Apple joins other tech giants denouncing Australia encryption backdoor proposals
Apple is joining Alphabet, Amazon, and Facebook in opposing a proposed law in Australia that would force companies to provide law enforcement officials access to encrypted data for the purposes of fighting crime, or face steep penalties.
The four companies will be lobbying the government to denounce the proposals, the Alliance for a Safe and Secure Internet group confirmed to Reuters, with the tech giants working together in attempting to convince lawmakers to alter the bill ahead of a parliamentary vote, expected to take place within weeks.
Appearing in a list of legislation proposed for introduction in the spring parliamentary sittings in August, the bill attempts to make it easier for security agencies and the police to investigate crimes and potential national security risks by ordering other entities to provide assistance. Though not specified explicitly, the assistance could potentially demand the creation of some form of security backdoor, which would weaken the overall security of the company's services.
"Any kind of attempt by interception agencies, as they are called in the bill, to create tools to weaken encryption is a huge risk to our digital security, said Alliance spokeswoman Lizzie O'Shea.
The wording of the bill suggested agencies would be able to demand services offer ways to see the data, potentially by acquiring the data at the user's end before it is encrypted and sent over the Internet rather than creating an encryption backdoor. While this would eliminate the need for a backdoor for encryption itself, adding such a "feature" to an app would most likely erode the public's trust of that company.
"It isn't necessary to give law enforcement agencies access to a decryption key otherwise under the sole control of a user," advised Minister for Law Enforcement and Cyber Security Angus Taylor in June. "We simply don't need to weaken encryption in order to get what we need."
The penalties for the bill are hefty, with the proposal suggesting a fine of up to A$10 million ($7.2 million) for companies and institutions who do not comply with a court request for private data. Individuals facing the same request could be imprisoned if they similarly refuse.
It is believed the attempts by the Australian government to change its laws to require effective backdoor access to data held by tech companies is a test case that could see implementation elsewhere, if it is brought into law.
The "Five Eyes" nations, a group consisting of Australia, Canada, the U.S., the U.K., and New Zealand that share intelligence with each other, said it would continue to push for access to encrypted messages and voice communications through changes to laws, under the guise of protecting national security.
Apple's involvement in the lobbying group is a continuation of its efforts to fight demands to create backdoors or for any actions that weakens product security. In March, senior VP of software engineering Craig Federighi advised "Weakening security makes no sense when you consider that customers rely on our products to keep their personal information safe, run their businesses, or even manage vital infrastructure like power grids and transportation systems."
Tech companies have also campaigned against the introduction of backdoors in other legislative change attempts, including pressuring the U.K. Parliament to remove the encryption backdoors element from the 2016 Investigatory Powers Bill before passing it, though efforts to add such backdoors continue in the country.
Efforts are being made to try and protect the United States from implementing similar measures, with the "Secure Data Act" proposed in May to theoretically prevent courts and federal agencies from issuing orders to create backdoors or other security-weakening features.
The four companies will be lobbying the government to denounce the proposals, the Alliance for a Safe and Secure Internet group confirmed to Reuters, with the tech giants working together in attempting to convince lawmakers to alter the bill ahead of a parliamentary vote, expected to take place within weeks.
Appearing in a list of legislation proposed for introduction in the spring parliamentary sittings in August, the bill attempts to make it easier for security agencies and the police to investigate crimes and potential national security risks by ordering other entities to provide assistance. Though not specified explicitly, the assistance could potentially demand the creation of some form of security backdoor, which would weaken the overall security of the company's services.
"Any kind of attempt by interception agencies, as they are called in the bill, to create tools to weaken encryption is a huge risk to our digital security, said Alliance spokeswoman Lizzie O'Shea.
The wording of the bill suggested agencies would be able to demand services offer ways to see the data, potentially by acquiring the data at the user's end before it is encrypted and sent over the Internet rather than creating an encryption backdoor. While this would eliminate the need for a backdoor for encryption itself, adding such a "feature" to an app would most likely erode the public's trust of that company.
"It isn't necessary to give law enforcement agencies access to a decryption key otherwise under the sole control of a user," advised Minister for Law Enforcement and Cyber Security Angus Taylor in June. "We simply don't need to weaken encryption in order to get what we need."
The penalties for the bill are hefty, with the proposal suggesting a fine of up to A$10 million ($7.2 million) for companies and institutions who do not comply with a court request for private data. Individuals facing the same request could be imprisoned if they similarly refuse.
It is believed the attempts by the Australian government to change its laws to require effective backdoor access to data held by tech companies is a test case that could see implementation elsewhere, if it is brought into law.
The "Five Eyes" nations, a group consisting of Australia, Canada, the U.S., the U.K., and New Zealand that share intelligence with each other, said it would continue to push for access to encrypted messages and voice communications through changes to laws, under the guise of protecting national security.
Apple's involvement in the lobbying group is a continuation of its efforts to fight demands to create backdoors or for any actions that weakens product security. In March, senior VP of software engineering Craig Federighi advised "Weakening security makes no sense when you consider that customers rely on our products to keep their personal information safe, run their businesses, or even manage vital infrastructure like power grids and transportation systems."
Tech companies have also campaigned against the introduction of backdoors in other legislative change attempts, including pressuring the U.K. Parliament to remove the encryption backdoors element from the 2016 Investigatory Powers Bill before passing it, though efforts to add such backdoors continue in the country.
Efforts are being made to try and protect the United States from implementing similar measures, with the "Secure Data Act" proposed in May to theoretically prevent courts and federal agencies from issuing orders to create backdoors or other security-weakening features.
Comments
I see little chance of avoiding the spread of this Aussie plan to a number of countries over the next 2 years and certainly the other "Five Eyes". It's coming IMO, the net being tightened worldwide. See this map
https://www.gp-digital.org/world-map-of-encryption/
But when the citizens themselves have their security compromised by a universal back door, that’s another matter altogether. Because as soon as the first trial where a back door has been used, and the defense attorney demands that his expert have access to the back door code to ensure that evidence collected from his client’s device was not altered by it, that’s when that backdoor will get out into the wild and eventually into the hands of a very bad actor.
Old Chinese proverb say, ‘If you can’t say what you mean, how can you mean what you say?’
"Welcome to iCloud operated by GCBD
THIS LEGAL AGREEMENT BETWEEN YOU AND AIPO CLOUD (GUIZHOU) TECHNOLOGY CO., LTD. (“GCBD”) GOVERNS YOUR USE OF THE ICLOUD PRODUCT, SOFTWARE, SERVICES, AND WEBSITES (COLLECTIVELY REFERRED TO AS THE "SERVICE"). APPLE TECHNOLOGY SERVICES (GUIZHOU) LTD., OR A SUCCESSOR OR ASSIGNEE OF APPLE TECHNOLOGY SERVICES (GUIZHOU) LTD., MAY FROM TIME TO TIME PROVIDE SUPPORT TO GCBD IN ITS PROVISION OF THE SERVICE....
"GCBD is the provider of the Service in the Mainland of China, which permits you to utilize certain Internet services, including storing your personal content (such as contacts, calendars, photos, notes, reminders, documents, app data, and iCloud email) and making it accessible on your compatible devices and computers, and certain location based services, only under the terms and conditions set forth in this Agreement."
So nope, not misleading at all IMO. Perhaps you hadn't looked into it all that much and assumed it was as simple as Apple initially tried to spin it, just using local servers same as they do everywhere else in the world? I think Mr. Cook portrayed it that way again on the HBO special this week, but at least to his credit he didn't sound particularly comfortable (or confident) saying it out loud.
Thank you Apple for keeping that back door firmly shut. If there would be one, it'd be used by both the government, and criminals.
>:x
...and by the way warrants aren't required in China either. GCBD is legally obligated to cooperate with any police inquiry, which includes access to readable user data if deemed important to the investigation. The side agreement between GCBD and China Telecom should make it easier to add in the phone calls and messages sent and rec'd from user's iPhones to go along with any cloud-stored data.
.hentaiboy said: It doesn’t matter what is on his phone. It’s the mindset behind it which constantly seeks to assert the power of the state over the individual. The authorities have no reason to suspect they will need to look at a particular person’s data. They just want to be able to. It is a reflection of the rapid growth of government and an assumption by the politicians that they can do what they like. They should reflect on the words of a young River Tan:
The response from the public will be swift and harsh and not towards Apple. This government is already badly on the nose and a move like this would be received just the way the Tech companies would want it to be, and with an election just around the corner it might help to solve a few othe things as well.