[LINK] Australian Crime Commission: Only Criminals Use Encrypted Communications
jwhit at internode.on.net
jwhit at internode.on.net
Thu May 13 13:30:36 AEST 2021
Someone needs to tell Apple.
----- Original Message -----
From: "Kim Holburn"
To:"EFA Privacy List" , "Link mailing list"
Cc:
Sent:Thu, 13 May 2021 08:54:53 +1000
Subject:[LINK] Australian Crime Commission: Only Criminals Use
Encrypted Communications
https://www.zdnet.com/article/acic-believes-theres-no-legitimate-reason-to-use-an-encrypted-communication-platform/
>
> ACIC believes there's no legitimate reason to use an encrypted
communication platform
>
> The Australian Criminal Intelligence Commission has said an
encrypted communication platform is not something a law-abiding member
> of the community would use.
>
> By Asha Barbaschow | May 6, 2021 -- 06:33 GMT (16:33 AEST) |
Topic:
> Security
>
> The Australian Criminal Intelligence Commission (ACIC) believes
there is no legitimate reason for a law-abiding member of the
> community to own or use an encrypted communication platform.
>
> "These platforms are used almost exclusively by SOC [serious and
organised crime] groups and are developed specifically to obscure
> the identities of the involved criminal entities and enable
avoidance of detection by law enforcement," the ACIC declared. "They
> enable the user to communicate within closed networks to facilitate
highly sophisticated criminal activity".
>
> *Consistency, at least: Cops are the only ones being lawful on the
dark web, AFP declares
> *
>
> The comments were made in a submission
> [PDF] to the Parliamentary Joint
> Committee on Intelligence and Security (PJCIS) as part of its
inquiry into the /Surveillance Legislation Amendment (Identify and
> Disrupt) Bill 2020/.
>
> It told the committee it intends to use the powers extended to the
ACIC under the Bill to focus efforts on understanding and
> gathering intelligence on SOC groups who are using encrypted
communication platforms to conceal their criminal activities.
>
> The Bill, if passed, would hand the Australian Federal Police (AFP)
and ACIC three new computer warrants for dealing with online
> crime.
>
> The first of the warrants is a data disruption one; the second is a
network activity warrant; and the third is an account takeover
> warrant.
>
> The ACIC said the Bill would allow it, through the collection,
assessment, and dissemination of criminal intelligence and
> information, to inform national strategies to address transnational
serious and organised crime.
>
> "To deliver on this purpose, the powers and capabilities of the
ACIC must keep pace with technological trends and emerging threats
> to ensure the agency is able to adequately tackle serious
cyber-enabled crime and sophisticated criminal groups using encrypted
> platforms," it said.
>
> "The agency must be enabled to support law enforcement outcomes to
protect Australians against the most sophisticated and
> high-threat actors, who increasingly utilise advanced
communications technologies to mask their criminal activities."
>
> *Elsewhere: ACIC running into jurisdictional data troubles with new
national firearms database
> *
>
> According to the ACIC, the disruption, intelligence collection, and
account takeover powers contained within the Bill complement
> the agency's existing powers by providing new avenues to gather
information and respond to serious crime occurring online and to
> criminals using dedicated encrypted communication platforms.
>
> "The measures in the Bill are grounded in the principle that the
powers granted by Parliament to the agencies charged with
> enforcing the criminal law should not be eroded by advances in
technology," it wrote. "The Bill is designed to provide the ACIC
> and AFP with the ability to protect the Australian community from
harms online in the same way they protect Australians in the
> physical world."
>
> The ACIC believes the Bill addresses gaps in current electronic
surveillance powers.
>
> Network activity warrants provided by the Bill will "immediately
transform the ACIC's ability to discover and understand serious
> criminal groups using the Dark Web and encrypted communication
platforms to undertake and facilitate serious crimes".
>
> "Currently, while the ACIC might be able to detect criminal
behaviour on a hidden website or computer network, we cannot identify
> all the individuals participating in the criminal behaviour," it
explained. "For this reason, we require the ability to target and
> infiltrate the network, or class of computers, in which the crime
is occurring so the members of the criminal group can be
> identified and the full nature and extent of the criminality can be
detected through the collection of intelligence."
>
> Data disruption warrants, meanwhile, would enable the ACIC to
interfere with the data held on online criminal networks or devices,
> in order to frustrate the commissioning of serious criminal
offences.
>
> "This will be particularly powerful in the context of disrupting
criminal activity which is largely occurring online," it wrote.
>
> Lastly, account takeover warrants, it said, would allow the agency
to take control of an online account in conjunction with other
> investigatory powers, labelling it an "efficient method for
agencies to infiltrate online criminal networks".
>
> "This will play a crucial role in uncovering the identities of
otherwise anonymous criminals, as well as gathering evidence of the
> initiation and commissioning of serious offences online, including
on the Dark Web and where encrypted communication platforms are
> in use," it said.
>
https://www.techdirt.com/articles/20210509/10235546763/australian-crime-commission-only-criminals-use-encrypted-communications.shtml
>
> Australian Crime Commission: Only Criminals Use Encrypted
Communications
>
>
>
> Say That Again
>
>
> from the /stupefying-is-the-new-anti-encryption-normal/ dept
>
> Tue, May 11th 2021 10:44am — Tim Cushing
>
> Well, someone finally said the quiet part loud: some government
officials actually believe the only people who need, want, or use
> encryption are criminals. Here's Asha Barbaschow with the
"encryption is for criminals" news at ZDNet
> .
>
> /The Australian Criminal Intelligence Commission (ACIC) believes
there is no legitimate reason for a law-abiding member of the
> community to own or use an encrypted communication platform./
>
> /"These platforms are used almost exclusively by SOC [serious and
organised crime] groups and are developed specifically to
> obscure the identities of the involved criminal entities and enable
avoidance of detection by law enforcement," the ACIC
> declared. "They enable the user to communicate within closed
networks to facilitate highly sophisticated criminal activity"/.
>
> This is part of the ACIC's comments [PDF] on proposed
> surveillance legislation that would grant Australian law
enforcement new powers to disrupt data transmissions, surveil network
> activity, and engage in takeovers of targeted accounts. Here's the
money shot:
>
> */ACIC observation shows there is no legitimate reason for a
law-abiding member of the community to own or use an encrypted
> communication platform./*
>
> Well... holy shit. That's a take.
>
> The ACIC believes today's criminals are too powerful and law
enforcement too poorly-equipped. According to the Commission,
> criminals are winning the tech war.
>
> /The encryption and anonymisation that underpins the Dark Web and
encrypted communications has challenged existing powers and
> allowed serious and organised crime (SOC) groups and individuals to
more effectively conceal their criminal activity. In
> particular, the networks established on the Dark Web and via
encrypted communications have provided criminals with platforms
> to easily and more confidently communicate anonymously about, and
obfuscate, their serious criminal activities/.
>
> And yet, criminals continue to be prosecuted
>
> and criminal activities disrupted
> .
> But the successes aren't enough. The Commission apparently won't be
happy until all criminal activity ceases.
>
> /The electronic surveillance powers currently available to the
ACIC, while relied upon for investigating many aspects of
> criminal behaviour online and criminal use of encrypted
communications, *are not sophisticated enough to identify and disrupt
> the totality of activities SOC entities are undertaking* through
the use of modern anonymising technologies to conceal their
> identities, their associate’s identities and the illegal
activities being undertaken by the network of individuals./
>
> I've got bad news for law enforcement and the Commission: no matter
what steps are taken and how many innocent people are
> victimized by expansions of government power, it will still be
impossible to "disrupt the totality" of illegal activity.
> Sophisticated criminal organizations engaged in crime long before
encryption was readily available and found creative ways to hide
> their misdeeds from investigators. It's not going to change just
because no one -- not even innocent people who would like to
> protect their data and personal information from criminals -- has
access to encryption.
>
> The ACIC's broad declaration that no one has a "legitimate reason"
to utilize encrypted communication platforms is at odds with
> the paragraph directly preceding this truly baffling assertion.
>
> /Encryption and anonymising technologies have a valuable role in
protecting the privacy and data of Australians. As such, the
> ACIC notes new powers cannot be exclusively focused on subverting
encryption and anonymising technologies./
>
> I'm not sure how you reconcile these two statements. And apparently
the ACIC doesn't know either, because it simply claims no
> non-criminal would need encrypted communications and immediately
moves on to the discussion of the new warrant powers being proposed.
>
> This is a horrifyingly ignorant claim for a government commission
to make. The worst aspect is that someone with the power to
> write laws is going to believe the ACIC Those who already believe
(without evidence) that encrypted communications are only used
> by criminals are going to accept this assertion as evidence, even
if the ACIC can't even be bothered to back up its own claim with
> any data or research. "Based on observation" is meaningless if the
Crime Commission does nothing but observe criminal activity.
> This is stupid. And it would be laughable if it weren't so
dangerous.
>
--
Kim Holburn
IT Network & Security Consultant
+61 404072753
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
_______________________________________________
Link mailing list
Link at anu.edu.au
https://mailman.anu.edu.au/mailman/listinfo/link
More information about the Link
mailing list