The Australian Government believes that it needs a golden key to backdoor encryption within Australia via legislation. The Brits and the Yanks have both already had a nudge at this and both have conceded that requiring a backdoor to encryption is not viable but this will not stop the Australian Liberal Party from trying.
Digital rights experts have described the proposal as "ludicrous" as Cyber security minister Angus Taylor stating that the legislation would be presented for public comment within the next quarter. While the Australian Government has not detailed how it expects to gain access to encrypted data, companies may be penalized if they don't kowtow to the new laws. There is nothing to be discussed here that hasn't been said before other than the Australian Government sincerely believes it can force companies to divulge encrypted data to authorities on demand.
(Score: 1, Insightful) by Anonymous Coward on Monday June 18 2018, @11:08AM (4 children)
it actually can't.
if a company implements encryption properly, it cannot decrypt what a third party has encrypted.
and no, this is not like "true scottman" (or whatever the spelling is).
my statement is closer to "gun manufacturers cannot unshoot what a third party has shot using the manufacturer's gun".
(Score: 2) by fyngyrz on Monday June 18 2018, @12:36PM (3 children)
It actually can, because it can force them to provide a back door in the encryption.
Remember: this is companies we're talking about. Not individuals. If companies don't comply (or IOW, as you put it, if they "implement encryption properly"), it will be obvious, and the government can arrange to force them to provide a back door by all manner of means, or put them right out of business. What companies do is public and - eventually - subject to law. What individuals do is not public, and so until there's a reason to look at them, they can get away with it. A company cannot.
(Score: 0) by Anonymous Coward on Monday June 18 2018, @01:54PM
if it has a backdoor it's not encryption. that was my point.
otherwise I understand that the government can try to do whatever it wants (I *hope* Australians are smart enough to stop it at some point), but I am confident people outside of Australia (and most English speakers are outside Australia) would not agree with the new definition of the word "encryption".
(Score: 1, Redundant) by choose another one on Monday June 18 2018, @02:48PM (1 child)
Actually it cannot force companies to comply - if can force them to comply if they want to do business in Australia. The companies can always shut down or leave Australia instead.
Similarly the government cannot _force_ you to reveal an encryption key - they can, and some will, jail you untill you do, but they cannot actually force you to do it.
Amazon recently pulled their main US site out of Aus over tax, leaving customers with a much smaller selection of stuff from the local Amazon site.
Multiple US (and probably elsewhere, the ones I have noticed are all US) sites have blocked the EU market rather than comply with GDPR rules.
Simply put, if you make business not worth doing it'll stop being done.
When the entire rest of the world has the choice of a creating a new insecure version of https and insecure VPN protocols or just not dealing with Aus, what will happen?
If Aus implements local insecure encryption and manages to get support in will web browsers, will those browsers indicate it as secure or insecure, will there be a new padlock icon overlaid with a man in black with bolt cutters, or will shit just stop working in Aus?
The big question is is Australia a too-big-to-lose market thus creating a significant incentive to comply? If the EU isn't a big enough market to create an incentive to comply with GDPR then I'd suggest Australia is overplaying its hand, big time. But maybe they are dumb enough to keep raising the stakes, forgetting that if everyone else just walks away from the table it's a very lonely game.
(Score: 2) by fyngyrz on Monday June 18 2018, @03:56PM
Yes, obviously. A country's laws apply only in that country, barring treaties that make things more international, such as what the ITU does with radio.