Decryption Bill could enable warrantless snooping

The Australian Government’s proposed decryption Bill raises serious questions about the ability of law enforcement and intelligence agencies to access encrypted communications without a warrant.

In a submission to a parliamentary commission, Law Council of Australia President-elect Arthur Moses said the controversial Assistance and Access Bill requires considerable amendment.

“The Law Council acknowledges that there is significant value to public safety in allowing law enforcement and national security agencies faster access to encrypted information where there are threats to national security or in order to prevent the commission of serious criminal offences,” Moses said during his opening statements.

“However, the Bill would authorise the exercise of intrusive covert powers with the potential to significantly limit an individual’s right to privacy, freedom of expression and liberty.”

He highlighted major potential issues with the draft legislation such as concerns that the Bill would allow law enforcement agencies and ASIO to circumvent the requirement to receive a warrant before accessing surveillance targets’ confidential communications.

“Where law enforcement agencies or ASIO would otherwise require judicial or Administrative Appeals Tribunal, or Ministerial authorisation or approval, they should not be able to make a voluntary assistance request or a technical assistance request and this should be made clear on the face of the legislation,” he said.

“The safeguards that currently exist to protect the privacy and rights of Australian citizens should not be able to be sidestepped, which may occur if this Bill is allowed to pass in its present form.”

Moses also highlighted concerns with the proposed powers that would allow investigators to compel individuals to assist with accessing their encrypted communications in circumstances where there is uncertainty as to whether there is reason to detain the individuals.

He said that requiring people to attend a certain place to provide information or assistance could itself be considered to be a form of detention, and therefore suspects should not be deprived of their rights such as the ability to contact a lawyer or family member or be provided with interpreters as needed. There should also be time limits in place to prohibit the prospect of indefinite detention, Moses said.

Moses also noted that while the Bill uses language indicating that agencies will be making ‘voluntary’ assistance requests, “it is hard to imagine an internet provider refusing a written ‘request’ from law enforcement”.

Most of the 66 submissions filed during the very brief consultation period over the draft Bill have been highly critical of the Bill and its potential impact on privacy.

In its own submission, the Information Technology Professionals Association (ITPA) argued that the only two ways encryption could be effectively circumvented in order to satisfy the requirements of the proposed Bill would both involve contravening the government’s repeated promise that the legislation would not undermine the integrity of encryption by introducing systemic weaknesses into the encryption process.

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.