Australia passes law forcing tech giants to circumvent encryption on target devices

Australia's parliament on Thursday passed groundbreaking legislation that instructs tech developers to help law enforcement investigations by intercepting the encrypted communications of suspects' devices.

Known as the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, the law contains language requiring companies in some cases to build new capabilities to decrypt protected communications if they don't already have the functionality to do so. Its authors have attempted to mitigate concerns of overreach by stating that any mechanism introduced to subvert encryption would have to affect only targeted devices and not represent a systemic weakness impacting the larger population.

Per multiple reports [1, 2, 3], however, security experts and key tech players are concerned that the law will be misused or even result in the introduction of manufacturer-developed backdoors that ultimately render devices or encrypted messaging apps insecure for all users.

Critics are also decrying that the law was rushed through the legislative process without proper due diligence. Reportedly, members of the Labor opposition party reluctantly dropped multiple challenges to the law, with the intention to debating amendments to the legislation next year.

Law enforcement officials in Australia, as well as the U.S. and other nations have repeatedly labeled the use of end-to-end encryption as a national security issue because it inhibits the investigation of suspected terrorists' communications.