Skip to main content

Australia’s encryption-busting law is ‘deeply flawed,’ says tech industry

Australia’s encryption-busting law is ‘deeply flawed,’ says tech industry


The Assistance and Access Bill 2018 has huge implications for cybersecurity worldwide

Share this story

Illustration by Alex Castro / The Verge

Australia just passed tough new legislation that requires tech companies to hand over user data when requested by law enforcement, even if that means building a backdoor into their encryption. The decision has huge implications for communications companies, not just in Australia but also across the rest of the world.

The legislation not only compels companies to hand over user data they have easy access to, but also to build the ability for themselves to intercept this data when they don’t. Critics have said that creating a backdoor has security implications worldwide because hackers and other countries might be able to take advantage of the weakened security.

“Critical issues”

The legislation has “several critical issues” according to a group that represents Facebook, Google, Twitter, Amazon, and Oath. Digi, the Australian tech industry group, said that the legislation had the potential to introduce systematic weaknesses that could harm the data security of users.

The lack of continued judicial oversight is also “deeply concerning,” the group said. Law enforcement agencies are required to obtain a warrant to force tech companies to build backdoors into their services, but no further judicial oversight would be necessary to intercept telecommunications once a warrant has been issued. Digi said that “judicial oversight and a warrant-based system” are “the minimum safeguards Australians should expect,” yet these were absent from the new rules.

“Deeply concerning”

A campaign group representing Apple, Facebook, Google, Microsoft, Snap, and Twitter described the new legislation as “deeply flawed, overly broad, and lacking in adequate independent oversight over the new authorities.” The Reform Government Surveillance coalition, which campaigns for worldwide reform about government surveillance, urged the Australian Parliament to amend the legislation.

WhatsApp also criticized the legislation. As the world’s most popular end-to-end encrypted messaging service in the world, the company is no stranger to having to defend its use of encryption in the face of criticism by law-enforcement agencies in the US, India, and the UK. It said that its position is no different when it comes to Australia: “We have challenged attempts to curtail end-to-end encryption in the past and will continue to defend the ability for people to communicate privately with one another online.”

“Lacking in adequate independent oversight”

But a WhatsApp spokesperson said the company doesn’t believe Australia’s new law “provides a basis to remove end-to-end encryption, as some reports suggest.” That may be because of a clause in the law, meant to offer a degree of privacy protection, that is supposed to offer an out for tech companies if their only option would be to cause a “systemic weakness” in their product. It’s unclear, however, exactly how such a weakness would be defined.

A spokesperson for ProtonMail, which offers an encrypted email service, said their service wouldn’t be affected by the law, because the company’s servers are located outside the country. But they still denounced the law as an attack on encryption. “This law endangers the security of online services, and it places an unprecedented obligation on tech companies,” the spokesperson said.

The comments echo previous criticism levied by Apple at the legislation in a letter sent to the Australian government. Prior to the legislation passing through Parliament, the company argued that encryption makes criminals’ jobs harder rather than easier, and that more encryption is better overall for society.

The bill could change a bit next year. Although the opposition Labor Party agreed to drop its 173 amendments to the bill to allow it to be passed before the end of 2018, it did so on the condition that these amendments would be debated properly in the 2019 session. There’s no guarantee that they’ll make it into law, but the fate of Australia’s Assistance and Access Bill 2018 isn’t yet set in stone.

Today’s Storystream

Feed refreshed 3 minutes ago Dimorphos didn’t even see it coming

External Link
Jess Weatherbed3 minutes ago
Won’t anyone think of the billionaires?

Forbes reports that rising inflation and falling stock prices have collectively cost members of the Forbes 400 US rich list $500 billion in 2022 with tech tycoons suffering the biggest losses.

Jeff Bezos (worth $151 billion) lost $50 billion, Google’s Larry Page and Sergey Brin (worth a collective $182b) lost almost $60b, Mark Zuckerberg (worth $57.7b) lost $76.8b, and Twitter co-founder Jack Dorsey (worth $4.5b) lost $10.4b. Former Microsoft CEO Steve Ballmer (worth $83b) lost $13.5b while his ex-boss Bill Gates (worth $106b) lost $28b, albeit $20b of that via charity donations.

Thomas Ricker6:45 AM UTC
Check out this delightful DART Easter egg.

Just Google for “NASA DART.” You’re welcome.

Asian America learns how to hit back

The desperate, confused, righteous campaign to stop Asian hate

Esther WangSep 26
Richard Lawler12:00 AM UTC
A direct strike at 14,000 mph.

The Double Asteroid Redirection Test (DART) scored a hit on the asteroid Dimorphos, but as Mary Beth Griggs explains, the real science work is just beginning.

Now planetary scientists will wait to see how the impact changed the asteroid’s orbit, and to download pictures from DART’s LICIACube satellite which had a front-row seat to the crash.

The Verge
We’re about an hour away from a space crash.

At 7:14PM ET, a NASA spacecraft is going to smash into an asteroid! Coverage of the collision — called the Double Asteroid Redirection Test — is now live.

Emma RothSep 26
There’s a surprise in the sky tonight.

Jupiter will be about 367 million miles away from Earth this evening. While that may seem like a long way, it’s the closest it’s been to our home planet since 1963.

During this time, Jupiter will be visible to the naked eye (but binoculars can help). You can check where and when you can get a glimpse of the gas giant from this website.

Emma RothSep 26
Missing classic Mario?

One fan, who goes by the name Metroid Mike 64 on Twitter, just built a full-on 2D Mario game inside Super Mario Maker 2 complete with 40 levels and eight worlds.

Looking at the gameplay shared on Twitter is enough to make me want to break out my SNES, or at least buy Super Mario Maker 2 so I can play this epic retro revamp.

External Link
Russell BrandomSep 26
The US might still force TikTok into a data security deal with Oracle.

The New York Times says the White House is still working on TikTok’s Trump-era data security deal, which has been in a weird limbo for nearly two years now. The terms are basically the same: Oracle plays babysitter but the app doesn’t get banned. Maybe it will happen now, though?

Richard LawlerSep 26
Don’t miss this dive into Guillermo del Toro’s stop-motion Pinocchio flick.

Andrew Webster and Charles Pulliam-Moore covered Netflix’s Tudum reveals (yes, it’s going to keep using that brand name) over the weekend as the streamer showed off things that haven’t been canceled yet.

Beyond The Way of the Househusband season two news and timing information about two The Witcher projects, you should make time for this incredible behind-the-scenes video showing the process of making Pinocchio.

External Link
Emma RothSep 26
Netflix’s gaming bet gets even bigger.

Even though fewer than one percent of Netflix subscribers have tried its mobile games, Netflix just opened up another studio in Finland after acquiring the Helsinki-based Next Games earlier this year.

The former vice president of Zynga Games, Marko Lastikka, will serve as the studio director. His track record includes working on SimCity BuildIt for EA and FarmVille 3.

External Link
Vietnam’s EV aspirant is giving big Potemkin village vibes

Idle equipment, absent workers, deserted villages, an empty swimming pool. VinFast is Vietnam’s answer to Tesla, with the goal of making 1 million EVs in the next 5-6 years to sell to customers US, Canada and Europe. With these lofty goals, the company invited a bunch of social media influencers, as well as some auto journalists, on a “a four-day, multicity extravaganza” that seemed more weird than convincing, according to Bloomberg.

James VincentSep 26
Today, 39 years ago, the world didn’t end.

And it’s thanks to one man: Stanislav Petrov, a USSR military officer who, on September 26th, 1983, took the decision not to launch a retaliatory nuclear attack against the US. Petrov correctly guessed that satellite readings showing inbound nukes were faulty, and so likely saved the world from nuclear war. As journalist Tom Chivers put it on Twitter, “Happy Stanislav Petrov Day to those who celebrate!” Read more about Petrov’s life here.

Soviet Colonel who prevented 1983 nuclear response
Photo by Scott Peterson/Getty Images
The Verge
James VincentSep 26
Deepfakes were made for Disney.

You might have seen the news this weekend that the voice of James Earl Jones is being cloned using AI so his performance as Darth Vader in Star Wars can live on forever.

Reading the story, it struck me how perfect deepfakes are for Disney — a company that profits from original characters, fans' nostalgia, and an uncanny ability to twist copyright law to its liking. And now, with deepfakes, Disney’s most iconic performances will live on forever, ensuring the magic never dies.