The proposed Australia encryption law that would compel technology firms to provide a backdoor to encrypted data for government agencies has been criticised for undermining online safety.
The law, which is currently going through the Australian parliament, would see technology firms fined a maximum of A$10m ($7.3m) if they did not provide police with access to private encrypted data when requested. Police would have the power to request such data in situations where it was linked to suspected illegal activities.
The Australian government has defended the law, saying that would assist with the capture of serious criminals, such as terrorists or paedophiles.
“Our legislation for telecommunication intercepts, being able to access data, in order to investigate and prosecute criminal activity, with a warrant, is no longer fit for purpose,” said Angus Taylor, the Australian minister for law enforcement and cybersecurity, in an interview with Reuters.
“Whether it’s pedophiles or terrorists or drug dealers, [the proposed law] makes sure we have legislation fit for purpose in a modern era.”
Criticism of Australia encryption law from technologists
In line with similar encryption backdoor discussions in other parts of the world, the technology industry has been highly critical of the proposed encryption law.
“Encryption is vital for online security,” said Marty P Kamden, CMO of NordVPN.
“In order to be safe on wireless networks, people need to use encryption services, such as VPNs. Encrypted communication apps, such as Telegram, are important for private conversations.”
In particular, creating methods for law enforcement to access encrypted content also makes it easier for other parties to gain access, creating renewed cybersecurity concerns for businesses.
“Since many businesses have moved online now, the significance of internet privacy and security has increased, and people should be allowed to use encryption,” added Kamden.
“Opening a backdoor for the government means opening it for other entities capable of exploiting the access as well.
“It could lead to a flood of hacks, stolen information and other forms of abuse. This could jeopardise the privacy of all players involved – individuals, companies and their clients.”