[LINK] Australian Crime Commission: Only Criminals Use Encrypted Communications

jwhit at internode.on.net jwhit at internode.on.net
Thu May 13 13:30:36 AEST 2021


 
 Someone needs to tell Apple.

----- Original Message -----
From: "Kim Holburn" 
To:"EFA Privacy List" , "Link mailing list" 
Cc:
Sent:Thu, 13 May 2021 08:54:53 +1000
Subject:[LINK] Australian Crime Commission: Only Criminals Use
Encrypted Communications

 https://www.zdnet.com/article/acic-believes-theres-no-legitimate-reason-to-use-an-encrypted-communication-platform/

 >
 > ACIC believes there's no legitimate reason to use an encrypted
communication platform
 >
 > The Australian Criminal Intelligence Commission has said an
encrypted communication platform is not something a law-abiding member

 > of the community would use.
 >
 > By Asha Barbaschow  | May 6, 2021 -- 06:33 GMT (16:33 AEST) |
Topic: 
 > Security 
 >
 > The Australian Criminal Intelligence Commission (ACIC) believes
there is no legitimate reason for a law-abiding member of the 
 > community to own or use an encrypted communication platform.
 >
 > "These platforms are used almost exclusively by SOC [serious and
organised crime] groups and are developed specifically to obscure 
 > the identities of the involved criminal entities and enable
avoidance of detection by law enforcement," the ACIC declared. "They 
 > enable the user to communicate within closed networks to facilitate
highly sophisticated criminal activity".
 >
 > *Consistency, at least: Cops are the only ones being lawful on the
dark web, AFP declares 
 > *
 >
 > The comments were made in a submission 
 >  [PDF] to the Parliamentary Joint 
 > Committee on Intelligence and Security (PJCIS) as part of its
inquiry into the /Surveillance Legislation Amendment (Identify and 
 > Disrupt) Bill 2020/.
 >
 > It told the committee it intends to use the powers extended to the
ACIC under the Bill to focus efforts on understanding and 
 > gathering intelligence on SOC groups who are using encrypted
communication platforms to conceal their criminal activities.
 >
 > The Bill, if passed, would hand the Australian Federal Police (AFP)
and ACIC three new computer warrants for dealing with online 
 > crime.
 >
 > The first of the warrants is a data disruption one; the second is a
network activity warrant; and the third is an account takeover 
 > warrant.
 >
 > The ACIC said the Bill would allow it, through the collection,
assessment, and dissemination of criminal intelligence and 
 > information, to inform national strategies to address transnational
serious and organised crime.
 >
 > "To deliver on this purpose, the powers and capabilities of the
ACIC must keep pace with technological trends and emerging threats 
 > to ensure the agency is able to adequately tackle serious
cyber-enabled crime and sophisticated criminal groups using encrypted 
 > platforms," it said.
 >
 > "The agency must be enabled to support law enforcement outcomes to
protect Australians against the most sophisticated and 
 > high-threat actors, who increasingly utilise advanced
communications technologies to mask their criminal activities."
 >
 > *Elsewhere: ACIC running into jurisdictional data troubles with new
national firearms database 
 > *
 >
 > According to the ACIC, the disruption, intelligence collection, and
account takeover powers contained within the Bill complement 
 > the agency's existing powers by providing new avenues to gather
information and respond to serious crime occurring online and to 
 > criminals using dedicated encrypted communication platforms.
 >
 > "The measures in the Bill are grounded in the principle that the
powers granted by Parliament to the agencies charged with 
 > enforcing the criminal law should not be eroded by advances in
technology," it wrote. "The Bill is designed to provide the ACIC 
 > and AFP with the ability to protect the Australian community from
harms online in the same way they protect Australians in the 
 > physical world."
 >
 > The ACIC believes the Bill addresses gaps in current electronic
surveillance powers.
 >
 > Network activity warrants provided by the Bill will "immediately
transform the ACIC's ability to discover and understand serious 
 > criminal groups using the Dark Web and encrypted communication
platforms to undertake and facilitate serious crimes".
 >
 > "Currently, while the ACIC might be able to detect criminal
behaviour on a hidden website or computer network, we cannot identify 
 > all the individuals participating in the criminal behaviour," it
explained. "For this reason, we require the ability to target and 
 > infiltrate the network, or class of computers, in which the crime
is occurring so the members of the criminal group can be 
 > identified and the full nature and extent of the criminality can be
detected through the collection of intelligence."
 >
 > Data disruption warrants, meanwhile, would enable the ACIC to
interfere with the data held on online criminal networks or devices, 
 > in order to frustrate the commissioning of serious criminal
offences.
 >
 > "This will be particularly powerful in the context of disrupting
criminal activity which is largely occurring online," it wrote.
 >
 > Lastly, account takeover warrants, it said, would allow the agency
to take control of an online account in conjunction with other 
 > investigatory powers, labelling it an "efficient method for
agencies to infiltrate online criminal networks".
 >
 > "This will play a crucial role in uncovering the identities of
otherwise anonymous criminals, as well as gathering evidence of the 
 > initiation and commissioning of serious offences online, including
on the Dark Web and where encrypted communication platforms are 
 > in use," it said.
 >

 https://www.techdirt.com/articles/20210509/10235546763/australian-crime-commission-only-criminals-use-encrypted-communications.shtml

 >
 > Australian Crime Commission: Only Criminals Use Encrypted
Communications
 >
 > 
 >
 > Say That Again 
 >
 >
 > from the /stupefying-is-the-new-anti-encryption-normal/ dept
 >
 > Tue, May 11th 2021 10:44am — Tim Cushing 
 >
 > Well, someone finally said the quiet part loud: some government
officials actually believe the only people who need, want, or use 
 > encryption are criminals. Here's Asha Barbaschow with the
"encryption is for criminals" news at ZDNet 
 > .
 >
 > /The Australian Criminal Intelligence Commission (ACIC) believes
there is no legitimate reason for a law-abiding member of the
 > community to own or use an encrypted communication platform./
 >
 > /"These platforms are used almost exclusively by SOC [serious and
organised crime] groups and are developed specifically to
 > obscure the identities of the involved criminal entities and enable
avoidance of detection by law enforcement," the ACIC
 > declared. "They enable the user to communicate within closed
networks to facilitate highly sophisticated criminal activity"/.
 >
 > This is part of the ACIC's comments  [PDF] on proposed 
 > surveillance legislation that would grant Australian law
enforcement new powers to disrupt data transmissions, surveil network 
 > activity, and engage in takeovers of targeted accounts. Here's the
money shot:
 >
 > */ACIC observation shows there is no legitimate reason for a
law-abiding member of the community to own or use an encrypted
 > communication platform./*
 >
 > Well... holy shit. That's a take.
 >
 > The ACIC believes today's criminals are too powerful and law
enforcement too poorly-equipped. According to the Commission, 
 > criminals are winning the tech war.
 >
 > /The encryption and anonymisation that underpins the Dark Web and
encrypted communications has challenged existing powers and
 > allowed serious and organised crime (SOC) groups and individuals to
more effectively conceal their criminal activity. In
 > particular, the networks established on the Dark Web and via
encrypted communications have provided criminals with platforms
 > to easily and more confidently communicate anonymously about, and
obfuscate, their serious criminal activities/.
 >
 > And yet, criminals continue to be prosecuted 
 >  
 > and criminal activities disrupted 
 > . 
 > But the successes aren't enough. The Commission apparently won't be
happy until all criminal activity ceases.
 >
 > /The electronic surveillance powers currently available to the
ACIC, while relied upon for investigating many aspects of
 > criminal behaviour online and criminal use of encrypted
communications, *are not sophisticated enough to identify and disrupt
 > the totality of activities SOC entities are undertaking* through
the use of modern anonymising technologies to conceal their
 > identities, their associate’s identities and the illegal
activities being undertaken by the network of individuals./
 >
 > I've got bad news for law enforcement and the Commission: no matter
what steps are taken and how many innocent people are 
 > victimized by expansions of government power, it will still be
impossible to "disrupt the totality" of illegal activity. 
 > Sophisticated criminal organizations engaged in crime long before
encryption was readily available and found creative ways to hide 
 > their misdeeds from investigators. It's not going to change just
because no one -- not even innocent people who would like to 
 > protect their data and personal information from criminals -- has
access to encryption.
 >
 > The ACIC's broad declaration that no one has a "legitimate reason"
to utilize encrypted communication platforms is at odds with 
 > the paragraph directly preceding this truly baffling assertion.
 >
 > /Encryption and anonymising technologies have a valuable role in
protecting the privacy and data of Australians. As such, the
 > ACIC notes new powers cannot be exclusively focused on subverting
encryption and anonymising technologies./
 >
 > I'm not sure how you reconcile these two statements. And apparently
the ACIC doesn't know either, because it simply claims no 
 > non-criminal would need encrypted communications and immediately
moves on to the discussion of the new warrant powers being proposed.
 >
 > This is a horrifyingly ignorant claim for a government commission
to make. The worst aspect is that someone with the power to 
 > write laws is going to believe the ACIC Those who already believe
(without evidence) that encrypted communications are only used 
 > by criminals are going to accept this assertion as evidence, even
if the ACIC can't even be bothered to back up its own claim with 
 > any data or research. "Based on observation" is meaningless if the
Crime Commission does nothing but observe criminal activity. 
 > This is stupid. And it would be laughable if it weren't so
dangerous.
 >

 -- 
 Kim Holburn
 IT Network & Security Consultant
 +61 404072753
 mailto:kim at holburn.net aim://kimholburn
 skype://kholburn - PGP Public Key on request

 _______________________________________________
 Link mailing list
 Link at anu.edu.au
 https://mailman.anu.edu.au/mailman/listinfo/link




More information about the Link mailing list