"We, the undersigned, support strong encryption, which plays a crucial role in protecting personal data, privacy, intellectual property, trade secrets and cybersecurity," wrote a bunch of nations on the weekend -- the Five Eyes, India, and Japan.
As a statement of intent, it's right up there with "Your privacy is very important to us", "Of course I love you", and "I'm not a racist but...".
At one level, there's not a lot new in this latest International statement: End-to-end encryption and public safety.
We like encryption, it says, but you can't have it because bad people can use it too.
"Encryption is an existential anchor of trust in the digital world and we do not support counter-productive and dangerous approaches that would materially weaken or limit security systems," the statement said.
"Particular implementations of encryption technology, however, pose significant challenges to public safety, including to highly vulnerable members of our societies like sexually exploited children."
The obviously important law enforcement task of tackling child sexual abuse framed the rest of the statement's two substantive pages too.
End-to-end encryption should not come at the expense of children's safety, it said. There was only a passing mention of "terrorists and other criminals".
This statement, like all those that have come before it, tries, but of course, fails to square the circle: A system either is end-to-end encryption, or it isn't.
According to renowned Australian cryptographer Dr Vanessa Teague, the main characteristic of this approach is "deceitfulness".
She focuses on another phrase in the statement, where it complains about "end-to-end encryption [which] is implemented in a way that precludes all access to content".
"That's what end-to-end encryption is, gentlemen," Teague tweeted.
"So either say you're trying to break it, or say you support it, but not both at once."
What's interesting about this latest statement, though, is the way it shifts the blame further onto the tech companies for implementing encryption systems that create "severe risks to public safety".
Those risks are "severely undermining a company's own ability to identify and respond to violations of their terms of service", and "precluding the ability of law enforcement agencies to access content in limited circumstances where necessary and proportionate to investigate serious crimes and protect national security, where there is lawful authority to do so".
Note the way each party's actions are described.
Law enforcement's actions are reasonable, necessary, and proportionate. Their authorisation is "lawfully issued" in "limited circumstances", and "subject to strong safeguards and oversight". They're "safeguarding the vulnerable".
Tech companies are challenged to negotiate these issues "in a way that is substantive and genuinely influences design decisions", implying that right now they're not.
"We challenge the assertion that public safety cannot be protected without compromising privacy or cybersecurity," the statement said.
The many solid arguments put forward explaining why introducing a back door for some actors introduces it for all, no they're mere assertions.
"We strongly believe that approaches protecting each of these important values are possible and strive to work with industry to collaborate on mutually agreeable solutions."
This too is an assertion, of course, but the word "belief" sounds so much better, doesn't it.
As your correspondent has previously noted, however, the fact that encryption is either end-to-end or not may be a distraction. There are ways to access communications without breaking encryption.
One obvious way is to access the endpoint devices instead. Messages can be intercepted before they're encrypted and sent, or after they've been received and decrypted.
In Australia, for example, the controversial Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (TOLA Act) can require communication producers to install software that a law enforcement or intelligence agency has given them.
Providers can also be made to substitute a service they provide with a different service. That could well include redirecting target devices to a different update server, so they receive the spyware as a legitimate vendor update.
Doubtless there are other possibilities, all of which avoid the war on mathematics framing that some of the legislation's opponents have been relying on.
While Australia's Minister for Home Affairs Peter Dutton busies himself with signing onto yet another anti-encryption manifesto, progress on the oversight of his existing laws has been slow.
The review of the mandatory data retention regime, due to be completed by April 13 this year, has yet to be seen.
This is despite the Parliamentary Joint Committee on Intelligence and Security having set itself a submissions deadline of 1 July 2019, and holding its last public hearing on 28 February 2020.
The all-important review of the TOLA Act was due to report by September 30. Parliament has been in session since then, but the report didn't appear.
A charitable explanation would be that the government was busy preparing the Budget. With only three parliament sitting days, and a backlog of legislation to consider, other matters had to wait.
A more cynical explanation might be that the longer it takes to review the TOLA Act, the longer it'll be before recommended amendments can be made.
Those amendments might well include having to implement the independent oversight proposed by the Independent National Security Legislation Monitor.
Right now the law enforcement and intelligence agencies themselves can issue the TOLA Act's Technical Assistance Notices and Technical Assistance Requests. One imagines they wouldn't want to lose that power.
Meanwhile, the review of the International Production Orders legislation, a vital step on the way to Australian law being made compatible with the US CLOUD Act, doesn't seem to have a deadline of any kind.
In this context, we should also remember the much-delayed and disappointing 2020 Cyber Security Strategy. That seems to have been a minimal-effort job as well.
For years now, on both sides of Australian politics, national security laws have been hasty to legislate but slow to be reviewed. The question is, is it planned this way? Or is it simply incompetence?
Read the original here:
Dutton pushes against encryption yet again but oversight at home is slow - ZDNet
- Facebook: Don't expect full end-to-end encryption on Messenger until 2022 'at the earliest' - TechRepublic - May 6th, 2021
- Facebook Is Expanding End-to-End Encryption and Planning On Launching It for Rooms - Digital Information World - May 6th, 2021
- Facebook and Instagram will not get end-to-end encryption until 2022, here is how you can use it for chats - India Today - May 6th, 2021
- Facebook Messenger and Instagram Will Not Support End-to-End Encryption Any Time Soon - TechTheLead - May 6th, 2021
- E-mail Encryption Market Evolving Technology, Trends and Analysis 2021-2026 The Shotcaller - The Shotcaller - May 6th, 2021
- Whatsapp to introduce end-to-end encrypted backups - Pakistan Observer - May 6th, 2021
- Evervault to expand as founder urges encryption not regulation - The Irish Times - May 6th, 2021
- Asia Pacific Homomorphic Encryption Market To Witness Stunning Growth To Generate Massive Revenue Forecast to 2021: 2027| Google LLC,IBM... - May 6th, 2021
- Disk Encryption Market Increasing Demand with Leading Players | Sophos Ltd.; Symantec Corporation; DiskCryptor; Apple Inc. KSU | The Sentinel... - May 6th, 2021
- Researchers say this combo of old-school invisible ink and AI is 'uncrackable' - The Next Web - May 6th, 2021
- Verifyle and The Colorado Society of CPAs (COCPA) Partner to Protect Members and Clients from Hackers - StreetInsider.com - May 6th, 2021
- Facebook Pushes Ahead with Plans for Full End-to-End Encryption of its Messaging Tools - Social Media Today - May 1st, 2021
- Encryption Management Solutions Market Value to Increase over $ 6 Billion During 2021-2025 | Rising Demand for Digitalization to Drive Growth |... - May 1st, 2021
- Boris Johnson's Phone Number Leaks: Turns Out He Uses End-To-End Encryption... While Trying To Ban It For Everyone Else - Techdirt - May 1st, 2021
- G-Technology ArmorLock Encrypted NVMe SSD Review: Your Phone is the Key - Tom's Hardware - May 1st, 2021
- Encryption Software Market Manufacturers, Growth Opportunities, Regions, Type and Application, Revenue Industry Forecast to 2027 NeighborWebSJ -... - May 1st, 2021
- Encryption Software Market Size by Product Type, By Application, By Competitive Landscape, Trends and Forecast by 2027 KSU | The Sentinel Newspaper -... - May 1st, 2021
- Data Encryption Service Market 2021 COVID-19 Impact Analysis by Industry Challenges, CAGR, Business Overview And Forecast Research Study 2027 KSU |... - May 1st, 2021
- #NAMA: The traceability mandate and what it means for end-to-end encryption - MediaNama.com - May 1st, 2021
- Global Cloud Encryption Market To Experience Scalable Growth Heights By 2026 ZMR KSU | The Sentinel Newspaper - KSU | The Sentinel Newspaper - May 1st, 2021
- Nearly half of all malware is concealed in TLS-encrypted communications Urgent Comms - Urgent Communications - April 24th, 2021
- Priti Patel v Facebook is the latest in a 30-year fight over encryption - The Guardian - April 24th, 2021
- Insights and Prediction of Hardware-based Full Disk Encryption (FDE) Global Market (2020-2027) KSU | The Sentinel Newspaper - KSU | The Sentinel... - April 24th, 2021
- Mobile Encryption Market Research Report by Type, by Application, by End User Global Forecast to 2027 Cumulative Impact of COVID-19 NeighborWebSJ -... - April 24th, 2021
- Encryption Software Market 2021 | Industry Analysis, Size, Share, Growth, Trends, Demand And Forecast : Microsoft Corporation Symantec Corporation IBM... - April 24th, 2021
- Global Email Encryption Software Market Research with Size and Growth, key Segments Analysis, Types, Share, Forecast 2021-2028 The Courier - The... - April 24th, 2021
- Cloud Encryption Software Market by Manufacturers, Regions, Type and Application, Forecast To 2026 Gemalto, Netskope, Microsoft, HPE, Ciphercloud ... - April 24th, 2021
- Database Encryption Market Innovative Driving Factors, Trends and Growth Analysis 2020-2026 SoccerNurds - SoccerNurds - April 24th, 2021
- Hardware Encryption Market 2021 Is Booming Across the Globe by Share, Size, Growth, Segments and Forecast to 2027 | Top Players Analysis- Western... - April 24th, 2021
- Residents outraged over police dog attack and they want encryption to end - The Daily Post - April 8th, 2021
- Encryption Has Never Been More Essentialor Threatened - WIRED - April 8th, 2021
- Encryption is either secure or it's not - there is no middle ground - Help Net Security - April 8th, 2021
- Nasdaq and Intel Announce Partnership Over New Encrypted Tech - Business Insider - April 8th, 2021
- The UK Is Trying to Stop Facebook's End-to-End Encryption - WIRED - April 8th, 2021
- Encryption Key Management Market Emerging Trends and Global Demand 2021- Amazon, Ciphercloud, IBM, Gemalto, Thales E-Security, Egnyte, Sepior The... - April 8th, 2021
- Castle Shield Holdings, LLC Announces Typhos, A Secure Messaging App, Built With End-to-End Encryption From the Ground Up - Business Wire - April 8th, 2021
- In the past 5 years, WhatsApp has managed to deliver around 100 trillion encrypted messages - Digital Information World - April 8th, 2021
- New phase of light holds the key to quantum encryption - Digital Journal - April 8th, 2021
- AT&T upgrading FirstNet to 5G, adding encryption across network - ZDNet - April 8th, 2021
- Cloud Encryption Market to become worth US$2912.3 mn by the end of 2025 KSU | The Sentinel Newspaper - KSU | The Sentinel Newspaper - April 8th, 2021
- Why encryption backdoors spell the death of privacy - Business Standard - April 8th, 2021
- Mobile Encryption Market 2021 Industry Size, Share, Growth and Top Companies Analysis- McAfee(Intel Corporation), Blackberry, T-Systems International,... - April 8th, 2021
- The Encryption Debate in the European Union: 2021 Update - Carnegie Endowment for International Peace - April 4th, 2021
- Understanding the Role of Encryption in GDPR Compliance - tripwire.com - April 4th, 2021
- UK Child Welfare Charity Latest To Claim Encryption Does Nothing But Protect Criminals - Techdirt - April 4th, 2021
- Email Encryption Market worth $11.8 billion by 2026 - Exclusive Report by MarketsandMarkets - PRNewswire - April 4th, 2021
- The use of VPNs and Encryption - General Security - BleepingComputer - April 4th, 2021
- The Home Office is preparing another attack on encryption - Wired.co.uk - April 4th, 2021
- EncroChat hearings delayed as lawyers seek disclosure on police hacking - ComputerWeekly.com - April 4th, 2021
- Database Encryption Market 2021 Industry Size, Growth, Revenue, Global Statistics and Forecast to 2025 KSU | The Sentinel Newspaper - KSU | The... - April 4th, 2021
- Ring Floodlight Cam now packs end-to-end encryption at $200 (Save 20%) - 9to5Toys - April 4th, 2021
- IRONCLAD ENCRYPTION CORP : Bankruptcy or Receivership, Other Events, Financial Statements and Exhibits (form 8-K) - marketscreener.com - April 4th, 2021
- Opinion: Police scanners and Civil Rights - The Daily Post - April 4th, 2021
- U.S. Department of Commerce's Bureau of Industry and Security Relaxes Several Classification and Reporting Requirements for Encryption Items - JD... - April 4th, 2021
- Exclusive Report on Encryption Software Industry: Market Size will Witness Substantial Growth by 2026 SoccerNurds - SoccerNurds - April 4th, 2021
- Hard Drive Encryption Software Market 2021 Industry Size, Share, Growth and Top Companies Analysis- Dell, Eset, Gemalto, IBM, Mcafee, etc. The Bisouv... - April 4th, 2021
- Hardware-based Full Disk Encryption Market Top Key Players Like: iStorage Limited, Seagate Technology, Hitachi, Western Digital, and others - The... - April 4th, 2021
- Global Encryption Key Management Market Industry Research, Major Manufacturers, Competitive Analysis and Development Forecast up to 2025 SoccerNurds... - April 4th, 2021
- IoT Security Solution for Encryption Market 2021 Will Reflect Significant Growth in Future with Size, Share, Growth, and Key Companies Analysis- Cisco... - April 4th, 2021
- Global Optical Encryption Market To Witness High Demand During Forecast Period Of 2021 To 2027 The Bisouv Network - The Bisouv Network - April 4th, 2021
- Intel joins forces with DARPA to help build encryption 'holy grail' - IT PRO - March 10th, 2021
- Intel is working with DARPA on advanced cloud encryption - Yahoo Tech - March 10th, 2021
- WhatsApp hopes to adhere to traceability norm without breaking encryption - Techradar - March 10th, 2021
- DARPA picks teams to bring homomorphic encryption to life - GCN.com - March 10th, 2021
- WhatsApp Will Protect Your Cloud Backups Even Better Via Encryption - Android Headlines - March 10th, 2021
- The world's first social network with end-to-end encryption has arrived - PR Web - March 10th, 2021
- Fully Homomorphic Encryption Market 2021 a compressive overview, Growth Prospects and Future Opportunities | IBM Corporation, Galois Inc KSU | The... - March 10th, 2021
- Instagram working on Clubhouse-like audio rooms, end-to-end encryption in chats - The Express Tribune - March 10th, 2021
- Instagram might be working on Clubhouse competitor and end-to-end encryption - HT Tech - March 10th, 2021
- WhatsApp working on encrypted chat backups for iCloud and Google Drive - Business Standard - March 10th, 2021
- Finally! WhatsApp is working on encrypting iCloud and Drive backups - Pocketnow - March 10th, 2021
- What is end-to-end encryption & how does it work? - Security Boulevard - March 8th, 2021
- Can WhatsApp stop misinformation without compromising encryption? - Quartz - March 8th, 2021
- End-to-End Encryption Coming to Teams - UC Today - March 8th, 2021
- Feds warn threats are harder to track as extremists shift to encryption - Axios - March 8th, 2021
- SecureMyEmail Offers Free Encrypted Email Service Without the Need to Switch Email Providers - PRNewswire - March 8th, 2021
- DSCI, Ashoka University launch CIPHER for promoting holistic encryption regime - Business Today - March 8th, 2021
- IT Rules 2021: CEO Will Cathcart says WhatsApp hopes to find solution to traceability without breaking encryption - MediaNama.com - March 8th, 2021
- WhatsApp brings end-to-end encrypted video and audio calls to its desktop app - 9to5Mac - March 8th, 2021
- Global Encryption Software Market 2020 Regional Landscape, Market Dynamics, Manufacture Analysis, Industry Demand and Forecast to 2025 KSU | The... - March 8th, 2021