Australian politicians want to make it easy for governments, hackers, identity thieves, credit card thieves, and other spies to steal your most private information. That by itself seems incredible. However, it is even more incredible that an Australian bill to force companies to install “back doors” in any communications products that use encryption to provide privacy to users has already made its way almost all the way through the legislative process and may become law soon within the country. See https://ab.co/2R01BIy for the details.
Several companies have protested that the bill is not only stupid, it is also dangerous for private individuals, corporations, and even government agencies alike. If law enforcement can access private communications through a “back door” that is supposed to be available only to law enforcement agencies, it won’t be long before the same back door access methods will become common knowledge amongst foreign (unfriendly) governments and to hackers around the world.
Adding back doors will enable almost anyone with knowledge of the “secret access” to learn about your financial transactions, your medical records, political preferences, and more any time that information is sent electronically.
Then there is the issue of law enforcement officials trying to limiting access to only the few individuals who have a legitimate need for access. After all, we have seen many rogue law enforcement officials throughout history who did not always follow the rules of their own organizations. What stops any police official from accessing a back door to spy on his or her former lover or on businesses and other potential blackmail targets? We have seen that many times before when other techniques were used. Having a back door to someone’s supposedly private communications simply provides many new illicit opportunities for all.
One company has now gone on record as refusing to install “back doors” in its products, regardless of any legal requirements to do so.
Open Whisper Systems, the organization that makes the popular Signal encrypted messaging app, has now come out with a strong statement against the law on Signal’s web site. Signal developer Joshua Lund wrote:
“We can’t include a backdoor in Signal.
“By design, Signal does not have a record of your contacts, social graph, conversation list, location, user avatar, user profile name, group memberships, group titles, or group avatars. The end-to-end encrypted contents of every message and voice/video call are protected by keys that are entirely inaccessible to us. In most cases now we don’t even have access to who is messaging whom.”
I have been a fan of Signal for a long time and am pleased to see the company stand up for everyone’s right to privacy. You can read more in Joshua Lund’s blog post at: https://signal.org/blog/setback-in-the-outback/.
Several other major companies have protested that enacting the law in Australia will cause irreparable harm. Apple, Google, Microsoft, and other tech giants have already sent a strong-worded letter condemning the bill. However, Open Whisper Systems is the first to stand up and say, “We will not comply.” Here’s hoping the other companies also have enough backbone to do the same by using nonviolent civil disobedience.