Australian Law Enforcement Now Forcing Service Providers To Grant Access To Data And Content
from the finally-seeing-the-'or-else'-part-of-the-law-applied dept
We all know the term “football,” but our definitions vary greatly. For those in the United States, it’s a sport that delivers beer ads and concussions with similar frequency. For most of the rest of the world, it’s a sport that delivers riots and tie scores with similar frequency. In Australia, the definition doesn’t necessarily follow the description. “Football” is still “soccer,” but the sport most resembling football is called “rugby.” And that sport’s resemblance to American football is negligible at best. Rugby most resembles competing gangs of muggers fighting over an overvalued football-esque ball with the intent of securing it and doing things that somehow cause points to happen.
Thank you for coming to my inaugural — and final — TED talk.
This introduction is meant to draw you in so I can talk about something far less violent, but no less important, than world sportsball. [Gestures vaguely.] We’re talking about “Australian rules” internet. This would be the same internet most of us use. Connections are made. Information spreads. Some of it ends up on personal devices (like cell phones) and IoT doodads (Pelotons, thermostats, in-car navigation systems). Origination and destination are pretty much beside the point. Wherever it is, the Australian government wants access to it.
Perhaps due to its antipodean isolation, the Australian government has made incredible inroads in recent months with the intent of undermining the encryption that protects millions of its citizens from criminals and the shady people they’ve elected. That’s mostly gone now. The Australian government (technically) hasn’t demanded encryption backdoors. Instead, it has demanded the next best thing: on-demand access to content. If this demand results in a backdoor, well, the government can hardly be blamed for the actions of platforms and service providers. All the government did was demand access to content. That it’s locked up and requires the use of a possibly-universal key can’t be the government’s fault, right? Maybe these companies shouldn’t have worked so hard to protect the information and communications of criminals while providing the same protections to the 99.5% of non-criminals that make up their user bases.
The Australian government has a bunch of new powers — ones the federal police were immediately willing to take advantage of. On top of that, there are a raft of new data retention demands being placed on all sorts of tech companies and providers that require them to log user info they may never have logged or retained in the past.
It’s bad. And here’s how things are working out for Australians now, as Chris Duckett reports for ZDNet.
When it comes to Australia’s encryption laws, two out of the three arms can now be publicly said to have been used, following the release of the Telecommunications (Interception and Access) Act 1979 — Annual Report 2020-21 this week.
In previous years, agencies had only used voluntary Technical Assistance Requests (TAR) to get service providers to help them, but the latest report shows NSW Police in the past year also turned to the first of the compulsory notices available.
That request, used in a homicide investigation, is the first use of a compulsory Technical Assistance Notice (TAN) to force a provider to use a capability they already possess. Assistance notices issued by state-level law enforcement are reviewed by the Commissioner of the Australian Federal Police (AFP).
The Australian government is done asking. Now, it’s telling. The government may have eased into its new powers by asking providers to “voluntarily” comply with assistance requests, but now it’s exercising its compulsory side. Maybe too many Bartelbys are employed at local tech companies. Maybe the government is simply tired of asking for compliance. Whatever the case is, we can probably expect Australian law enforcement to be far less polite in the future when it’s seeking information, data, or communications from tech companies.
Requests and demands for data under the new law are funneled through the Administrative Appeals Tribunal. This court has issued 2,900 of the 3,500 warrants under this law, as ZDNet reports. But it appears the agency that acquired the first ever compulsory demand isn’t the most reliable of Australian law enforcement agencies. The New South Wales police seems particularly terrible at exercising its new powers, racking up a hit rate that approaches that of unsolicited junk mail.
Of the AAT member number, just shy of 1,700 warrants were applied for by NSW Police with the force only getting 72 from Federal Court judges. Similarly, the AFP had 590 warrants approved by AAT members from its 653 total.
That’s not encouraging. While this request may have targeted a serious crime (homicide), the NSW Police’s scattershot approach suggests it’s trying to turn this supposedly limited power into an all-purpose investigative tool. Fortunately, it appears the Appeals Tribunal is still acting as a solid check against NSW Police abuses.
That being said, the ZDNet article notes it’s not terrorists, murderers, and child abusers being targeted with the new powers. Contrary to what was orated during arguments for proxy encryption backdoors, the new powers are mainly being used to tackle the most banal of criminal activity: “drug offenses.” This is the kind of crime law enforcement has fought for years without the need for encryption backdoors.
Even disregarding the open question of effectiveness of the multi-decade drug war, was it really necessary to give the government the power to demand encryption backdoors to combat it? That it’s being used to do regular police work isn’t surprising. And neither is the fact that the law’s advocates presented an entirely different parade of horribles when pushing for the legislation. But what should be happening now is the calling out of this particular bullshit by legislators who opposed the new powers. And this calling out should be loud, frequent, and persistent. The government shouldn’t be allowed to get away with crying “terrorism!” just so it can use new powers to do regular police stuff.
Filed Under: australia, backdoors, encryption, new south wales, nsw, police
Comments on “Australian Law Enforcement Now Forcing Service Providers To Grant Access To Data And Content”
Speaking of crimes...
With encryption on the ropes it would probably be a good idea to start tracking how much electronic crimes go up, as if they want to claim that gutting encryption is worth the cost if it reduces crime then that number should take into account all the crime, not just the ones they want to point to.
Mind it still wouldn’t be a worthwhile trade even if their idea did result in more crimes being solved(‘we must stop crimes no matter the cost’ is a great way to get your dystopia on) but as I suspect that the numbers will not be slanted in their favor it’s all the more important to highlight that.
It’s about institutionalized and automated panopticon surveillance, not reducing or fighting crime. Statistics on the matter are irrelevant. They’ll just point to absolute numbers >0 and talk about how unprecedentedly bad the situation is.
Oh I’m quite aware that efforts like this aren’t actually aimed at combating crime but the stats are still important to collect and bring up because it makes it harder, even if only a bit, for them to take what they’ve already done and expand upon it.
If the only ones keeping track of the numbers are them then they can boast about how amazing their current efforts have been and how it justifies even more, but if people can point out that they’ve actually made things worse then it becomes harder to justify those further expansions as at best it looks like doubling-down on a confirmed failure.
As I’ve said a time or two in the past if someone’s trying to stab you in the back make them work for it.
Football just means any field game played on foot, as opposed to on horseback. Which particular game your country calls football is really more indicative of when the UK last occupied your shores.
Sometimes I think that the Australian government still thinks it’s running a penal colony. Whatever their motives, they have a history going back decades of nanny-stating, outright censorship, and erosion of civil liberties.
Do you have a reference for that? That definition would include:
I think it would be quite strange to refer to many of those as “football”. I doubt anyone in the history of ever has said “let’s play football” and had ultimate in mind.
But the drug trade can fund terrorism! Ergo all drug crime is terrorism related, so just give us the data and move along, nothing to see here.
footie is footie, not rugger
Australia has the AFL, which plays on an oval pitch, and has 4 goal posts (malbourne, richmond, collingwood, essendon, hawthorn and carlton all use the Melbourne Cricket Club as their home stadium, the GWSydney Giants use the GIANTS stadium, which was the olympic baseball stadium.
And American football is like rugby for the under 5s (you pad them, let them take a break every minute or so, give them a small field and let them have 10 yards for 4 downs and not 5 downs for the whole field. About 20 years ago I looked into the possibility of an international charity game for 9/11 and when I asked plasyers of two NFL teams (I was at an event with both the oakland raiders and the SF giants in november 2001) they both said no, because rugby players are F**king crazy. and I’ve had rugby players say the same about Aussie-rules players.
Likewise, these days Aussie politicians are rapidly turning into ‘fucking nuts’ people, crazy lunatics eager to destroy anything like cracked-up Bogans, with this idea of encryption bypassing. Because if you put in a backdoor to encryption you no longer have encryption much as that TSA padlock is less secure now than a velcro loop to hold your zip together, because velcro takes as long to open but also makes a noise (a point I made in this talk a few years back with EFF Kurt Opsahl’s and AccessNow’s Amie Stepanovich.
I came here to make broad statements about foot-to-ball sports, not to argue the nuances of my ignorance.
What startups or tech company’s are going to make their headquarters in Australia where encryption is now illegal or all data must be retained and made avaidable to the police any time . its obvious attacking customer privacy and the right to private secure messaging is not a good Idea in 2022 where so much business depends on working from home
Australia is like the UK in that it seems to be making laws that break the Internet and reduce the right of business or users to have private data for no good reason
They're all football.
Aussie Rules Football
Association Football = Soccer/Football
American Football = a code of Gridiron Football
Canadian Football = the other code of Gridiron Football
Rugby Football = Rugby (but it’s still a code of football)
They’re all football.
There is precisely zero coverage of this in the media. It’s like a silent pandemic of a different kind. Little by little our technically illiterate government chips away at freedoms, because: terrorism, pedophiles, drugs!
All the usual tropes are employed as the same tired old scare tactics. We deserve better than these bozos as our so called leaders.
And no, encryption is not illegal here, as someone stated. The government just wants to fuck us all via the back door.
So many jokes, so little time…
No condom, no lube, no gentleness, Fox only, Final Destination (wait, I think I got confused somewhere…)
Spyware is now the digital surveillance equivalent of an STD.
I guess they think we’re the assholes.
Booty booty booty booty, spied on everywhere
Butthole Internet Surfers
Gonna be bleeding out more than blood from our rectums…
Can we call this Brokebackdoor Mountin’?
With governments like these, who needs enemas?
(I didn’t say they’d be good. :P)