As terrorist attacks increased after 2014 amid the Islamic State’s global push, Australian authorities saw themselves confronted with a challenge they shared with other Western agencies: They could identify suspects, but accessing their communications to discover their intentions often remained impossible. More than 95 percent of Australian terrorism suspects use encrypted communications, according to estimates by the country’s cybersecurity agency.
On Thursday, Australia’s Parliament passed the most expansive bill of all Western countries -- one that could force major U.S. tech companies such as Google, Apple and Facebook to provide authorities with access to encrypted data. Many messaging apps that are being used by a majority of Australians offer encryption as either the standard or an option, including Facebook Messenger and WhatsApp.
Australian law enforcement representatives unsurprisingly celebrated the parliamentary approval Thursday. Attorney General Christian Porter said the opposition Labor Party had “put the safety of Australians above political point-scoring,” after initially opposing the legislation.
Until Thursday, it appeared unlikely that the upper house of Parliament, the Senate, would agree to provisions already passed by the lower house. The Labor Party surprisingly changed course, however, backing the bill in both chambers, provided that minor amendments are made after the legislation is enacted.
The new law is now set to take effect before Christmas.
Australia is the first nation in the so-called Five Eyes alliance — also composed of Canada, the United States, New Zealand and Britain — to move ahead with legislation that will almost inevitably result in a standoff with major private corporations.
In the United States, Silicon Valley has so far resisted efforts by lawmakers and law enforcement agencies seeking to gain access to the communications of suspects in criminal investigations. Creating a back channel, they say, could open the door for other illegitimate uses by state-sponsored foreign entities and criminal groups.
When the FBI asked Apple in 2015 to unlock the phone of one of the shooters in the San Bernardino attack, Apple declined, citing the threat of such a back door. (The FBI later said it had unlocked the phone by itself, but efforts to do so remain costly and cannot be applied on a broader scale.)
Thursday’s parliamentary decision in Australia is the most serious attempt by any national parliament to date to rein in tech companies.
Critics fear the vote sets a dangerous precedent. “Several critical issues remain unaddressed in this legislation, most significantly the prospect of introducing systemic weaknesses that could put Australians’ data security at risk,” the Digital Industry Group said in a statement Thursday.
Top tech companies opposed to the new law are also concerned that Australia’s standards could be adopted elsewhere, including in Europe, where lawmakers have already pushed for some of the world’s toughest privacy standards.
Tech representatives emphasized on Thursday that Australia’s national security legislation contradicted European demands for more consumer privacy, but some European lawmakers have still demanded better law enforcement access in recent months, too. They say that both initiatives do not necessarily have to contradict each other.
Whereas regulatory scrutiny has mostly been a financial threat in Europe, where tech companies can face maximum fines of up to 4 percent of their annual turnover for privacy breaches, Australia’s new law goes further by holding individual representatives liable, as well. Even though maximum fines are limited to about $7 million, individuals who fail to comply with the law may face arrest and prison sentences.
More on WorldViews: