Australia: the First Western Nation to “ban privacy”?

0 Comment

Creating keys to an encryption system, or, alternately, maintaining the encryption but forcing companies to create tools that allow them to attach a “stalker” to the system to monitor communications invisibly (the UK is proposing this method of surveillance, and the below Lawfare Blog post has more on this), automatically creates an enormous incentive for anyone aware of the existence of such tools to either try to steal them (if they’re black hats) or leverage them for their own use (if they’re governments).

As Cindy Cohn wrote in a recent post on Lawfare Blog:

Even without compromising the cryptography, there is no way to allow access for only the good guys (for instance, law enforcement with a Title III warrant) and not for the bad guys (hostile governments, commercial spies, thieves, harassers, bad cops and more). The NSA has had several incidents in just the past few years where it lost control of its bag of tricks, so the old government idea called NOBUS—that “nobody but us” could use these attacks—isn’t grounded in reality. Putting the keys in the hands of technology companies instead of governments just moves the target for hostile actors. And it’s unrealistic to expect companies to both protect the keys and get it right each time in their responses to hundreds of thousands of law enforcement and national security requests per year from local, state, federal and foreign jurisdictions. History has shown that it’s only a matter of time before bad actors figure out how to co-opt the same mechanisms that good guys use—whether corporate or governmental—and become “stalkers” themselves.

Check full article at