Concentration Risk is the new Vendor Lock-In
Angus Taylor, Australia's Cyber Security Minister, is seeking to “modernise” existing laws in order to allow law enforcement to access the data of suspected terrorists and criminals. Under the new laws, tech giants Facebook, Apple, Google, and Whatsapp would be obliged to provide encrypted information, alongside telecommunications companies like Vodafone, Optus, and Telstra.
The Turnbull government have drafted the legislation in a bid to introduce it in the upcoming months, with the purpose of gaining “access to information for holding criminals and terrorists to account for investigations and gathering evidence”, according to Taylor. If companies refuse to comply, the laws would impose significant fines on those who retain requested data.
The news comes amidst the GDPR hype in Britain and Europe, and undoubtedly raises questions of privacy and trust for those who are not suspected of crime. Taylor has recognised these concerns and told AAP that he could “absolutely” ensure the private encrypted messages of innocent individuals would be safe under the new legislation.
The ASIO and Federal Police assert that their current technical capabilities surpass their earlier attempts to acquire encrypted data through “backdoor” methods, such as using a “key” to decrypt desired data. Taylor added that the new legislation would avoid using these outdated methods, in an effort to reduce the introduction of “weaknesses” in encrypted services that have the potential to be exploited.
Taylor also claims that the laws “were developed during an analogue era decades ago and they are now out of date...there’ve been very substantial changes in the technology and we need to update the powers.” Alternative methods of access to data are supposedly being implemented in order to swerve these potential risks, but Taylor has refused to provide more detail on the technicalities, which he said were “not within remit” to discuss.