It’s been a long time between drinks, but Australia is making a determined bid to secure its status as the internet’s official Global Village Idiot once again.
Malcolm Turnbull and George Brandis’ ham-fisted demand that the world’s biggest mass surveillance and corporate espionage regime, the Five Eyes (the US, the UK, Canada, us and the Kiwis), work to compel internet service companies to provide access to encrypted communications is drawing extensive international coverage. “G’day mate — Australia advocates weakening strong crypto at upcoming ‘Five Eyes’ meeting”, Ars Technica reported. “Australia wants Five Eyes to squeeze tech firms on encryption,” Techcrunch said. “Australia announces plan to ban working cryptography at home and in the US, UK, New Zealand, and Canada,” influential writer Cory Doctorow reported. “Australia is not alone here. The regime they propose is already in place in countries like Syria, Russia, and Iran (for the record, none of these countries have had much luck with it),” Doctorow wrote.
The international derision partly derives from the obvious cluelessness of both Brandis and Turnbull, who insist they’re not interested in governments having backdoors into encrypted communications — having worked out that that’s inherently dangerous, given both the NSA and the CIA have lost a whole trove of them to hackers in the last 12 months — but that they can, to use Brandis’ words, compel “service providers to ensure reasonable assistance is provided to law enforcement and security agencies”.
How this is different to backdoors isn’t clear. It also misses the point that service providers of apps like Signal and many other encrypted messaging apps can’t offer any assistance, reasonable or otherwise, because they can’t decrypt encrypted traffic. What governments can, and do, do is gain access to the device on which a user is using an encrypted app and see what is being written, which might involve a service provider co-operating in planting or sending malware to that device. But this involves exactly the same problem as backdoors, only magnified to encompass the entire device, its camera, microphone and software.
So far the government won’t — more likely can’t — explain what it exactly intends to do. Nor, for that matter, has it explained why it thinks encryption is a major problem when virtually every terrorist in recent years is already known, often well-known, to police. One Australian terrorist actually sent George Brandis a letter about wanting to contact Islamic State without drawing any attention from our security agencies.
Australia first secured the label “Global Village Idiot” under communications minister Richard Alston, who at the turn of the century proposed an internet censorship scheme involving site blacklisting — a scheme that later, long after Alston’s departure, spectacularly unravelled when WikiLeaks revealed the blacklist and it was discovered it was riddled with mistakes and overreach (ACMA then promptly blacklisted WikiLeaks). Under Alston, the Howard government also gagged online discussion of euthanasia, tried to ban online gambling and briefly proposed to regulate internet streaming like broadcasting.
The Abbott-Turnbull government has instituted mass surveillance via a national data retention scheme and imposed a new internet censorship scheme at the behest of its major donors from the copyright sector. In 2014, Crikey suggested Turnbull and Brandis would next target encryption. That point appears to have arrived. The problem, as Cory Doctorow has repeatedly explained, is that to have any hope of succeeding, the government would have to
- ban encryption from providers who refuse to co-operate or who are located outside of Five Eyes’ reach;
- ban people from using open source software to create their own encryption;
- ban access to open source software repositories;
- “order Chinese-style filtering using deep packet inspection, to try and distinguish traffic and block forbidden programs”;
- order manufacturers like Apple to block secure software from their devices;
- block any non-government security research; and
- strip any visitors to Australia of their phones.
There’s a serious side to this Canute act, however. Look at the message Australia is sending to investors, tech entrepreneurs and the next generation of Australians who want to work in tech: we’re a country run by ignoramuses and Luddites, prepared to engage in asinine national security politicking rather than admit to the flaws in the national security framework we ourselves constructed. That we’d rather try to halt progress in IT than face the real issues of terrorism, that we’d prefer Australians were unsafe and at the mercy of anyone who can steal a backdoor meant only for the good guys.
Agile and innovative, huh?