The latest law passed by Australian Parliament has outraged global privacy advocates. The Assistance and Access Bill (AA Bill) essentially allows Australian officials to access the content of end-to-end encrypted communications. While it may be an Australian law, global privacy advocates predict it will impact global privacy rights, and other countries may follow suit.
Here’s what you need to know. The most controversial parts of the AA Bill are the “frameworks for voluntary and mandatory industry assistance to law enforcement and intelligence agencies” that allow the Australian government to access encrypted communication content.
- What does “industry assistance” mean?
It means the Australian government can force “designated communication providers” to use known capabilities to intercept communications or build a new interception capability.
- Who is a “designated communication provider?”
In short, anyone who touches hardware, software, or data used in end-to-end communication, including online services like websites.
- Why do they want access to encrypted communications?
According to Australian officials,
- “The use of encrypted technologies by terrorists and criminals presents an increasing challenge for law enforcement and national security agencies.”
- “Secure, encrypted communications are increasingly being used by terrorist groups and organised criminals to avoid detection and disruption.”
- “The increasing use of encryption has significantly degraded law enforcement and intelligence agencies’ ability to access communications and collect intelligence, conduct investigations into organised crime, terrorism, smuggling, sexual exploitation of children and other crimes, and detect intrusions into Australian computer networks.”
Here’s a hypothetical example of the AA Bill in action:
An Australian law enforcement agency issues a “technical notice” to a company telling it to either turn over encrypted user data or build a tool that gives them access.
The downside? Notices will likely be issued with a gag order, resulting in little oversight and potential abuse, plus potential compliance penalties of up to A$10 million (about $7 million) and jail time.
This law is a major step back in the fight for privacy rights. Additionally, a group of major United States tech companies, including Apple, Google, and Microsoft, are voicing opposition to the AA Bill.
For more information, please click here to see the Australian government’s Explanatory Memorandum of the AA Bill.