Australian Crime Commission: Only Criminals Use Encrypted Communications
from the stupefying-is-the-new-anti-encryption-normal dept
Well, someone finally said the quiet part loud: some government officials actually believe the only people who need, want, or use encryption are criminals. Here's Asha Barbaschow with the "encryption is for criminals" news at ZDNet.
The Australian Criminal Intelligence Commission (ACIC) believes there is no legitimate reason for a law-abiding member of the community to own or use an encrypted communication platform.
"These platforms are used almost exclusively by SOC [serious and organised crime] groups and are developed specifically to obscure the identities of the involved criminal entities and enable avoidance of detection by law enforcement," the ACIC declared. "They enable the user to communicate within closed networks to facilitate highly sophisticated criminal activity".
This is part of the ACIC's comments [PDF] on proposed surveillance legislation that would grant Australian law enforcement new powers to disrupt data transmissions, surveil network activity, and engage in takeovers of targeted accounts. Here's the money shot:
ACIC observation shows there is no legitimate reason for a law-abiding member of the community to own or use an encrypted communication platform.
Well... holy shit. That's a take.
The ACIC believes today's criminals are too powerful and law enforcement too poorly-equipped. According to the Commission, criminals are winning the tech war.
The encryption and anonymisation that underpins the Dark Web and encrypted communications has challenged existing powers and allowed serious and organised crime (SOC) groups and individuals to more effectively conceal their criminal activity. In particular, the networks established on the Dark Web and via encrypted communications have provided criminals with platforms to easily and more confidently communicate anonymously about, and obfuscate, their serious criminal activities.
And yet, criminals continue to be prosecuted and criminal activities disrupted. But the successes aren't enough. The Commission apparently won't be happy until all criminal activity ceases.
The electronic surveillance powers currently available to the ACIC, while relied upon for investigating many aspects of criminal behaviour online and criminal use of encrypted communications, are not sophisticated enough to identify and disrupt the totality of activities SOC entities are undertaking through the use of modern anonymising technologies to conceal their identities, their associate’s identities and the illegal activities being undertaken by the network of individuals.
I've got bad news for law enforcement and the Commission: no matter what steps are taken and how many innocent people are victimized by expansions of government power, it will still be impossible to "disrupt the totality" of illegal activity. Sophisticated criminal organizations engaged in crime long before encryption was readily available and found creative ways to hide their misdeeds from investigators. It's not going to change just because no one -- not even innocent people who would like to protect their data and personal information from criminals -- has access to encryption.
The ACIC's broad declaration that no one has a "legitimate reason" to utilize encrypted communication platforms is at odds with the paragraph directly preceding this truly baffling assertion.
Encryption and anonymising technologies have a valuable role in protecting the privacy and data of Australians. As such, the ACIC notes new powers cannot be exclusively focused on subverting encryption and anonymising technologies.
I'm not sure how you reconcile these two statements. And apparently the ACIC doesn't know either, because it simply claims no non-criminal would need encrypted communications and immediately moves on to the discussion of the new warrant powers being proposed.
This is a horrifyingly ignorant claim for a government commission to make. The worst aspect is that someone with the power to write laws is going to believe the ACIC. Those who already believe (without evidence) that encrypted communications are only used by criminals are going to accept this assertion as evidence, even if the ACIC can't even be bothered to back up its own claim with any data or research. "Based on observation" is meaningless if the Crime Commission does nothing but observe criminal activity. This is stupid. And it would be laughable if it weren't so dangerous.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: acic, australia, encryption, going dark
Reader Comments
Subscribe: RSS
View by: Time | Thread
Does encrypted platform include VPN? If it does nobody can work from home.
[ link to this | view in chronology ]
Re:
The commission can be reached for comment via their website, https://www.acic.gov.au/. They have not commented on their use of https, nor on the use of the protocol by law-abiding members of the community.
[ link to this | view in chronology ]
Re: Re:
Don't live there, and have problems with an independence seeking woman.
[ link to this | view in chronology ]
Re: Re:
As everyone knows, Australia is entirely peopled with criminals.
[ link to this | view in chronology ]
Re:
Or SFTP. Yet another encrypted protocol.
[ link to this | view in chronology ]
Re: Re:
Or SSH, using your own keys.
[ link to this | view in chronology ]
Re: Re:
"Or SFTP. Yet another encrypted protocol."
Do they want you to STFU instead?
Simply Transferring Frames Unencrypted
[ link to this | view in chronology ]
i assume that all politicians, law makers and security forces are included in that statement then? they are the biggest criminals of all!!
[ link to this | view in chronology ]
Re:
Confirmed by looking at their environmentally destructive policymaking.
[ link to this | view in chronology ]
Re:
It also includes all banks. They would be remiss if they weren't criminal. Talk about a double bind! Although they are also permanently and openly backdoored by AML laws.
[ link to this | view in chronology ]
Wow, shots fired at the UK Prime minister.
[ link to this | view in chronology ]
Banks!
Oh noes! The banks are criminals!
[ link to this | view in chronology ]
Re: Banks!
I mean, yeah, but not because they use crpyto.
[ link to this | view in chronology ]
Sounds like they are actually really pissed that google/facebook caved instead of pulling out.
If TLS was outlawed (which would be a legislative implementations of what looks to me like a executive department's words/ideas), it would make sense for those two to withdraw (or anyone who has an online store). Though I really doubt this blathering would be implemented in legislation.
[ link to this | view in chronology ]
That's a nice VPN you have there. Shame if something were to happen to it.
[ link to this | view in chronology ]
Re:
Nice salted and hashed password database of all your users you have there. It'd be a shame if anything happened to it. Oh, and by the way you're still liable for all fines and damages if you have a data breach.
'Cos this is where you end up if you follow the "logic" of the Luddites / shitweasels.
[ link to this | view in chronology ]
Aus. Govt Logic tree
If only criminal entities use encryption, and the Government uses encryption; then therefore the Australian Government is......oh wait a minute!
[ link to this | view in chronology ]
Re: Aus. Govt Logic tree
Terry Pratchett commented on this in The Last Continent. Our Hero goes to visit the mayor (iirc) and is directed to the local Jail. "Oh, I haven't committed any crimes yet", says the mayor. "All our leaders are automatically put in jail. It saves time."
[ link to this | view in chronology ]
I'm guessing the question about would you buy anything on the internet if your payment details aren't encrypted went about as well as a Biden won the election sign at a Qanon rally.
[ link to this | view in chronology ]
"ACIC observation shows there is no legitimate reason for a law-abiding member of the community to own or use an encrypted communication platform."
Please to scan all politicians & staff phones for encrypted communications...
Then we might believe you that only bad guys use it.
But then you also thought your laws could alter math at a fundamental level because you said so.
[ link to this | view in chronology ]
Re:
I think this is more a confession, and less so attack on encryption.
(Or at least that is how I choose to interpret it. Especially since they probably use cell phones, and all cellphones use some amount of "encryption platforms", even if its updates, or 4G/5G's encryption)
[ link to this | view in chronology ]
So, once again politicians wish to expose their constituents to the possibility of identity theft. Why am I not surprised at that level of bumfuck idiocy anymore?
[ link to this | view in chronology ]
Re:
Why am I not surprised at that level of bumfuck malice anymore?
Stupid would be one thing, even willful stupidity, but when it reaches the point of arguing against public safety and privacy calling it 'idiocy' really doesn't fit any more and it goes straight to malice.
[ link to this | view in chronology ]
Re: Re:
Now that I've thought about it for a moment, malice does seem to fit better.
[ link to this | view in chronology ]
Here's a ransom list journalists, human rights lawyers, protestors against extreme governments in Turkey, Iran, Russia, lgbt activists, minority and religious groups, security researchers, anti government groups organising protests, people who are trying to avoid violent ex partners, or abusive husbands, ex boyfriends, might really want to have the right to use signal or other encrypted apps
White hat hackers who investigate the dark Web or seek to protect company's from hackers
Maybe they can just say no one needs door locks
In an age of constant hacking the need for private encrypted
apps is greater than ever to protect the public
[ link to this | view in chronology ]
'Only criminals desire privacy, a camera in every bedroom!'
ACIC observation shows there is no legitimate reason for a law-abiding member of the community to own or use an encrypted communication platform.
Given I would be incredibly surprised if the ACIC and a number of other government agencies didn't use encryption both professionally and personally maybe they're on to something here, I mean who but a criminal would want to make the public vastly less safe?
As always swap out 'encryption' for 'privacy' to see the real goal with stuff like this, attacking encryption is attacking privacy and the ability to communicate in a manner the government can't listen in, and as though that's not bad enough it's also attacking something that keeps countless people safe, all because the government refuses to accept that privacy is a thing and that some speech will be beyond their grasp as a result.
[ link to this | view in chronology ]
"The ACIC believes today's criminals are too powerful and law enforcement too poorly-equipped. According to the Commission, criminals are winning the tech war."
I agree. The criminals in the government are far too powerful and get away with rape, corruption, and war crimes.
[ link to this | view in chronology ]
I.,d be surprised if aussie banks stockbrokers the army and aussie intelligence service are not using encryption in email or general messaging apps if not they are putting the public, s data at risk of hackers and public exposure
Everytime someone buys something on the Web they use some form of encryption
Business, s company's use vpns and encryption all the time in order to allow workers to work from home while processing data and private customer information
It sounds like they want to pass a law to force company's to
hand over any customer data to any court of law and this includes
any encryption keys to allow all messages to be monitored and recorded in real time
[ link to this | view in chronology ]
It won't happen, as designed so far...
While many readers (above) have given good reasons for this being a compete clusterfsck, the one and only reason it won't work is commerce. When one big business corporation gets accused of criminal operations, they tend to unleash some pretty powerful legal talent. When nearly all of the big businesses in the country are so accused (either by proxy or directly), you can bet that the government will be tied up in court for so long that their children will still be fighting for this "everyone's a criminal unless we say so" cause.
Trade secrets, contract negotiations, employment discussions, business practices, and myriad other commercial activities that take place over the internet are all encrypted, about as highly so as practicable (meaning, without creating so much hindrance as to make it too big of a PITA to use.) If you tell big business that they can't keep those things secret, then the stinky stuff will most certainly hit the rotating ventilation device at a record-breaking speed. If I were a big business in Oz right now, I'd be letting it known, publicly, that I intend to ignore such a hostile, not-for-public-benefit law, no matter how it's couched in pretty language. Then I'd tell the ruling party and it's stooges to "see me in court".
I have a sneaking suspicion that both the US and the UK are behind this, or at least highly on-board with it. I can see where, if Australia makes this a law that withstands court challenges, then every country on the planet that espouses themselves to be "free" will be jumping to do the same thing, "because Australia is doing it, so we can too!!"
Parting shot: I'm quite doubtful that anyone could point out to me a single member of either this Commission, or the entire Aussie Parliament, that knows the difference between a code and a cypher. 'Nuff said.
[ link to this | view in chronology ]
I wonder?
If we simplified all the understanding of Personal CRIME. HOw long would the list be, of damages to persons, being regulated?
Then lets look at the laws that regulate Business. And simplify them.
Out of all the laws being regulated, and getting rid of those that have NO recourse to the individual doing to HIMSELF.
How many crimes are Committed? 1%? 10% 20%
Can we at least say 50% for the politicians?
Corp moguls? 75%?
Is this perchance a chance to spy on the opponents? NOT the 1%
[ link to this | view in chronology ]
Thankfully Colonial pipeline didn't use encryption allowing only the criminals to encrypt their files allowing the total shutdown of their infrastructure .
[ link to this | view in chronology ]
"ACIC observation shows there is no legitimate reason for a law-abiding member of the community to own or use an encrypted communication platform.
Australian banks and other businesses don't use VPNs?
I'm glad that he's an idiot, else this would be more dangerous than the local wildlife...
[ link to this | view in chronology ]
"These platforms are used almost exclusively by SOC [serious and organised crime]" - that's clearly rubbish. I use encryption in my (very much) playful and totally disorganised crimes :-)
And, before you come after me, ScoMo, that was a joke.
[ link to this | view in chronology ]
sdhsdh
sdhsdhdhssss
[ link to this | view in chronology ]