The Null Device
To the surprise of exactly nobody, Australia’s Labor party agree to pass the mandatory encryption back-door bill, after the usual pantomime of token opposition.
The bill will allow the government to demand technical measures to allow access to encrypted content. The ALP stress that it will include safeguards, ensuring it is only used for matters of national security. It also has provisions preventing it from being used to mandate the introduction of “systematic weaknesses”, the definition of a “systematic weakness” being whatever the Attorney-General and Communications Minister agree it is or isn’t.
Labor’s spokespeople, resplendent in their progressive pragmatism, assure us that there’s no need to worry, that they have exacted strict safeguards as conditions of their support, requiring not one but two cabinet-level ministers to decide what isn’t a systematic weakness, and requiring that technical surveillance capabilities are mandated only for the most serious of cases (i.e., “OMG Paedoterrorists!”-level threats), with the non-terrorist/non-paedophile majority’s privacy assured as always. And perhaps the Australian political process, renowned worldwide as it is for its high calibre, has managed to, in secret committee, produce a perfectly square circle, a magical golden key that can only be wielded against evildoers and is impervious to abuse, misuse or negligence. (Or at least to the standards of the Australian law of “no worries, she’ll be right mate”; i.e., “I’m not a Muslim, a commo, femmo, pinko, greenie, bikie, trade unionist or any other kind of ratbag, or involved a cop’s ex-missus or anything, and neither are most people, therefore there are no possible problems worth thinking about”)
Of course, the much vaunted safeguards apply only to ordering companies to implement back doors; once the back door has been implemented, it’s there for any subsequent use: everybody’s WhatsApp messages, by law, have an escrowed key that ASIO’s computers can use to automatically decrypt and store them. If Australia’s metadata retention regime is anything to go by, the number of agencies with access to this will only grow. Within 12 months, copyright holders will use this to detect and prosecute someone sending an illegally downloaded TV show episode to a friend, or using a VPN to circumvent pirate site blocks; six months later, local councils will be trawling the plaintext of everyone’s iMessage conversations to find litterers and dog-poo violators. The government will, of course, have a much easier time of bringing the hammer down on troublesome journalists seeking to embarrass them, and anybody even considering talking to them. Meanwhile, somewhere in Queensland, a cop will have an easier time getting a hold of his estranged wife and the new man in her life. And a few years later, when mass surveillance of anything held on network-connected electronics is the new normal, some politician or public servant, impressed by the efficacy of China’s social-credit system or a PowerPoint presentation from Palantir, will suggest a system to aggregate everybody’s plaintext and analyse it to find as yet unidentified potential threats, by assigning everybody a “true-blue Aussie score” based on their chats, photos and file backups and making a list of those with suspiciously low ones. (Bonus card: the Russian mafiya quietly crack the ASIO key-escrow system and spend a few months feeding the plaintext of every Australian’s data into their databases, before embarking on a continent-scale automated extortion campaign.)
Meanwhile, the other four members of Five Eyes will be lining up to send their decryption requests through Canberra; sometimes, having a member of your club which is still, for all administrative purposes, a penal colony and military strongpoint of Empire, where there is by definition no right to privacy from Authority, can be useful.