Technology experts say there is no justification the laws would have prevented the Bourke Street attack. (ABC News: Danielle Bonica)
As Islamic State terrorists coordinated deadly attacks across Paris in November 2015 — an onslaught that claimed 130 lives — it’s believed they used encrypted messaging apps like WhatsApp and Telegram to plan their devastation.
- Technology experts say making “back doors” for encrypted messaging apps is a “bad idea”
- They say the apps are not only used by terrorists, and nearly half of all messages sent are encrypted
- Tech experts say there is no guarantee the back door will not be abused
When a gunman killed dozens in a Turkish nightclub a year later, prosecutors said an Islamic State emir in Syria used the same encrypted messaging technology to direct and guide him.
And on and on it goes.
“Encrypted messenger apps have been and still are used extensively by jihadists,” Daniel Heinke, a German chief of detectives and adjunct professor for terrorism studies, told the ABC.
“They often play a vital role in the preparation or coordination of terrorist attacks.”
Messaging services like WhatsApp and Telegram are frequently used by Islamic State terrorists. (ABC News)
Encrypted messages are not impossible to unscramble, but the task is an onerous one, and for that reason, terrorists have taken up the technology with gusto.
That is why the Home Affairs Minister, Peter Dutton, has been so keen to pass laws forcing messaging companies to put “back doors” into their technology, allowing authorities to access these otherwise secret communications.
And in the wake of Friday’s terror incident in Bourke St, Mr Dutton has again been pushing Labor to support the bill.
“I hope over the last couple of days, Labor has been able to reconsider their position,” Mr Dutton said.
“Because this encryption bill really is crucial to giving police and ASIO and other intelligence agencies the tool they need to disrupt and deter these activities.”
But the Opposition is not the only one with concerns about the bill.
Talk with the technology sector and it’s almost impossible to find anyone with a kind word to say about the idea.
“Putting in back doors is a bad idea,” said Israeli cryptographer Orr Dunkelman, summing up the sector’s view in eight words.
Professor Dunkelman’s concerns are numerous, and they start with the possibility that authorities will go too far with their new powers.
“Obviously such a mechanism is likely to be abused,” he said.
That’s because it’s not just terrorists using this technology.
About half of all messages that companies and individuals send are encrypted, said University of Technology Sydney’s Wanlei Zhou, who worries how a vulnerability in the technology might also be exploited by others.
“If the back door gets found by criminals, then they can find out everything that we do,” he said.
“All this privacy is lost, all this secrecy of companies is lost.
“Then everybody will lose … that will endanger all of us.”
“If there’s a back door, then it’s not only the good people that can use it,” agreed Michail Maniatakos, of the New York University’s Centre for Cybersecurity.
“There’s no guarantee that this back door won’t be abused by the people you want to protect [yourself] from.”
Outside the Bataclan concert hall, one of the sites targeted by Islamic State terrorists in November 2015’s attacks. (Reuters: Christian Hartmann)
They included hostile foreign powers.
When Barack Obama decided against implementing similar laws during his time as US President, it was a decision based on national security grounds, Mr Maniatakos believed.
“You may have in mind terrorists, but for Obama, it could also be China or Russia that have access to that data now.
“Obama, I think, understands that if you break the maths [which support encryption] … then it will definitely reach the hands of people who should not be having that.”
There are questions over how effective Australia’s laws would be in any case, according to Digital Rights Watch’s Lizzie O’Shea.
“There’s no justification, I think, to say that this bill, if it was cast into law, would somehow have prevented this attack [on Friday] from occurring,” Ms O’Shea said.
“Perhaps if they had had a better relationship with the community that he was from then they would have received tip offs.
“There’s a number of ways in which law enforcement agencies can do their job, and I don’t think we should be accepting Peter Dutton’s links between this incident and his proposal in relation to encryption blindly.
“I think that it does jeopardise our digital security in all sorts of ways, and that hasn’t been fully thought through by lawmakers.”
It also remains to be seen how pliable the technology companies responsible for these services will be in the face of Australian threats.
“The tech companies are extremely global companies, and we are a relatively small country,” said Monash University’s Robert Merkel.
Encryption technology means messages sent through WhatsApp are incredibly difficult for third parties to unscramble. (Anton/Pexels/CC0)
“For better or for worse, sometimes our ability to influence their behaviour is somewhat limited.”
And while the government may have some leverage over services like WhatsApp, which is run by Facebook, an international firm with an Australian office, Russia-based services like Telegram seemingly have no local connection.
“So it becomes a question of whether it [the proposed legislation] is fit for purpose,” Ms O’Shea said.
Which is not to say that governments cannot access encrypted messages already.
With a supercomputer, WhatsApp and Telegram messages could be unpicked in a matter of hours, Professor Zhou said.
“That should be very easy … So there’s no need to do it [put in back doors],” he said.
“Of course, putting back doors means they can do it quickly, in a couple of seconds.
“But if they do it for everyone, then of course, that’s not the right way.
“We have our own rights.”