We're in an era where governments are seeking the ability to overpower privacy laws and circumvent security measures, such as encryption. Any government who legislates that, can no longer be trusted.

Only a few months after the US CLOUD Act, which forced my companies to stop hiring American developers, as well as forcing us to end using any American tech service such as Google, Gmail, or Amazon AWS, Australia has just passed a law that is also frightening.

In this new Australian legislation, police can force companies to create a technical backdoor that would give them access to encrypted messages without the user's knowledge. As a result, you can not only not trust any Australian technology company, such as Atlassian (parent of awesome tools like Trello and Jira), or Fastmail, but you can't trust any company that has an Australian software developer any more. We're even discussing if we can trust any company that has an employed Australian any longer.

I'm furious for my Australian friends over this, as your government has just abandoned your livelihood by making you not trusted any more.

My companies have immediately stopped using any Australian tech company's services, as we're still rolling off American tech services, and we can no longer hire Americans or Australians without some reasonable type of Warrant Canary situation.

As Asher Wolf noted, this bill also goes against the GDPR, so Europeans can't trust Australians or their technology companies.

https://twitter.com/Asher_Wolf/status/1070263852477014016

Even if you're naive enough to think only law enforcement would use this when appropriate, it's perhaps worth mentioning as someone with a background in information security, it is not possible to create a backdoor only for the 'good guys', but a backdoor is now a vulnerability for bad actors to exploit as well.

We're seeing this creeping digital surveillance culture be trialled in the various 5 EYES countries, with the others eyeing the reactions to see the impact that would take place if they passed similar legislation on their respective soil.

For any Canadian law or policy makers reading this, please consult me if a silly idea like backdooring encryption enters the room of any conversation you're in. It's a hard and obvious no, every time, with no exceptions. The economic impact of such a policy can not be ignored, or the impact of making your technical workforce no longer employable -- as two obvious impact examples that will impact their livelihoods as noted above.

I hope the USA and Australia are measuring the chilling affects of these policies, which get larger every passing day.

Any time you hear a politician who suggests putting backdoors into encryption they should never be trusted again (someone should start a Wikipedia page listing them all, by jurisdiction). They're either not knowledgeable in the subject matter, or they're aware and lying to you, and willing to give up your privacy and civil liberties of all of their citizens instantly, in the process.