Australian government committed to 'no backdoors': Taylor

'We simply don't need to weaken encryption in order to get what we need,' says cyber security minister Angus Taylor, but trust in our civilisation is crumbling.
Written by Stilgherrian , Contributor

"Practically speaking, 'stopping the bots' is every bit as important to Australians as 'stopping the boats'," said the Hon Angus Taylor MP, minister for Law Enforcement and Cyber Security, on Wednesday night.

That, ladies and gentlemen, is the standard of debate supporting the Australian government's forthcoming legislation that's intended -- somehow -- to make decrypted messages available to law enforcement without them, or the communications provider, having access to the encryption keys.

The Coalition government dumbed down discussion of the mind-boggling complexities of international refugee resettlement to the cheap three-word slogan of Operation Sovereign Borders, and counts it as a success. You can't see the boats, so that's the problem solved, right?

"Its lack of nuance was absolutely central, in my view, to its success," Taylor said.

So now that same intellectually sophisticated approach will be the solution to the the mind-boggling complexities of international cybercrime and cyber statecraft.

It's tempting to leave the analysis of Taylor's speech at that. It was a standard stump speech, revealing nothing new about the government's intentions or arguments, respectively vague and shoddy as they are. It's easy to laugh, and I am most certainly laughing.

The audience, though, was the Sydney Institute, an organisation run by a couple of confused old people for other confused people, namely that species of far-right conservatives who imagine that western civilisation is on the verge of collapse, and that they alone are its true champions. Which is to say, the sort of people whose numbers prop up the Coalition, and who the prime minister dare not ignore lest he be deposed.

So it's worth paying attention to what they're being told, because this is the framing that will inform public debate, at least once the Canberra press gallery catches on to the issue.

"I believe we are facing now more serious threats, and a different kind of threat, than at any time since the Cold War," Taylor said.

But having invoked the imagery of a billion deaths and, eventually, a nuclear winter with the potential to destroy life on Earth, the threat is soon downgraded to the usual assortment: "modern organised criminal drug trafficking and money laundering, terrorism, cybercrime and online child sex offences".

There follows a jumble of statements about the loss of trust in our institutions, that "only 26 percent of Australians believe that people in government can be trusted", that there never used to be a hard drug problem in his regional home of Goulburn -- an unlikely claim -- and that it's Labor's fault that drugs are so easy to import, before one of the most remarkable comparisons I've ever heard.

"Australia's most successful global industry, iron ore, took decades to build. Transnational criminal networks developed a global meth supply chain in a few short years."

Taylor's big fear is that we won't be able to trust anyone or anything any more.

"The truth is that a catastrophic cyber attack on our electoral systems, air traffic control, banks, electricity grids, or telecommunication networks would undermine faith in activities absolutely central to our lives. And of course if we stop trusting those activities, these organisations and institutions, they fail," he said.

Which, in a roundabout way, finally brings us back to the cybers, and at least initially, support for encryption.

"Already more than 93 percent of Google's services and data are encrypted, as are more than 84 percent of the web pages loaded via their Chrome browser. This is fantastic for cybersecurity, and the government welcomes it. And we believe that we need to strengthen [encryption] if our networks and communications are to be trusted," Taylor said.

But then comes the usual complaint that Bad People use encryption too, and that law enforcement agencies need access to the content of those encrypted messages when suitably authorised.

Taylor repeated the government's denial that they're after a back door, adding some curious extras.

"Now it's sometimes argued that agencies should have privileged access to what's known as a 'golden key' -- a special key where you can open up, you can decrypt the data. The tech sector has pushed back hard against this, saying that's creating so-called 'backdoors' or threats to the security of their devices and systems," he said.

"In the coming weeks, we'll begin consultation on new legislation that will modernise our telecommunications intercept and search warrant powers. [This legislation] will not create 'backdoors'. This government is committed to no 'backdoors'. It isn't necessary to give law enforcement agencies access to a decryption key otherwise under the sole control of a user."

And then, for me, the most significant statement of all.

"We simply don't need to weaken encryption in order to get what we need."

What does this mean? Personally, I think it's some semantic sleight of hand.

Not wanting "a decryption key otherwise under the sole control of a user" doesn't exclude wanting a key that isn't under the user's "sole control". That leaves open the possibility of a key escrow system. That wouldn't "weaken encryption", that is to say the algorithm, merely the processes that ensure the users' messages are kept private.

Or it could simply mean what I suggested a year ago, namely that the existing lawful intercept requirements for telco exchanges and switches is to be extended to end-user devices.

Whether it's those things or something else, the government will try to tell you it's not them making these changes, but the messaging providers simply doing what is right and proper, and what has been done in the past, to help stop the criminals.

Sorry, as the minister put it: "to protect and rebuild faith in what has made this country great. Only then can we endeavour, like our forebears, to leave our children and grandchildren a better world than the one we inherited."

Related Coverage

Cyber Dam Busters could give Australia's military an asymmetric edge

A cyber offensive capability could knock out key infrastructure targets cheaper than conventional military kit, but Australia needs to get its messaging right to avoid triggering the neighbours.

Cyber Research Centre labels Australia's counter-threat capacity 'relatively weak'

The centre's chair has called for an overarching capability that supports federal, state, and territory-based cybercrime-countering efforts, labelling current capacities 'relatively weak'.

Australia's war on encryption potentially 'reckless': Former US cyber advisor

Demands for more access to private data and control over personal communications devices 'sounds a lot like China', says Obama's director for Cybersecurity Policy.

Australia 'fair game' when it comes to the threat of a cyber attack

For a country with a culture based on taking things as they come, Check Point has said Australia is taking the threat of cybersecurity seriously.

'Decryption' legislation a top priority for Australia's cybersecurity minister

Almost 12 months since Canberra announced plans for a decryption silver bullet, Minister for Law Enforcement and Cyber Security Angus Taylor said the legislation is still on its way and it's one of his personal priorities.

Australia's open data approach lands in a security and privacy minefield (TechRepublic)

Australia is charging headlong into a privacy disaster as government open data initiatives come online without considering how to properly implement privacy safeguards and data anonymity.

Editorial standards