GUEST ESSAY: Australia’s move compelling VPNs to cooperate with law enforcement is all wrong

The moment we’ve all feared has finally come to pass. When government agencies and international intelligence groups pooled together resources to gather user data, the VPN’s encryption seemed like the light at the end of the tunnel.

Related: California enacts pioneering privacy law

However, it looks like things are starting to break apart now that Australia has passed the “Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018”. On the 6th of December 2018, a law that is a direct attack on internet users’ privacy was agreed to by both the House of Representatives and the Senate.

The amendment forces all companies, even VPN providers, to collect and give away confidential user data if the police demand it. All telecoms companies will have to build tools in order to bypass their own encryption.

If suspicions appear that a crime has been or will be committed by one of their users, the law enforcement agencies are in their right to demand access to user messages and private data.

This Orwellian Thought Police is to be the judge, jury, and executioner in a digital world that shelters our personal lives and secrets. All the things we’d like to keep hidden from others. You know, this revolutionary idea called “privacy” Anyone?

Tech companies all over the world are unsure how this can be achieved without installing backdoors into their own security systems. These vulnerabilities are just like a stack of powder kegs ready to blow up at any moment. This is because anyone with knowledge of their existence could theoretically use those security holes to gain access to the user data.

Patru

Any company unwilling to comply with this decision will be fined regardless of their motives. The penalty can go up to AU$10 million or US$7.3 million. Moreover, any individual who refuses to hand over data suspected to be linked to criminal activities can even face jail time.

While the Australian government has stated that this law is needed to fight against terrorism and organized crime, security experts believe that this will lead to even more cyber-attacks and a steady rise in cyber-crime, with good reasons as well.

This shakes the very foundations upon which Internet security and VPN end-to-end encryption are built. It’s a giant leap backward in terms of privacy and anonymity, but also in terms of countering cyber-crime.

Joshua Lund, one of the developers of Signal, an end-to-end encrypted messaging app, has said that “the end-to-end encrypted contents of every message and voice/video call are protected by keys that are entirely inaccessible to us. In most cases now we don’t even have access to who is messaging whom.”

Australia has now become the first Western nation to ban encryption. You can’t stop but think of Saudi Arabia or China, countries where cyber-crime reaches alarming rates, and the abuse of citizens’ privacy rights has been legalized for some time.

I believe this to be a pivotal moment that will decide the future of digital communications, and also of privacy and anonymity. If this decision isn’t met with enough resistance, then the other countries in the Five Eyes Alliance might follow as well.

There was a time when privacy was considered to be sacred. To overcome this concept, Australia has chosen to redefine the boundaries of privacy.  An ingenious sleight of hand that fools no one.

About the essayist: Bogdan Patru – analyst at VPNTeacher, a site dedicated to providing unbiased cyber security and data privacy information and support.

 



*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/guest-essay-australias-move-compelling-vpns-to-cooperate-with-law-enforcement-is-all-wrong/