Did Australia Poke a Hole in Your Phone’s Security?

Apple is hardly the only tech company that could feel the impact of the Australian law. Anyone with a website is considered a communications provider, subject to the law. Any company that “provides an electronic service that has one or more end-users in Australia” is required to comply.

A long list of companies meets that description, such as smartphone makers and Facebook and its WhatsApp messaging service.

“Once WhatsApp, for example, builds a system at the behest of the Australians, everyone gets to use it,” said Nate Cardozo, the senior information security counsel on the Electronic Frontier Foundation’s legal team, who has studied the new law.

The law allows government agencies like the Australian Secret Intelligence Service or the Australian Federal Police to compel tech companies to install software on a user’s device to get around encryption. It can also compel the company not to alert the user.

“So if WhatsApp gets one of these notices and does not comply, they’re subject to asset seizure and even hypothetically having executives hauled into jail for contempt if they refuse to do so,” Mr. Cardozo said.

There is confusion about other secrecy requirements of the law. For example, would it require employees who received requests to keep them secret from their employers? The Australian Department of Home Affairs, which coordinates strategy and leadership of the country’s national security policy, says it would not. But security experts at the Electronic Frontier Foundation and at companies like the password manager 1Password say it is actually unclear.

Similar Articles:

Vietnam's draconian cybersecurity bill comes into effect

Vietnam's draconian cybersecurity bill comes into effect

Telling the Truth About Defects in Technology Should Never, Ever, Ever Be Illegal. EVER.

Telling the Truth About Defects in Technology Should Never, Ever, Ever Be Illegal. EVER.

Why Any Backdoor Would Be a Threat to Online Security.

Why Any Backdoor Would Be a Threat to Online Security.

Security flaws let anyone snoop on Guardzilla smart camera video recordings

Security flaws let anyone snoop on Guardzilla smart camera video recordings