To protect ourselves we’ve created a monster.
By Gary Scarrabelotti
In the USA they are collaborators with the “deep state”. In Australia they are champions of privacy.
Global tech companies like Google, Apple, Amazon and Facebook, acting through their industry organisation — the Digital Industry Group Inc – have thrown their support behind a campaign to resist a Federal government move to provide its intelligence agencies with enhanced surveillance capacities.
The government wants to coerce communications, tech and ISP companies into assisting its spy agencies and the AFP in “cracking” the encrypted messages of “persons of interest” to our spooks and coppers.
The prime targets for these sharpened intelligence “ops” — so we are assured — will be terrorists, organised crime gangs and child-sex predators: only really bad people. Really good folks, like you and I, are not on the radar.
So, we can rest easy …
Leading the charge against the government is an ad hoc network calling itself the Alliance for a Safe and Secure Internet. It combines DIGI with human rights groups, the Communications Alliance (an Australian communications industry group) and big-name industry players both national and global.
At issue is the Federal Government’s Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018.
The Bill was introduced into the House of Representatives on 20 September 2018 and referred to the Joint Standing Committee on Intelligence and Security (JSCIS) where it presently sits.
The JSCIS has received 87 public submissions, many of them from persons or entities whose names have been withheld, and others notably from DIGI, the Communications Alliance, and companies like Optus, Telstra, Apple, Cisco, Mozilla and Kaspersky Lab.
The short-titled Assistance and Access Bill 2018 seeks to provide our intelligence organisations with three new powers. Of these, the most controversial is a “technical capabilities notice” which, in the absence of other means, would require comms, tech and ISP companies to build new capabilities to meet the demands of our spooks for more and better intelligence.
What the critics contend can be boiled down to two points.
To protect, destroy
One is that “encryption” is not just something that happens between people in communication with each other. Encryption is systemic to the whole communications infrastructure.
To bust open encrypted systems does not merely imperil the privacy of messages passing between ordinary innocent users. It puts at risk the very fabric of our communications systems.
Encryption is like the bolts and welds and ties that hold together a building of steel and concrete. Rust the bolts, melt the welds and cut the ties: the steel and concrete fall apart.
To attack encryption continuously in the name of gathering intelligence on the few, weakens not only the privacy of many but also the “glue” that holds together the whole system.
Surgically targeted intelligence ops can easily morph into mass surveillance.
The more the state insists upon equipping itself with “glue busting” technologies, the more likely they’ll fall into the hands of “bad actors” who will use them to take down an inherently compromised system.
The second is that the powers embedded in the “technical capabilities notice”, far from being limited, precise and targeted, are potentially far reaching and indiscriminate.
Despite assurances provided in the Bill’s accompanying Explanatory Memorandum, the “technical capabilities notice” empowers government to demand that companies create yet-to-be-defined surveillance tools that a company (or companies) would be obliged to operate in secret on behalf of the state against targets whose kind and number can be redefined at any point in time.
The surgically targeted intelligence operations envisaged by the Assistance and Access Bill could easily morph into mass surveillance programs without the relevant agencies having to seek further legislative power.
Today it’s would-be Muslim martyrs, crims with WhatsApp and kiddy-fiddlers on Snapchat. Tomorrow it could be counter-cultural insurgents replenishing their intellectual ammo from the The Speccie’s “Flat White” blog.
Here and now what’s ominous is that a “technical capabilities notice” will not be issued by a court after due process but on the fiat of the Attorney-General.
This is the heart of the Assistance and Access Bill 2018. It’s a bid for freedom to conduct intrusive surveillance without having to apply to a court for a warrant to proceed.
In this regard, the Assistance and Access Bill emulates the UK’s odious Regulation of Investigatory Powers Act and discards for the sake of ‘administrative efficiency’ even the secret judicial proceedings provided in the USA by its Foreign Intelligence Surveillance Court.
The case against the Assistance and Access Bill is powerful. It’s just that, unhappily for you and me, the global giants who are opposing it are morally compromised. What they say is believable, what they do is false. Preaching privacy, they are the indispensable agents of the surveillance state.
The graphic at the head of this post is a PowerPoint overhead created by the US National Security Agency on its PRISM surveillance project. It is part of the mountain of data released to The Guardian and The Washington Post by Edward Snowden after he split from his job as an NSA contractor in May 2003.
The overhead shows the suppliers of data to PRISM and the nature of the data provided. Note the suppliers: Microsoft, Google, Facebook, Apple and Yahoo among others.
Now, not all of these companies are equally happy about their relationship with the NSA. Apple and Yahoo, for example, have both resisted demands for intelligence on their technology or their clients. But, in the end, both have had to negotiate a modus vivendi.
However squeamish these suppliers might feel about spying on their clients for the NSA, all of them have cut deals with the NSA to do so in one form or another. Among the NSA’s most closely guarded secrets are the terms of its agreements with the Silicon Valley tech giants. What we do know, however, is that some of these agreements provide the NSA with direct and immediate access to the corporate databases of some of its big tech little helpers.
Among those represented by DIGI, Google would have to be the most “ethically challenged”. Google has been running a project called Dragonfly. The objective of Dragonfly is to build a search engine that will pass muster with Chinese authorities. Google is desperate to get into the China market, so it’s bending over backwards to comply with Beijing’s demands. These include banning certain search terms from Dragonfly - like “human rights” and “Nobel Prize” — and sharing all client information and their search histories with a Chinese partner company that will be controlled, ultimately, by the Chinese Communist Party.
And you think Google is going to protect your data?
Among the other companies represented by DIGI is Amazon. Amazon is not just about selling books. Amazon rivals Microsoft and IBM as a global supplier of “cloud” services and dominates the US market for the same. It already has a major “cloud” contract with the CIA and is said to be in the lead to win an exclusive multi-billion dollar contract to supply “cloud” to the US Department of Defense.
Amazon CEO Jeff Bezos is a patriotic geek. Increasingly widespread complaints by tech workers about Silicon Valley cosying up with the “deep state” cut no ice with him.
According to a report on CNN Business, Bezos recently declared that “If big tech companies are going to turn their back on the DoD, this country is going to be in trouble.”
Thanks, Jeff. Given the world-reach of the US spy machinery, for which you are already happily toiling, we know we can trust you with our data. What fascinating profiles on us could be drawn based on books we’ve purchased from your Amazon over the years.
Meantime, writing in The Australian of 26 November, our National Cyber Security Adviser, Alastair MacGibbon, assures us it’s nuts to imagine that the Assistance and Access Bill heralds an Orwellian dystopia with spy agencies hijacking our smart phones and other devices to surveil us in our homes.
The problem is that, with help from its Silicon Valley retainers, the NSA can do exactly that — and in real time — through programs like PRISM and others. And our spy agencies want to do the same. In a strictly measured way, of course. It’s just so embarrassing having to ask the NSA to spy on Australian targets — as we’ve done in the past — when, really, we should be able to do it ourselves.
It must have been September 16, 2001: the first Sunday after the September 11.
We were standing around after church speaking in still shocked tones about the staggering events of five days earlier.
A friend asked me what I thought the significance of the events might be. I paused for a moment, then replied in something like the following terms:
“The people will demand — and rightly so — to be protected by the state from future terrorist acts. Our governments will respond — and rightly so — by increasing levels of internal security and surveillance. Every further terrorist action will jack up the popular demand and our political leaders will feel compelled to meet it. Eventually, an extensive and powerful system of monitoring and social control will be created. What, however, was intended at first to protect us from Islamic terrorism will be turned one day by a government against people like us.”
We are not there yet. Such plans are far from the thoughts of Scott Morrison and Peter Dutton. They’re not angling for access to your laptop or mine. All they want to do is to protect us from being blasted by some fanatic. When, however, the social and cultural objectives of our corporate and political elites align, then you’ll see the very things that Alastair MacGibbon today treats as a joke.
This article is a slightly expanded version of one originally published on The Spectator’s “Flat White” blog.