Signal will not be complying with Australia's Access and Assistance law

Cal Jeffrey

TS Evangelist
Staff member

Back in August, we reported on a controversial piece of legislation working its way through the Australian Parliament. The law would require tech companies to provide law enforcement and security agencies with access to encrypted communications. The New York Times reported last week that this bill had been approved and signed into law.

The contentious Access and Assistance Bill 2018 could impose fines as high as AU$10 million for companies refusing to comply. Several companies have made it clear that they are not in favor of this law.

Signal announced on Thursday that it would not be able to comply with access requests. It claims that it is not because it doesn’t want to, but that it just can’t due to the design of its messaging app.

“By design, Signal does not have a record of your contacts, social graph, conversation list, location, user avatar, user profile name, group memberships, group titles or group avatars,” said Signal’s Joshua Lund in the company’s blog. “The end-to-end encrypted contents of every message and voice/video call are protected by keys that are entirely inaccessible to us.”

"If a country decided to apply pressure on Apple or Google to remove certain apps from their stores, switching to a different region is extremely trivial on both Android and iOS."

Furthermore, since Signal is open-source and available on GitHub, there is no way to “hide a backdoor” in the software, even if the government demanded it. The only option is to ban the software outright, but as Lund points out, this does not usually go well.

“Whenever services get blocked, users quickly adopt VPNs or other network obfuscation techniques to route around the restrictions,” he said. "If a country decided to apply pressure on Apple or Google to remove certain apps from their stores, switching to a different region is extremely trivial on both Android and iOS."

Besides, several officials within the Australian government including Attorney General Cristian Porter and former Prime Minister Malcolm Turnbull use Signal themselves. Weakening encryption methods for the app would actually pose a national security risk for the very politicians charged with enforcing the law.

Apple has been vocal about its opinion of the bill. In a seven-page letter to the Australian Parliament, it criticized the legislation saying that it gives the government "overly broad powers" and is extraterritorial in impact. While it did not come right out and say it would not comply with the law if asked, that seemed to be the company's insinuation.

So far authorities have not had reason to invoke the law. It will be interesting to see how the industry reacts when it finally does.

Permalink to story.

 
Last edited by a moderator:

psycros

TS Evangelist
I like how the author realizes its a matter of WHEN they invoke that law rather than IF. Its truly amazing how stupid our leaders think we are. You will never stop the "bad guys" from communicating secretly, and since the bad guys are whomever the current ruling faction dislikes I want to have maximum personal protection. Compromising encryption services amounts to arming the law-abiding citizen with a club while the bad actors are toting pistols. Worse, sometimes those bad actors turn out to be the very powers who demanded those backdoors in the first place. We already know that backdoors are the highest priority targets for cyber-criminals - why empower them further?
 
  • Like
Reactions: MaXtor and toooooot

MaXtor

TS Evangelist
Platinum
I use Signal daily for private business texts and phone calls. I use it as my texting app, however most of my texts between friends aren't encrypted as they don't have Signal. I try to encourage everyone to use it however, I'm a strong proponent of privacy (even if you have 'nothing to hide').
 
  • Like
Reactions: Hexic

maddogmcgee

TS Enthusiast
The U.K. is a nanny state. It's no surprise that little sister Australia wants to be like big sis.
Meh. Not sure it has much to do with being a nanny state. America and China put in so many backdoors I guess it makes sense for nations like the UK and Australia to follow suit as much as they can.