Australia’s ban on encryption could endanger us all
The Australian government has passed a law that forces tech companies to give police and security agencies access to encrypted messages, claiming it’s needed to fight crime.
What it says: The Assistance and Access Bill 2018 is a world first, letting law enforcement bodies require companies to hand over user information, even if it’s end-to-end encrypted. Because companies currently have no way of viewing end-to-end encrypted messages, they will be forced to build a “back door” to gain access.
The problem: But once you create a back door to bypass encryption for law enforcement purposes, it weakens security for everyone, everywhere. It cannot be targeted at just one person or one group of users, and it provides a potential avenue for hackers. For example, the UK health service’s biggest ever cyberattack—using WannaCry ransomware—was possible thanks to a Windows exploit found by the NSA in the US.
The future implications: We won’t know for sure until agencies start to use the new powers. Companies could leave Australia or argue they are not subject to Australian law. Amendments to the law are due to be raised for debate next year, but substantive changes seem unlikely.
Deep Dive
Computing
Russia hacked an American satellite company one hour before the Ukraine invasion
The attack on Viasat showcases cyber’s emerging role in modern warfare.
Chinese hackers exploited years-old software flaws to break into telecom giants
A multi-year hacking campaign shows how dangerous old flaws can linger for years.
Transforming the automotive supply chain for the 21st century
Cloud-based tech solutions are helping manufacturers manage a new ecosystem of suppliers with greater agility and resilience.
Stay connected
Illustration by Rose WongGet the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.