The criticism of such laws is obvious, as any possibility of intercepting encrypted communications gives authorities more control over citizens’ online privacy. And there is no denying that there is always a danger that governments will use the same thing to suppress dissent.
At the same time, we cannot ignore the fact that it costs less than $ 10 to buy a virtual phone number from another country that can be used to activate an account on WhatsApp. signal or telegram. And armed with AES-256 encryption, it would appear to be difficult for any local law enforcement agency to take action against the source of objectionable content related to child pornography, hate messages, fake messages, or any other content that incites mob violence.
India has already seen several times how hate messages spread via WhatsApp can sometimes lead to riots or mob lynching. For the record it is said that the AES-256 encryption with 1.1 x 10 ^ 77 possible key combinations is unbreakable.
For online chat privacy, AES-256 encryption is something God sent. But countries like the US, Canada, UK, Australia and New Zealand have already recognized the need to strike a balance between online privacy for citizens and not allowing law enforcement to be helpless and clueless about serious crimes.
India is neither the first nor the only country that wants rules for encrypted chat platforms like WhatsApp.
Here’s what countries like Australia, US, UK, New Zealand and others expect from tech companies when it comes to encrypted platforms.
Australia has its “encryption law” in 2018 called TOLA. adopted
Australia has already passed its “encryption law” called “TOLA” or simply The Assistance and Access Act 2018. It is enforced to “improve the ability of government agencies to handle encryption without undermining it. The purpose of these guarantees is to ensure that authorities can lawfully access intelligible communication content. ”
The Australian government claims that “over 95 percent of the Australian secret service organization‘s (ASIO) most dangerous anti-terrorist targets use encrypted communications. Encryption affects intelligence coverage in nine out of 10 ASIO priority cases. ”
It also prescribes certain safeguards and guarantees, and states that the Australian government cannot build or implement “so-called” back doors “or do anything that would make communications for innocent people less secure; Establishment of a decryption, interception or data retention function; access communications without an existing warrant or authorization; forces an employee to carry out activities without the knowledge of the employer.
In the first year of the Assistance and Access Act 2018, Australian law enforcement agencies deployed encryption-busting technology 11 times, primarily to investigate drug and robbery cases.
In June 2020, the United States tabled a bill entitled “The Lawful Access to Encrypted Data Act”.
The Judiciary Committee of the Senate Chairman Lindsey Graham and US Senators Tom Cotton and Marsha Blackburn introduced a bill in June 2020 called the Lawful Access to Encrypted Data Act. For those of you who don’t know, this law has not yet been passed into law in the US.
In a press release, the bill was presented as a measure to “strengthen national security interests and better protect communities across the country by ending the use of“ guaranteed ”encrypted technology by terrorists and other malicious actors to cover up illegal behavior. ”
“Tech companies’ increasing reliance on encryption has turned their platforms into a new, lawless playground for criminal activity. Criminals, from child robbers to terrorists, take full advantage of the benefits. This bill will ensure that law enforcement with an arrest warrant can access encrypted material based on a probable reason and help put an end to the wild west of Internet crime, “said Senator Tom Cotton at the introduction of the bill.
“User privacy and public safety can and should go hand in hand. What we have learned is that in the absence of a lawful warrant filing process, terrorists, drug traffickers and child molesters use encrypted communications to conduct their operations, ”added US Senator Marsha Blackburn.
The five countries’ communiqué on encryption in July 2019
A Joint meeting of the five-country ministerial conference on July 30, 2019 Home ministers and attorneys general met here to discuss ways to tackle child sexual exploitation and abuse, fight violent extremism and terrorism both online and offline, foreign terrorist fighters, and encryption.
Key takeaways from the UK, United States, Australia, New Zealand and Canada communiqué regarding encryption include:
“We are concerned when companies consciously design their systems in such a way that any access to content is excluded, even in the event of the most serious criminal offenses. This approach puts citizens and society at risk by significantly undermining and responding to a company’s ability to undermine and respond to the most harmful illegal content such as the sexual exploitation and abuse of children, terrorist and extremist material, and attempts by foreign opponents to democratic values and institutions the ability of law enforcement agencies to investigate serious crimes. ”
“Technology companies should incorporate mechanisms into the design of their encrypted products and services that allow governments with appropriate legal authority to access data in a readable and usable format. These companies should also embed the security of their users into their system designs so that they can take action against illegal content. In this context, companies and governments need to work together to ensure that the effects of changes to their services are well understood and that these changes do not affect public safety. ”
Communiqué of the five state ministries 2020
The Interior, Home and Security Ministers of Australia, Canada, New Zealand, the United Kingdom and the United States of America met via video conference on 17.-18. June 2020 to discuss the challenges and implications of the Covid-19 pandemic for our security and reaffirm our determination to protect our nations from these threats.
The main takeaways from this communiqué on encryption:
“We discussed the critical importance of collaboration between governments and the digital industry to address concerns about end-to-end encryption when it impacts public safety and legitimate access to information that is harder to prevent or investigate Criminal offenses are required. We continue to urge technology companies to make real progress on this issue and to work with governments in meaningful ways to address this challenge to protect our citizens. We will continue to work with like-minded international partners and institutions to ensure complementary approaches to this topic. ”
WhatsApp vs Brazil via E2E encryption
WhatsApp, which is owned by Facebook, has been litigation in Brazil for a long time and WhatsApp has been temporarily banned in the country. The Indian government claimed that “Brazilian law enforcement agencies are looking for WhatsApp to provide the suspects’ IP addresses, customer information, location data and physical messages”.
After I said that in Brazil the “communication secrecy” can be violated by a court order. Although there is no direct reference or law mandating the decryption of encrypted communications, the civil law of the Internet in Brazil clearly mentions this “The content of private communications may only be made accessible by a court order”, in the cases established by law and in the manner and in accordance with items II and III of Art. 7o. ”
The law also does not prevent administrative authorities from having access to recorded data, as provided by law, indicating personal qualifications, affiliation and address.
The five countries, together with India and Japan, signed a joint declaration on end-to-end encryption and public safety in October 2020
The government of the five countries – UK, USA, Australia, Canada and New Zealand – along with India and Japan signed a joint statement in October 2020 said: “There is growing consensus among governments and international institutions that action must be taken: While encryption is vital and privacy and cybersecurity need to be protected, it should not come at the expense of preventing law enforcement entirely, and the technology industry itself, which can crack down on the most serious illegal content and activity on the Internet. ”