Australia will lead Five Eyes discussions to 'thwart' terrorist encryption: Brandis

Encryption is an ongoing challenge for authorities, Australian Attorney-General George Brandis has said.

Attorney-General George Brandis has said Australia will lead discussions around encryption during the Five Eyes meetings in Ottawa this week.

Brandis said the use of the internet by terrorists was of "critical concern" to intelligence and law enforcement.

"Australia will lead the discussion of ways to address this issue; in particular the involvement of industry in thwarting the encryption of terrorist messaging," he said in a statement released on Sunday.

Brandis -- who is not known for his technical acumen, particularly after a Walkley Award-winning interview where he struggled to explain what metadata was -- said the discussions will deal with gaining quicker responses to law enforcement from internet companies, without detailing how the "thwarting" would happen.

"As Australia's priority issue, I will raise the need to address ongoing challenges posed by terrorists and criminals using encryption," Brandis said. "These discussions will focus on the need to cooperate with service providers to ensure reasonable assistance is provided to law enforcement and security agencies."

The Five Eyes is an intelligence agreement between the United States, the United Kingdom, Australia, Canada, and New Zealand.

On Friday, authorities in Germany had their hacking powers increased thanks to the passing of a new law that allows the greater use of malware to allow for the tapping of a person's device.

In Germany, the authorities' hacking tools are widely known as Staatstrojanern, or state trojans. According to the government, the spread of encrypted communications makes traditional wiretapping impossible, so the authorities need to be able to bypass encryption by directly hacking into the communications device.

Meanwhile in Australia, the Attorney-General's Department had been advising agencies to use coercive powers if they were locked out of the nation's data retention scheme.

When Australia's metadata retention laws made their way through Parliament with the support of both major parties in 2015, the Bills reduced the number of government agencies authorised to request metadata to 21.

MUST-READ: SECURITY

Governments stand ready to regulate a cyberscape they do not understand

As governments become more attuned to the threats posed in the IT space, the first reaction is to reflexively clamp down on them.

Read More

Under those laws, law-enforcement agencies are able to warrantlessly access customer call records, location information, IP addresses, billing information, and other data stored for two years by telecommunications carriers.

One of the agencies that had its metadata access withdrawn was the Department of Agriculture, which in a letter written in March 2016 revealed under Freedom of Information laws, said it was advised by the Attorney-General's Department to try to access metadata through means other than being declared an enforcement agency.

"On advice from the Attorney-General's Department, the department has considered other methods of obtaining metadata using statutory coercive powers under portfolio legislation, and by engaging the Australian Federal Police (AFP) to obtain metadata," Department of Agriculture and Water Resources Deputy Secretary Lyn O'Connell wrote in a letter dated June 10, 2016, and published on RightToKnow.

"The department has received preliminary legal advice as to the merits of using coercive powers, which suggests that the approach is problematic due to the construction of portfolio legislation.

"Advice received from the AFP indicates that it does not have the resourcing, compliance, or risk considerations to obtain metadata on behalf of other agencies, including the department."

A Department of Agriculture spokesperson told ZDNet that the department does not currently have the means to access metadata, and that the legislation needed to allow it to use coercive powers is not within its remit.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All