Government wants telcos to install spyware on your phone
Security and immigration ministers from the “Five Eyes” security alliance countries – Australia, Canada, New Zealand, the United Kingdom and the United States – quietly descended upon the Gold Coast for a two-day conference in late August.
These conferences are never good news for the majority of people, and they usually conclude with the publishing of wish lists for more invasive state surveillance and repression powers.
The Gold Coast get-together was no exception. And the choice of Australia as host country was probably calculated – less than a month later, then home affairs minister Peter Dutton introduced a bill into the parliament to implement one of its key – and most alarming – recommendations.
If passed, the Telecommunications and Other Legislation Bill would give the government the power to force telecommunications and tech companies to install secret spyware on devices so that the state can get around encryption. It is hard to overstate the magnitude of this attack on civil liberties and on the integrity of the entire internet.
In the years since the so-called War on Terror began in 2001, states have massively expanded their policing and surveillance powers, especially in the digital realm. Frustrating this expansion, however, has been the increasingly mainstream use of encryption.
Activists, whistleblowers or anybody concerned to protect their communications, can easily access free and highly secure end-to-end encryption, using apps such as Signal, WhatsApp, Snapchat and even Messenger (by using its “secret conversations” feature).
Even the world’s most powerful supercomputers can’t crack the encryption algorithms used in these services. The Department of Home Affairs estimates that more than 90 percent of data being intercepted by federal police is encrypted. So it is little wonder the state is seeking ways to crack people’s communications.
This is where the Telecommunications Bill comes in. If passed (which is likely at this stage because Labor supports it, albeit critically), federal agencies could read your messages and stored data without having to decrypt a thing. A critical joint submission to the parliament by the Communications Alliance, the Australian Information Industry Association and the Australian Mobile Telecommunications Association explains:
“Agencies could oblige a device manufacturer to preload (and then conceal) tracking or screen capture software (spyware) on commercial handsets which could be activated remotely.”
Earlier versions of the legislation put forward by the Turnbull government last year proposed giving agencies the power to force telcos and tech companies to design “back doors” into their systems to allow unfettered access to encrypted information. That was widely condemned by security experts: if a back door exists for government agencies, it would be only a matter of time until others pried their way through it.
This was highlighted by the WannaCry global ransomware attacks. The WannaCry masterminds exploited a vulnerability in Microsoft Windows, which was stolen from the United States National Security Agency. NSA spies had been using it for their own hacking purposes.
Promoters of the Telecommunications Bill say it would not allow the introduction of back doors. But that’s no cause for relief, because secretly embedded spyware would be open to third party cracking.
The Five Eyes have been pushing for anti-encryption legislation for a long time. However, push back from civil rights groups and even telcos and tech companies has stymied their attempts – for now.
If this bill is passed it will be a world first, giving the green light to the other Five Eyes countries to do the same, and opening a dark new chapter in the era of government mass surveillance.
