July 7, 2017 — Ahead of this week’s G20 economic summit, Australian Prime Minister Malcolm Turnbull is once again raising the subject of encryption. According to Australian media, citing government sources, the Prime Minister is looking to leaders at the G20 summit to support a bid to undermine digital security tools.
However, the Australian government’s carefully worded statements make it seem like encryption may not be the ultimate target. Instead, references to things like “metadata” and calls to “work with companies” indicate that PM Turnbull’s real agenda includes seizing authority to bypass the Mutual Legal Assistance Treaty (MLAT) system to gain direct access to data held by U.S. companies.
“The Five Eyes communique, agreed to by Australia just last week, recognized the importance of human rights protections when it comes to encryption. The ink is barely dry, but once again Prime Minister Turnbull’s government is threatening our digital security,” said Amie Stepanovich, U.S. Policy Manager at Access Now. “Prime Minister Turnbull appears to be playing a dangerous shell game. The top-line message is about encryption, but what he is actually appears to be seeking is the ability to force data directly from foreign companies.”
As explained in a letter to the Five Eyes ministers — signed by 86 organizations and experts from those nations — breaking encryption to ensure government access to data will only harm commerce, interfere with human rights, and undermine cybersecurity. Forcing data from foreign companies is taking it to the next level.
Under the current system of Mutual Legal Assistance Treaties, a government requests assistance from law enforcement in the country where the data is stored. For content stored in the United States, foreign governments must go through the MLAT system under domestic law. This system is meant to protect rights, but it is slow and cumbersome. The United States is currently considering a legislative proposal that would allow some countries, like the United Kingdom, to enter into agreements in order to apply their own law to compel data directly from U.S.-based companies. However, the legislative proposal wouldn’t provide adequate human rights protections and would set a negative example for other countries to follow.
“The MLAT system was designed before personal data flowed as freely around the world as it does today. The MLAT system protects privacy, and while it has failed to keep pace with law enforcement demands, any effort to reform it must respect human rights,” said Drew Mitnick, Policy Counsel at Access Now.
Access Now, which runs https://Mlat.info, recently published a series of blog posts examining the current MLAT system and possible efforts to reform it. A one-pager summarizing that series is available here.
“Prime Minister Turnbull should be upfront about what his government is seeking. Governments and companies around the world are already discussing avenues to circumvent the MLAT process. It is up to civil society to collectively demand an honest, open discussion according to the criteria of the rule of law,” added Lucie Krahulcova, EU Policy Associate at Access Now.