Final year journalism undergrad. Former City Hub co-editor. Traded three years for a film degree. Fresh from a year in Europe: half study, half shenanigans.
Human rights advocates warn vagueness is a deliberate tactic being used by the Federal Government in a bid to legislate access to encrypted messages.
The government has announced it will introduce legislation compelling messaging services to hand over encrypted content claiming it was essential to its pursuit of terrorist and child pornography investigations.
The legislation is set to be introduced this year.
In October last year, NSW Police also announced plans to “break” encryption software on BlackBerry devices as part of investigations into gang-related murders.
However, Australian Privacy Foundation Chair David Vaile said a lack of detail stopped any analysis of technical-limitations or the potential to weaken the security of financial-services.
“It has the benefit for [the government] to keep the claims at a rhetorical level and a political-wishful thinking level, as well as hiding the lack of evidence and potential risks from proper scrutiny,” he said.
He said it also prevented laws from becoming obsolete.
But accessing end-to-end encrypted data in transit is not currently possible, even by tech companies, according to Cyber Security UTS PHD Student, Xu Wang.
“WhatsApp has no ability to see the content of messages or listen to calls on WhatsApp. That’s because the encryption and decryption of messages sent on WhatsApp occurs entirely on your device,” according to a WhatsApp statement.
While exact details remain unclear, both Prime Minister Malcolm Turnbull and Attorney-General George Brandis have stressed that the Australian Federal Police (AFP) won’t be seeking a “backdoor” into encrypted messages.
Human Rights Watch Australia Director, Elaine Pearson is concerned because the legislation will impact all Australians.
Nearly five million Australians are active WhatsApp users, according to SocialMediaNews.
The proposed legislation will also impact other encrypted services, including Facebook Messenger and Signal.
“People use them every day, human rights defenders, journalists, and so we’re very worried that, in reality, the criminals and the terrorists will just move to other forms of communications,” Ms Pearson said.
“Meanwhile, this will have terrible effects for those of us who need to safeguard private communications in the course of our work.”
Encrypted messaging was vital to a 2016 ABC Four Corners story which uncovered poor conditions on the Nauru Island offshore detention centre.
The “Forgotten Children” story featured mobile phone footage smuggled out of the island which has been off-limits to most journalists since the detention centre reopened in 2012.
Four Corners producer, Wayne Harley said that the story simply wouldn’t have happened without the use of encrypted services like WhatsApp in contacting sources on the island.
“That gave a lot of comfort to those people in their reaching out to us. Those people would not have had the confidence. We would not have been able to gain their confidence.”
But host of business and tech podcast, Risky Business, Patrick Gray suggests that the unencrypted WhatsApp back up files in cloud storage could potentially be accessed instead.
“If you select the WhatsApp back up checkbox, they’re backing up your messages to their cloud,” he said following similar discussions in the UK.
“That means that those messages are recoverable if a user has chosen to back them up.”
Samsung and Android backups are unencrypted, while ones made to Apple’s iCloud service have been encrypted since May.
Back-ups from an Android device are made to Google’s servers and are potentially open to government requests.
The government cannot just take data off a device without court-issued warrants, as seen with unencrypted services.
“A lot of people post-Snowden revelations tend to think ‘oh, the government wants to read all of our stuff’, and it’s just not accurate,” Mr Gray said.
“You’ve got to go to the court, you’ve got to say that this is the crime we suspect is being committed, and here’s why we think this person has been committing it.”
In addition, it needs to be proved that all avenues have been exhausted and needs to meet a degree of seriousness.
However, metadata retention legislation allows law enforcement warrantless access to recipient and time stamp information kept by telecommunications companies for two years.
MUSIC CREDIT: “Smudj” by Foniqz Attribution-NonCommercial-ShareAlike 3.0 International License (Modified: repeated phrase.)
DATA VISUALISATION (IN VIDEO): "Wombeyan Caves" by Michael Lake