Australian encryption-busting Bill fatally flawed: UN Special Rapporteur Watch Now

A collective of companies and civil liberty groups including Apple, Amazon, Google, Microsoft, Facebook, Privacy International, Linux Australia, and the Electronics Frontier Foundation have issued a warning that requirements to silently add law enforcement into encryption chats could introduce vulnerabilities and create new risks to systems.

The plan to create so-called "ghost users", detailed as a discussion starter by Technical Director of the National Cyber Security Centre Ian Levy and Technical Director for Cryptanalysis for GCHQ Crispin Robinson in November, was claimed to allow end-to-end encryption to remain, and have an extra end for law enforcement.

"It's relatively easy for a service provider to silently add a law enforcement participant to a group chat or call," the pair said.

"The service provider usually controls the identity system, and so really decides who's who and which devices are involved -- they're usually involved in introducing the parties to a chat or call."

In response, the collective said messing with authentication would create "serious digital security risks".

"Like the end-to-end encryption that protects communications while they are in transit, authentication is a critical aspect of digital security and the integrity of sensitive data," the collective said in a submission [PDF] to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) review into Australia's new encryption laws.

Also: Duelling ghosts battle over encryption laws in a dying Parliament

The group also poured water on the idea of forcing phone makers to create a feature that would silently take periodic screenshots and send them to authorities, while also striking out at the idea of companies being required to hand over source code.

"The law should be amended to ensure that a company cannot be compelled to hand over its source code, because any such government demand would irreparably damage users' trust, and could undermine the security of the products or services provided," it said.

The submission also argued that government should not be able to issue notices to prevent companies from making architectural changes that could negate a surveillance capability, as having a panel assess notices is not a replacement for independent judicial review. It also added that the Federal Court should review and approve notices before they are sent out.

As part of a deal agreed to by the Coalition government and Labor opposition to have the legislation pass Parliament before it rose for the summer break last year, a double-lock mechanism was added whereby the attorney-general and communications minister would need to authorise a Technical Capability Notices, and where there was a dispute over whether such a notice would create a systemic weakness, the issuing decision would be determined by a former judge and a technical expert.

"At a minimum, [relevant sections] should be expanded to cover challenges to technical assistance notices and amended to provide for review by the Federal Court following the issuance of the assessors' report and the Attorney-General's decision," the collective said.

"If the report of the assessors raises significant concerns regarding the proposed technical assistance notice or technical capability notice, the Attorney-General must be required to seek review by the Federal Court before it can give such notice.

"The Federal Court would then be required to review whether the government's interest in giving the notice is so great that it significantly outweighs the concerns raised in the report of the assessment."

Also making a submission to the review was Australian email provider Fastmail, which pushed for allowing companies to disclose statistics related to notices received.

See: Home Affairs reveals Australian authorities already using new encryption powers

"We strongly request that companies not be forced to keep technical capability requests secret. Keep the specific use of capabilities secret, but not the existence, " Fastmail CEO Bron Gondwana said.

The CEO called for the ability to publish overall metrics with ranges such as "fewer than 50 / 50-200 / 200-500 / 500-2000 / over 2000".

"Customers will otherwise assume the high end of this range, when the low end is in fact the truth," he said.

Gondwana said his company had regularly been asked by customers if they were relocating due to the encryption laws, and that Fastmail customers were concerned they could not trust the Australian government to "properly manage, monitor and control the flow of access requests".

"They don't trust the government's technical capabilities (activities around the MyHealthRecord and Robodebt are sources for justification for this view.)," he wrote. "We have already seen an impact on our business caused by this perception.

"Our particular service is not materially affected as we already respond to warrants under the Telecommunications Act. Still, we have seen existing customers leave, and potential customers go elsewhere, citing this bill as the reason for their choice."

Fastmail warned that due to the encryption laws, Australia was now seen as a country that does not respect the right to privacy.

Earlier this month, the Senate had voted to toss the definitions of the contentious terms systemic weaknesses and systemic vulnerability in the legislation, but due to the short sitting calendar prior to an expected May election, the change may not make its way through the House of Representatives.

Related Coverage

Duelling ghosts battle over encryption laws in a dying Parliament

After just two hours of debate, Australia's encryption law amendments are now stalled in the Senate until April. Only one key amendment was passed, but both government and opposition can claim a win.

Australian anti-corruption bodies should get encryption-busting powers: PJCIS

Exclusion of anti-corruption agencies was an interim measure, Andrew Hastie has said.

Australian Senate votes to replace systemic weakness and vulnerability definitions in encryption laws

A Labor amendment to replace the definitions of the terms systemic weaknesses and systemic vulnerability has been agreed to by the Senate on Thursday.

Canberra ignoring 'overwhelming empirical evidence' on encryption busting

Associate professor Vanessa Teague believes Canberra is ignoring efforts from experts to explain why the encryption-busting laws are the wrong approach.

AFP concerned about approving state police usage of Australia's encryption laws

Concerns over a federal body overseeing the operations of state and territory authorities.

Home Affairs reveals Australian authorities already using new encryption powers

The Department of Home Affairs has been told law enforcement and national security agencies are already using the Act as the department continues to 'support' its implementation.