Shortly after the release of the communiqué from the most recent ministerial meetings of the ‘Five Countries’ security alliance — Australia, Canada, New Zealand, the UK and the US — at the end of July, we warned that the issue of the use of, and access to, encrypted services and technologies ‘remains front of mind for the alliance and further legislative or regulatory action in the Five Countries may follow’.
This week, It became clear that three of the Five Countries planned to follow through. On 4 October 2019, representatives of the Australian, UK and US governments planned to release:
- an announcement of a new data-sharing agreement between law enforcement in the US and the UK under the US CLOUD Act, which would allow law enforcement agencies in each country to send requests for data directly to technology companies located in the other country, rather than via local law enforcement agencies (in an attempt to speed up such information sharing), with a similar agreement between the US and Australia subsequently announced on 8 October; and
- an open letter to Facebook’s Mark Zuckerberg, calling on Facebook ‘and other companies’ to, among other things, permit law enforcement to obtain ‘lawful access to content’ while also delaying Facebook’s plans to implement end-to-end encryption on all of its messaging services.
The open letter reiterates previous statements made by these countries, and others, in relation to their support for strong encryption technologies. However, its clear focus is on law enforcement access to communications content, including by way of system design, which signals that the real nature of this request is for a ‘backdoor’ into these messaging systems.
The bold nature of this request signals that the debate over the use of encryption, and the weakening of security technologies such as encryption through the implementation of ‘backdoors’, is far from over. We previously looked at this debate in the context of the Telecommunications and Other Legislation (Assistance and Access) Act 2018 (Cth), which you can read more about here and here.
The timing of these developments, which comes amidst a broader global ‘techlash’ against technology companies such as Facebook and greater scrutiny of their practices (including in the final report of the ACCC Digital Platforms Inquiry in Australia), can make it tempting to view them as merely a small part of the call for increased regulation of the technology sector. However, as the debate that is sure to follow this week’s developments will no doubt prove, this is instead only the latest flare-up in a longstanding clash of rights and interests with no easy answers.
The contents of this publication, current at the date of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action based on this publication.
© Herbert Smith Freehills 2019