Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Monday June 18 2018, @08:34AM   Printer-friendly
from the take-my-kingdom dept.

The Australian Government believes that it needs a golden key to backdoor encryption within Australia via legislation. The Brits and the Yanks have both already had a nudge at this and both have conceded that requiring a backdoor to encryption is not viable but this will not stop the Australian Liberal Party from trying.

Digital rights experts have described the proposal as "ludicrous" as Cyber security minister Angus Taylor stating that the legislation would be presented for public comment within the next quarter. While the Australian Government has not detailed how it expects to gain access to encrypted data, companies may be penalized if they don't kowtow to the new laws. There is nothing to be discussed here that hasn't been said before other than the Australian Government sincerely believes it can force companies to divulge encrypted data to authorities on demand.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Insightful) by Anonymous Coward on Monday June 18 2018, @11:08AM (4 children)

    by Anonymous Coward on Monday June 18 2018, @11:08AM (#694478)

    it actually can't.
    if a company implements encryption properly, it cannot decrypt what a third party has encrypted.
    and no, this is not like "true scottman" (or whatever the spelling is).
    my statement is closer to "gun manufacturers cannot unshoot what a third party has shot using the manufacturer's gun".

    Starting Score:    0  points
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  

    Total Score:   1  
  • (Score: 2) by fyngyrz on Monday June 18 2018, @12:36PM (3 children)

    by fyngyrz (6567) on Monday June 18 2018, @12:36PM (#694493) Journal

    It actually can, because it can force them to provide a back door in the encryption.

    Remember: this is companies we're talking about. Not individuals. If companies don't comply (or IOW, as you put it, if they "implement encryption properly"), it will be obvious, and the government can arrange to force them to provide a back door by all manner of means, or put them right out of business. What companies do is public and - eventually - subject to law. What individuals do is not public, and so until there's a reason to look at them, they can get away with it. A company cannot.

    • (Score: 0) by Anonymous Coward on Monday June 18 2018, @01:54PM

      by Anonymous Coward on Monday June 18 2018, @01:54PM (#694508)

      if it has a backdoor it's not encryption. that was my point.
      otherwise I understand that the government can try to do whatever it wants (I *hope* Australians are smart enough to stop it at some point), but I am confident people outside of Australia (and most English speakers are outside Australia) would not agree with the new definition of the word "encryption".

    • (Score: 1, Redundant) by choose another one on Monday June 18 2018, @02:48PM (1 child)

      by choose another one (515) Subscriber Badge on Monday June 18 2018, @02:48PM (#694523)

      Actually it cannot force companies to comply - if can force them to comply if they want to do business in Australia. The companies can always shut down or leave Australia instead.

      Similarly the government cannot _force_ you to reveal an encryption key - they can, and some will, jail you untill you do, but they cannot actually force you to do it.

      Amazon recently pulled their main US site out of Aus over tax, leaving customers with a much smaller selection of stuff from the local Amazon site.
      Multiple US (and probably elsewhere, the ones I have noticed are all US) sites have blocked the EU market rather than comply with GDPR rules.
      Simply put, if you make business not worth doing it'll stop being done.

      When the entire rest of the world has the choice of a creating a new insecure version of https and insecure VPN protocols or just not dealing with Aus, what will happen?

      If Aus implements local insecure encryption and manages to get support in will web browsers, will those browsers indicate it as secure or insecure, will there be a new padlock icon overlaid with a man in black with bolt cutters, or will shit just stop working in Aus?

      The big question is is Australia a too-big-to-lose market thus creating a significant incentive to comply? If the EU isn't a big enough market to create an incentive to comply with GDPR then I'd suggest Australia is overplaying its hand, big time. But maybe they are dumb enough to keep raising the stakes, forgetting that if everyone else just walks away from the table it's a very lonely game.

      • (Score: 2) by fyngyrz on Monday June 18 2018, @03:56PM

        by fyngyrz (6567) on Monday June 18 2018, @03:56PM (#694556) Journal

        if can force them to comply if they want to do business in Australia. The companies can always shut down or leave Australia instead.

        Yes, obviously. A country's laws apply only in that country, barring treaties that make things more international, such as what the ITU does with radio.