Government prepares to unveil legislation to tackle police access to encrypted comms

The government is planning to introduce in parliament’s spring sittings legislation to tackle law enforcement access to encrypted communications services.

The Telecommunications and Other Legislation Amendment (Assistance and Access) Bill will “implement measures to address the impact of encrypted communications and devices on national security and law enforcement investigations,” a government document states.

“The bill provides a framework for agencies to work with the private sector so that law enforcement can adapt to the increasingly complex online environment.”

The bill will impose obligations on both domestic and foreign companies that supply services to Australia.

The government has long-signalled its ambition to impose greater obligations for companies that provide encrypted communications services to cooperate with the investigations by law enforcement and national security agencies.

In 2015, Prime Minister Malcolm Turnbull told parliament that he had “asked that ASIO and other relevant agencies work with our international intelligence partners to address the challenge of monitoring terrorist groups” given the increased use of encrypted messaging services.

In June last year Turnbull said that “global social media and messaging companies” need to provide law enforcement with greater access to Internet-based communications services.

The government has said it isn’t interested in forcing service providers to implement backdoors but precisely what new obligations the legislation will impose on companies is unclear.

The cyber security and law enforcement minister, Angus Taylor, earlier this year said the government doesn’t want to undermine encryption. The minister said that the legislation will require companies to take “reasonable steps” to assist law enforcement — but the government has not spelled out what “reasonable steps” constitute in the case of end-to-end encrypted services.

The government document revealing the imminent introduction of the bill cites a speech made by Taylor in June.

Taylor said in that speech that agencies “need access to digital networks and devices, and to the data on them, when there are reasonable grounds to do so.”

“These powers must extend beyond traditional interception if our agencies are to remain effective and pre-empt and hold to account criminal activity,” the minister said.

“There will also need to be obligations on industry – telecommunications and technology service providers – to cooperate with agencies to get access to that data.”

Taylor said that the government would begin consultation the legislation, which will “modernise our telecommunications intercept and search warrant powers.”

The legislation “will not create backdoors,” the minister said. “This government is committed to no backdoors.

“It isn’t necessary to give law enforcement agencies access to a decryption key otherwise under the sole control of a user.

“We simply don’t need to weaken encryption in order to get what we need.”

The timeline for introducing the legislation has blown out significantly: The government originally said a bill would be introduced before the end of 2017. In January this year it said it planned to introduce a bill in the first quarter of 2018.