AGIX Discussion

The Australian Encryption Laws – A Solution

The Australian lawmakers are passing laws that progressively take away privacy of the citizens of this country. The most recent successful attempt to increase the powers of the security agencies focuses in “encrypted message interception” which, in effect forced technology companies to assist security agencies with message interception.

Exactly how this would happen, to who and what lengths technology companies can be forced to go are unknown at this stage and it will likely stay that way. This is the big issue. Secrecy is the weapon of oppression.

I propose steps the security agencies can take to find the balance between detective work and privacy intrusion of innocent people. That is the point of this article. By following these steps, Australians can be confident they know the extent of the surveillance.

By law, security agencies must, within 3 months of the event, make public a) the name of the technology company being asked to participate in message interception, b) the estimated cost to the technology company assisting the security agency, c) the start and end date of the message interceptions, d) the methods used and e) require a warrant. The most important effect of this is that the public can see how agencies are using this new and powerful law and can vote accordingly at the next election.

I’ve started this article with the solution to the problem. But we haven’t discussed the real problem yet. I’m a technologist and I’d like to make clear my objections to this new law from a technologist’s point of view.

We know that encrypted messages can already be intercepted (in encrypted form) which is the reason we use encryption. I suspect the solution to the problem security agencies have is to either force end-points (smartphones, computers, etc) to store and send a copy of messages to security agencies before encryption or after decryption (depending on whether the message is being send or received) . The alternatives i can think of would not work without mass collection of private keys and even then, some messaging systems change their keys so often it would be hard manage.

Final thoughts on my proposed solution. We’re going down a slippery slow where law makers are too scared to say no to requests from security agencies. After all, what would happen if they denied a request and a successful terrorist attack occurs? Law makers must accept a balance and never tip that balance. We’ll experience another “J. Edgar Hoover’s FBI”. I have tried and failed to think of an equivalent whimsical name for our current situation primarily because it’s not just one person with one organization overreaching power, it’s secret organizations with no public oversight. It does not look good for the people of Australia.

To the question “If you have nothing to hide, you have nothing to fear.” I’d say “I have my personal life which still belongs to be and it’s mine to keep private if i wish.”

Leave a Reply

Your email address will not be published. Required fields are marked *