The Australian Government has come out recently with a new proposed bill, which if put into order, would allow it to access encrypted data in people’s devices and even in their online accounts like those contained in user’s Facebook or Twitter profiles.
This new frightening prospect could soon undermine user data security, many leading industry experts have warned.
The UK and the USA have very similar laws that allow the government authorities to legally access devices and user data in much the same manner.
Dubbed as the “Assistance and Access Bill”, this bill would allow the Australian Government with three legal powers in how they can approach tech firms for assistance on decrypting encrypted data.
The first power is to request a tech firm to allow the Government access to the data, the second one is that the Government could force the tech firm legally in to doing so. The third and probably the most disturbing legal power that this bill will arm with Government with is that the authorities could compel the tech companies to build a decrypting key on demand if they don’t have on in hand already.
This bill is being touted as one of the biggest legal threats to end user data privacy as if it comes into force, the Government would not need to physically access the device, which the current law stipulates, but rather, allow it to remotely access it from anywhere. This data access doesn’t just include the encrypted data contained in the device, but also the one that is stored in user’s online accounts like in someone’s email.
Its like voluntarily sharing all of your account credentials with the government whether you like it or not.
The talk of Government surveillance programs through which the citizens are being spied on is always dubbed as hogwash and conspiracy by those who don’t understand the extent to which modern day Government’s are willing to go in order to access data contained in devices.
This user data, is the new “Black Gold” as it can give the Government access to such treasured troves of information that they cant get access to anywhere else.
The Government says that this bill is required because it impedes most of its counter terrorism operations, especially when criminal’s conduct their activities by using encryption as a shield. The Government cannot get hold of anything beyond encrypted data when they come across it and now they want to have the widened powers to impede this roadblock once and for all.
Major tech firms like Facebook have been incredibly vocal against the bill and their stance is that it would undermine user privacy in substantial amounts and probably even make them more vulnerable to be exploited by the criminals themselves.
This is because, under the requirements of the bill, especially the third part, the tech firms might be required to build a vulnerability to allow the Government to go ahead with its decryption of data, creating a zero day vulnerability in the process. This vulnerability can be exploited by anyone from hackers to ransomware criminals across the world, putting millions of consumers at a big risk.
If the bill is to proceed, instead of it empowering the government with sweeping powers of access to user data, it should be relegated to just being used when there is a significant danger to national security or human life.