Last time we talked about who and where is the most active in the fight against end-to-end encryption. One of the “leaders” in this process is the UK structures. But they are not alone in their endeavors, and today we will discuss the experience of their “colleagues” from other countries.
Australia is to some extent moving ahead of all other countries. There is a law that imposes restrictions on work with end-to-end, acts since 2018. Local companies that own messengers and other IT products are required to provide decrypted data at the request of law enforcement officers. If they do not have such an opportunity, they should find an option to provide access – in fact, implement something like a backdoor.
In addition to influencing the activities of companies, the law also extends to citizens – for example, it gives Australian police officers new powers. They may require suspects to unblock their personal mobile devices and examine the correspondence. For refusal to assist, criminal punishment is threatened. However, law enforcement officials say the criminals have become cooperate with the investigation more often, which allows you to quickly solve crimes.
Requirements for the mechanism of information disclosure are still being clarified – the Ministry of Internal Affairs of the country is still discusses options for implementing MITM with representatives of the IT industry – and it is not yet known when any technical regulations will be approved.
At the same time, this criticism from human rights organizations and some government agencies does not stop. The former Prime Minister of Australia and one of the initiators of the “anti-encryption” law also spoke in support of the encryption technology. He seems to have changed his mind towards end-to-end and statedthat here we can talk about protecting the country’s infrastructure from backdoors in the hardware of foreign vendors.
Given these developments, there is reason to believe that some aspects of Australian law restricting E2E could be revised. But it is not known in which direction.
The U.S. Congress has been around for months is considering amendments to the law “On etiquette in the means of communication”. Now he removes responsibility from media platforms and social networks for the content of materials posted by users. However, the authors of the amendments believe that companies are abusing this right and are not doing enough to combat prohibited content. If the changes take effect, the IT business will have to undergo regular audits of content filtering algorithms and methods, and carry out requirements individual states. One of them can be prohibition of end-to-end and installation of “backdoors”.
So far, the issue of the adoption of the amendments has been postponed, as the document is criticized by the public. So, the Signal developers opposed him – material on this topic was published on Habré. For this messenger, end-to-end encryption is a fundamental technology and it will not be able to meet new requirements.
However, the senators prepared another blow to encryption at the end of 2020. It – LAED Act or Lawful Access to Encrypted Data. According to the law, IT services with an audience of more than a million users will have to provide law enforcement officers with access to information on servers and transmitted between clients’ devices upon request. While he is at the earliest stages consideration, and it is too early to say how actively the senators will promote it. But experts from the Electronic Frontier Foundation have already warned that the bill will require service owners to install “government” backdoors.
End-to-end ban is not a panacea
Experts warn that banning end-to-end encryption is likely to not only improve network security, but also backfire. The solutions offered by Western regulators and the installation of backdoors are “points of vulnerability” that can lead to personal data leaks. It cannot be guaranteed that the “exploits” will forever remain in the hands of law enforcement officers – known caseswhen they leaked to the network.
At the same time, the IT community and information security specialists continue to talk about other – more transparent – methods of combating the spread of malicious content on the network. An example would be searching for suspicious social media accounts using metadata. By the way, this method is already uses WhatsApp and blocks more than 300 thousand accounts monthly.
What impact such initiatives will have on social networks and messengers at the global level can be seen in the near future.