Australia

Australians Should Defy Their Government's Poorly Considered Surveillance State

Australians who want to protect their data from surveillance now need to turn to extra-legal means.

|

Magictorch IKON Images/Newscom

Political consensus is an interesting thing to behold—especially when ruling parties and their nominal "opposition" join to force truly terrible legislation down the throats of their subjects. Take, for example, the legislative attack on privacy-protecting encryption technology that both Australia's ruling Coalition and the "opposition" Labor party joined together to inflict on that country last week.

Those Australians still cherishing a desire to protect their data from surveillance now need to turn to extra-legal means to shield their lives from snoopy officials and anybody else who might exploit legally mandated peepholes into personal information.

As always seems to be the case, Australian legislators rushed to pass the Assistance and Access Bill of 2018 at the insistence of law enforcement and intelligence agencies, which shrieked that curbs on encryption were necessary to enforce laws and forestall unspecified security threats. "Our police, our agencies need these powers now," Prime Minister Scott Morrison huffed.

And so both major blocs in Parliament conspired to ram through a bill that will not only let the government force communication providers to use existing interception capabilities on demand, but also to mandate the creation of new interception capabilities, and even let the state "request" wide-ranging changes, such as the complete redesign of systems.

"This Bill … has the likely impact of weakening Australia's overall cybersecurity, lowering confidence in e-commerce, reducing standards of safety for data storage and reducing civil right protections," Digital Rights Watch warns. "Encryption is not a barrier to a safe society – quite the opposite – it is a form of protection against criminal acts, including state-sponsored hacking."

Not to worry, say officials. The law explicitly says that services subject to the law "must not be required to implement or build a systemic weakness."

Except, as Internet security firm Kaspersky Labs protested in a pre-passage statement on the law, "there is broad industry agreement that a third party access to encryption keys weakens encryption for all users, including those not targeted by the encryption agency." Kaspersky also frets that Australia's wide-ranging new law might put cooperating firms in breach of the laws of other countries, so that "providers may face a stark choice of which country's laws they will have to violate."

Civil libertarians pointed out that the dangerous people ostensibly targeted by the intrusive legislation are the least likely to be affected by it.

"The reality that law-enforcement grapples with is that the ability to encrypt information is itself public, the algorithms are public, the ways of generating keys are public," Paul Brooks of Internet Australia told lawmakers before they voted. "Any organisation, for good or bad, can create their own software relatively simply and communicate using it and are unlikely to respond or even be known about to receive some sort of notice."

Which is why libertarian Senator David Leyonhjelm snorted about the new law, "It won't help catch any terrorists, but it will drive the software industry offshore."

But much of the software industry is already outside Australia, accustomed to working around all sorts of intrusive national laws, and accessible to anybody with Internet access and a disdain for home-grown busybodies. Sure, the big tech firms are likely to knuckle under—they have commercial presences to maintain and the capability to comply with all sorts of requirements (although contradictory laws across international borders will be as much a problem for them as for anybody). But anybody who was placing their privacy hopes in the hands of Facebook and Google is trusting in the wrong cabal of collaborators.

Better prospects are to be found in the likes of Signal, the open-source encrypted messaging app that exists largely to give cops and snoops heartburn. Journalists working in authoritarian dumps around the world appreciate the app, which is a strong endorsement.

Signal recently largely lost the ability to use domain fronting to hide itself from censors who try to block the service, but the fact that it's working to remedy that problem and that the company celebrates "when we receive a subpoena for user data and have nothing to send back but a blank sheet of paper" suggests that Australian officials shouldn't anticipate eager cooperation from this quarter.

Protonmail is an email service that deliberately structures itself to protect privacy—in part by positioning itself under the legal protections of Switzerland. "There is virtually no way to enforce this law outside of Australia because it has no foreign equivalent," Protonmail notes of the Assistance and Access law. The company says bluntly that it "is not under Australian jurisdiction" and that "we remain committed to protecting our users anywhere in the world, including in Australia."

The similar German-based Tutanota email service warns that "the governments of the United States, United Kingdom, Canada, Australia and New Zealand (also known as Five Eyes) have made it clear that they plan to force technology providers based in their countries to enable lawful access to users' encrypted communications" and assures users that "we have made it our mission to stop mass surveillance with encryption."

Some privacy-peddling services have actually been using the Australian law as a marketing point.

"Companies based outside of Australia would have a much easier time operating without complying with the new law," encrypted internet-connection-provider NordVPN boasts on its blog. "NordVPN, for example, is based in Panama, where we aren't legally required to collect user logs."

And, as several experts continue to remind us, building encryption into new and potentially underground applications is not a huge challenge for organizations intending both good and ill. Echoing Internet Australia's Brooks, Tutanota added that even if such legislation spreads, those unwilling to submit to surveillance "will build their own encrypted tools, making it even harder for law enforcement to keep track."

That potential for overseas solutions and DIY encryption continues even if other countries decide to follow in Australia's footsteps. Privacy will remain available to criminals, terrorists, and those most skeptical of state power and willing to buck the system. The true victims will be the people who are the most deferential to their snoopy masters.

NEXT: Final Version, "Cross-Enforcement of the Fourth Amendment"

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. Once again, China leads the way in showing democracies how a government operates. Just require ISP’s to maintain a whitelist of approved domain names and block everything else.

    1. How do you prevent people from using their own DNS servers?

      1. block Foreign DNS servers at the interconnect points between national telcomm grids.

        1. No, I mean running their own DNS servers.

          1. That’s easy. Angry policemen with guns.

      2. How do you prevent people from using their own DNS servers?

        I am sure China is smart enough to only allow IP addresses associated with their whitelist.

  2. Surely someone will make available a 3D printing file to get around this?

  3. Resist, mate!

  4. Those Australians still cherishing a desire to protect their data from surveillance now need to turn to extra-legal means to shield their lives from snoopy officials

    Reason is promoting anarchism(*). Pass it along.

    (*) Finally!

  5. We need to cut Australians a spacial break on this thing here… They face threats that the rest of the world has never dreamed of!

    Rabbits are NOT native to Australia, and they have run AMOK down under! Suppose they ever successfully interbreed with kangaroos!!! The results would be HOPPERS FROM HELL, with super-hopper-powers!!! If they ever learn to shop at the shopping malls, in long shopping lines for super-popular products, they’d super-hop the lines in front of us, and maul us at the malls!!!

    The Aussies would have very little choice, other than to devise a GMO to go on the counter-attack…
    MeThinks that such GMO should be called the “Thunder from Down Under, Super-Mall-Mauling, Shopper Hopper Stoppers”!!!
    Or maybe “Thunder from Down Under, Super-Mall-Mauling, Shopper Hopper Stopper Coppers” (Coppers with police powers).
    The evolutionary arms race would be ON!!! To fight back against these “coppers”, the Shopper Hopper Gang would need…
    “Thunder from Down Under, Super-Mall-Mauling, Shopper Hopper Stopper Copper Stoppers”!!!
    The counter-counter measure then becomes a device used by the coppers, to chop them all to pieces!

    This, then, is known as the?
    “Thunder from Down Under, Super-Mall-Mauling, Shopper Hopper Stopper Copper Stopper Chopper”!!!

    1. Rabbits are NOT native to Australia, and they have run AMOK down under!

      And these are not the highly-skilled rabbits, the top cream of non-native rabbits “we”[*] want [except whem we* don’t]. Instead these are the low-skilled brown rabbits from shithole countries that “we”[*] don’t need more of.

      [*] We as in “we, white supremacist rabbits.”

      1. We’re all equal, except…

        …some animals are more equal than others, and Trump is more equal than ALL of the rest of us put together!

        So it should come as no surprise that some immigrant rabbits are more equal than others. Some sing the praises of more supposedly high-skill immigrants instead of (supposedly) low-skilled immigrants. But as I’ve remarked before, in the current set-up of having to have a license before on can scratch our own assholes, almost…

        I’d just as soon take more brown rabbits than white rabbits, more “low-skilled” than “high-skilled”!

        Because my lawn-mower dude never agitates for more licensing to jack up his wages and exclude more of his competitors. But as those of us who have been paying one tiny lick of attention know darn well, the doctors-lawyers-dentists-etc. crowd does this crap to us all day, every day!

    2. You forgot the screaming white horde of Antarticans constantly besieging their southern border hoping for a new start and better life…

  6. I expect Australians to resist this about as much as they resisted gun confiscation.

    1. As I understand it, a fairly large proportion of Australians didn’t turn in their guns. I believe Reason had an article on it a while back, but I can’t find it with a quick search.

      1. Understood; I’ve read that the compliance rate was around 20 percent initially, which resulted in anther promotion to get them to turn in their guns last Summer. Along with running ads showing guys standing in a prison shower, with a clear warning of what your life would become if you failed to comply.

        That is to a degree resistance, but hiding your guns means you can never use them again [short of armed insurrection].

    2. You’d expect that the descendants of convicts would have a bit more backbone.

      1. Their government is also run by the descendants of convicts, so it’s a bit of a wash.

      2. You might, but you’d be wrong. The whole “Crocodile Dundee” image is total fabrication. Most Aussies are just about as eager to bow down to authoritah as anybody they left behind in Mother England.

  7. As a paying customer, proud to see Protonmail take a stand on this!

  8. Garbage continent at it again.

  9. And so both major blocs in Parliament conspired to ram through a bill that will not only let the government force communication providers to use existing interception capabilities on demand, but also to mandate the creation of new interception capabilities, and even let the state “request” wide-ranging changes, such as the complete redesign of systems.

    Not to worry, say officials. The law explicitly says that services subject to the law “must not be required to implement or build a systemic weakness.”

    That’s a little like passing a law requiring everyone to go swimming, but insisting no one has to get wet. Anyone with any slightest understanding of technology knows it’s flatly impossible to build in some magic back door that can only be accessed by the good guys. Too bad legislators aren’t actually required to know anything about the subjects they long to control.

    1. Take a deep breath fellows and check your more recent news feeds. The government, so determined to “protect the community”, decided to adjourn parliament for two months rather than extend the sitting for an hour or so to “ram it through.”

      It’s just pre-election politics

  10. Firstly, this is despicable but unsurprising; astonishing to see there’s any defense for the intrusion and utter insult to property rights and liberty. And yet the apologists and safety seekers argue.

    Secondly, “Civil libertarians pointed out that the dangerous people ostensibly targeted by the intrusive legislation are the least likely to be affected by it.”

    Would these be the same civil libertarians who argue the opposite in re gun control?

  11. I essentially started three weeks past and that i makes $385 benefit $135 to $a hundred and fifty consistently simply by working at the internet from domestic. I made ina long term! “a great deal obliged to you for giving American explicit this remarkable opportunity to earn more money from domestic. This in addition coins has adjusted my lifestyles in such quite a few manners by which, supply you!”. go to this website online domestic media tech tab for extra element thank you .
    http://www.geosalary.com

  12. I essentially started three weeks past and that i makes $385 benefit $135 to $a hundred and fifty consistently simply by working at the internet from domestic. I made ina long term! “a great deal obliged to you for giving American explicit this remarkable opportunity to earn more money from domestic. This in addition coins has adjusted my lifestyles in such quite a few manners by which, supply you!”. go to this website online domestic media tech tab for extra element thank you .

    http://www.Mesalary.com

  13. Email is a powerful business communication tool as well as a source of massive amounts of data. With lots of problems, it becomes an easy target for SPAM, viruses, phishing, and other malware. No doubt, people & businesses are unaware of just what the risks are, or that they are subjected to the same legal and compliance requirements as large businesses when it comes to their email records. In case, you are dealing with technical glitches associated with your e-mail accounts, contact our email support team to get instant help desk.

Please to post comments

Comments are closed.