her department and “relevant intelligence and law enforcement agencies” to “continue to develop strategies to address the increased use of encrypted communications to plan terrorist attacks …”
“You may be aware AGD has done some work on this issue in the past, although both the technology and broader environment has changed significantly,” said Jones, the then-deputy secretary of the National Security and Criminal Justice Group within the AGD.
“We have undertaken some preliminary thinking about the new challenges in the context of broader plans to improve the Telecommunications (Interception and Access) Act 1979. The Government has indicated publicly that it favours strong encryption, but has also acknowledged that this technology is misused by criminals and terrorists.”
The letter, which is partly redacted, also refers to the contentious issue of so-called “back doors,” which would become key in the government’s later messaging insisting the legislation would not threaten the general public’s privacy.
While the Turnbull government insisted the Assistance and Access Act would not create systemic vulnerabilities that could undermine encryption in general, tech giants Google, Facebook, Twitter and Apple lobbied against the legislation, with the latter at the time describing it as “extraordinarily broad” and “dangerously ambitious”.
“In addition, I am mindful that recent developments in the UK and US indicate that those jurisdictions have moved away from the idea of backdoor ‘skeleton keys’ as a solution,” Jones wrote in the letter.
“We would like to work closely with your agencies on potential responses, and in particular, discuss any tools or legislative changes that would be of assistance. We would also like to better understand the broader operational and technological context to inform our advice.”