The UK and NZ laws inspiring Australia's encryption crackdown

Attorney-General George Brandis has said the government will seek to gain “appropriate legal powers” to access communications sent with end-to-end encryption by criminal groups.

It remains unclear exactly how the government expects law enforcement and security agencies to gain access encrypted messages, since it has repeatedly denied that it wants to force the introduction of backdoors

Brandis offered some indication of shape the planned “coercive powers” would take, telling a press conference today that they would be “of the kind” recently introduced in the UK and New Zealand.

In those countries, the laws that have inspired Brandis remain controversial, vague and as yet untested. 

New Zealand

New Zealand’s Telecommunications (Interception Capability and Security) Act was introduced in 2013.

On receipt of a warrant from a surveillance agency, a network operator – defined as a public telecommunications network or a telecommunications service – must “decrypt a telecommunication” on their network or service, but only if it has “provided that encryption”.

At the time, civil liberties group Tech Liberty NZ noted the vagueness of the clause, which remains unclarified.

“What about services…that provide the encryption but don't have access to the key as it chosen by the user? The clause could be read to say that this was no defence and that the network operators would have to engineer in security backdoors or risk being fined. The government's decision not to clarify this would seem to indicate that this is the intention,” the group wrote in a statement.

The law – dubbed a “spying bill” by some – does not require the network operator to decrypt communications if the encryption has been “supplied by a person other than the operator and is available to the public”. Nor does it require that they “ensure that a surveillance agency has the ability to decrypt any telecommunication”.

The legislation passed in New Zealand at the same time of an amendment bill which expanded the powers of the Government Communications Security Bureau.

According to Tech Liberty NZ the new legislation represented “a major expansion of government power over the internet and other communications networks”.

Initially the bill contained a clause which allowed the responsible minister to “direct that a network operator must not resell an overseas telecommunications service in New Zealand where the interception capability, or lack of interception capability, raises a significant risk to law enforcement or national security”. This was later removed.

“The Bill plays a key role in law enforcement and in protecting New Zealand’s national security,” then Communications and Information Technology Minister Amy Adams said at the time.

UK

Former UK Prime Minister David Cameron in 2015 pledged to ban encrypted messaging apps unless the government was given backdoor access.

His justification for the ban was similar to the argument put forward by Turnbull and Brandis today. "In our country, do we want to allow a means of communication between people, which even in extremis, with a signed warrant from the home secretary personally, that we cannot read?" Cameron said at the time.

The Investigatory Powers Act – nicknamed the Snooper’s Charter – was passed in 2016. Within the act, operators can be served a ‘technical capability notice’ by the Secretary of State.

The notice obliges them to remove “electronic protection applied by or on behalf of that operator to any communications or data”. They must also provide information in an "intelligible form" when requested.

Despite these powers, in March this year, UK Home Secretary Amber Rudd said it was “completely unacceptable” that law enforcement agencies were unable to read messages hidden by end-to-end encryption.

“It is completely unacceptable. There should be no place for terrorists to hide,” she told the BBC. “We need to make sure that organisations like WhatsApp, and there are plenty of others like that, don’t provide a secret place for terrorists to communicate with each other.”

Later the same day Rudd told Sky that: “End-to-end encryption has a place. Cybersecurity is really important and getting it wrong costs the economy and costs people money, so I support end-to-end encryption.”

Similar to the comments heard today, the UK government is emphasising that it would be working with rather than against technology companies to remedy the issue. However, a media release following a meeting between Rudd and Facebook, Google, Twitter and Microsoft in March made no mention of encryption or backdoors.

The Investigatory Powers Act more broadly is now subject to legal challenges from civil liberties groups.

Australia?

"It is vitally important that the development of technology does not leave the law behind," Brandis said today.

Legislation “which will, in particular, impose an obligation upon device manufacturers and upon service providers to provide appropriate assistance to intelligence and law enforcement on a warranted basis where it is necessary to interdict or, in the case of a crime that may have been committed, it is necessary to investigate and prosecute serious crime” will be introduced in the spring sittings of parliament, Brandis added.