Apple sends top executives to lobby Australian government over proposed encryption laws
Apple has sent top privacy executives to Australia twice over the past month to discuss proposed cybersecurity laws that could compel technology companies to provide law enforcement agencies access to encrypted customer messages.
Citing unnamed sources, The Sydney Morning Herald reports Apple met with Australian Attorney-General George Brandis and members of Prime Minister Malcolm Turnbull's government on Tuesday to talk over the cybersecurity measures.
At least one of the engagements was announced on Monday, when Brandis said he planned to meet with Apple executives in hopes of persuading the company to share encrypted data with the country's spy and law enforcement agencies.
According to sources familiar with the talks, Apple maintained its strong stance in favor of consumer privacy, saying it does not want to see laws updated to block companies from using encryption technology, the report said. Further, Apple is opposed to furnishing government agencies with cryptographic keys that would allow access to secure messages.
Apple in its meetings with Australian officials looked to cut down on additional regulation and legal obligations that could potentially result from the new laws, sources said.
Turnbull last week proposed a set of updated cybersecurity laws that would force tech companies like Apple, Facebook and Google to provide access end-to-end encrypted communications if obliged to do so by court order. The regulations, which the Turnbull administration is looking to get on the books by year's end, are modeled after the UK's Investigatory Powers Act.
"We've got a real problem in that the law enforcement agencies are increasingly unable to find out what terrorists and drug traffickers and pedophile rings are up to because of the very high levels of encryption," Turnbull said. "Where we can compel it, we will, but we will need the cooperation from the tech companies."
Exactly how the government intends to enforce the proposed rules remains unclear.
End-to-end encryption systems rely on cryptographic keys to encrypt plain text messages as they travel through servers between devices. Importantly, service providers do not have access to private keys and are therefore unable to access conversations.
Members of Turnbull's administration who met with Apple said the government does not want to create backdoors to messaging services, nor does it want to weaken encryption, sources said. Apple's recent meetings were in part meant help the government decide how best to overcome these substantial technical hurdles, the report said.
Citing unnamed sources, The Sydney Morning Herald reports Apple met with Australian Attorney-General George Brandis and members of Prime Minister Malcolm Turnbull's government on Tuesday to talk over the cybersecurity measures.
At least one of the engagements was announced on Monday, when Brandis said he planned to meet with Apple executives in hopes of persuading the company to share encrypted data with the country's spy and law enforcement agencies.
According to sources familiar with the talks, Apple maintained its strong stance in favor of consumer privacy, saying it does not want to see laws updated to block companies from using encryption technology, the report said. Further, Apple is opposed to furnishing government agencies with cryptographic keys that would allow access to secure messages.
Apple in its meetings with Australian officials looked to cut down on additional regulation and legal obligations that could potentially result from the new laws, sources said.
Turnbull last week proposed a set of updated cybersecurity laws that would force tech companies like Apple, Facebook and Google to provide access end-to-end encrypted communications if obliged to do so by court order. The regulations, which the Turnbull administration is looking to get on the books by year's end, are modeled after the UK's Investigatory Powers Act.
"We've got a real problem in that the law enforcement agencies are increasingly unable to find out what terrorists and drug traffickers and pedophile rings are up to because of the very high levels of encryption," Turnbull said. "Where we can compel it, we will, but we will need the cooperation from the tech companies."
Exactly how the government intends to enforce the proposed rules remains unclear.
End-to-end encryption systems rely on cryptographic keys to encrypt plain text messages as they travel through servers between devices. Importantly, service providers do not have access to private keys and are therefore unable to access conversations.
Members of Turnbull's administration who met with Apple said the government does not want to create backdoors to messaging services, nor does it want to weaken encryption, sources said. Apple's recent meetings were in part meant help the government decide how best to overcome these substantial technical hurdles, the report said.
Comments
https://www.newscientist.com/article/2140747-laws-of-mathematics-dont-apply-here-says-australian-pm/
“The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia,” said Turnbull.
Really, I would just like to know who you will blame for the next attack. The same government you despise?
Well, seeing that Apple just agreed to store all Chinese citizen’s data in Chinese servers operated by third party’s (wink, wink) I don’t think Apple would have any problem complying with Australian law should it come to pass.
E2E encryption by definition means that only the sender and receiver of encrypted information have the key to decrypt the information. Designing the encryption system with a way to deliberately break makes it weaker. If an unrelated third party keeps an encryption key, it's not E2E any longer and it is inherently less secure than E2E.
If a "terrorist" attack (whatever that is) resulted in the deaths of my friends or family, I would first blame the terrorists. If I were to blame anyone else it would really depend on the details. Were the "terrorists" incompetent goofs who left all kinds of obvious indicators of what they were going to do that were ignored by law enforcement? If so, then I'd be upset with law enforcement. Were the "terrorists" highly competent, determined individuals who did a very good job of covering their tracks? If so, then I wouldn't blame law enforcement -- I recognize that we will never achieve 100% success in stopping killers (whether we call them "terrorists" or not).
I think most reasonable people blame the perpetrators. If encryption is such an impediment in preventing terrorism, then why couldn't they stop the IRA attacks of the 1980s? Or Lockerbie? Or Oklahoma City? All done before end-to-end encryption of this type was available in consumer products.
As somewhat of a 'techie', I'm not opposed to Tech Companies assisting lawful investigations using suitable means. I'm opposed to deliberate weakening of security in a vain attempt to increase their ability to 'snoop'.
Let's take iMessage as an example. Right now, you can converse on that platform and the messages are encrypted. Now, let's assume that we get to the point where the public and private keys have to be stored by Apple and provided under a legal request so that intercepted and encrypted messages can be accessed by investigators.
How does that change things for the regular person? Well, it doesn't unless you begin conversing with someone the government is watching and then your keys may be sought and your messages accessed.
How does a terrorist react? I'd expect that they would simply pre-encrypt anything before sending it meaning that while the law can now access iMessages they still will not be able to read the actual content they are interested in.
So, I fail to see how we managed to achieve anything by allowing this. Worse still, given the various governments lack of ability to keep stuff secret and away from hackers and the like mean that this action is more likely going to end with the only regular preson's data being inspected and made available.
Sadly, I think it's likely you are correct.