[LINK] Australian Crime Commission: Only Criminals Use Encrypted Communications

Harry McNally harrymc at decisions-and-designs.com.au
Thu May 13 15:39:57 AEST 2021


And Paypal

On 13/5/21 11:30 am, jwhit at internode.on.net wrote:
>   
>   Someone needs to tell Apple.
>
> ----- Original Message -----
> From: "Kim Holburn"
> To:"EFA Privacy List" , "Link mailing list"
> Cc:
> Sent:Thu, 13 May 2021 08:54:53 +1000
> Subject:[LINK] Australian Crime Commission: Only Criminals Use
> Encrypted Communications
>
>   https://www.zdnet.com/article/acic-believes-theres-no-legitimate-reason-to-use-an-encrypted-communication-platform/
>
>   >
>   > ACIC believes there's no legitimate reason to use an encrypted
> communication platform
>   >
>   > The Australian Criminal Intelligence Commission has said an
> encrypted communication platform is not something a law-abiding member
>
>   > of the community would use.
>   >
>   > By Asha Barbaschow  | May 6, 2021 -- 06:33 GMT (16:33 AEST) |
> Topic:
>   > Security
>   >
>   > The Australian Criminal Intelligence Commission (ACIC) believes
> there is no legitimate reason for a law-abiding member of the
>   > community to own or use an encrypted communication platform.
>   >
>   > "These platforms are used almost exclusively by SOC [serious and
> organised crime] groups and are developed specifically to obscure
>   > the identities of the involved criminal entities and enable
> avoidance of detection by law enforcement," the ACIC declared. "They
>   > enable the user to communicate within closed networks to facilitate
> highly sophisticated criminal activity".
>   >
>   > *Consistency, at least: Cops are the only ones being lawful on the
> dark web, AFP declares
>   > *
>   >
>   > The comments were made in a submission
>   >  [PDF] to the Parliamentary Joint
>   > Committee on Intelligence and Security (PJCIS) as part of its
> inquiry into the /Surveillance Legislation Amendment (Identify and
>   > Disrupt) Bill 2020/.
>   >
>   > It told the committee it intends to use the powers extended to the
> ACIC under the Bill to focus efforts on understanding and
>   > gathering intelligence on SOC groups who are using encrypted
> communication platforms to conceal their criminal activities.
>   >
>   > The Bill, if passed, would hand the Australian Federal Police (AFP)
> and ACIC three new computer warrants for dealing with online
>   > crime.
>   >
>   > The first of the warrants is a data disruption one; the second is a
> network activity warrant; and the third is an account takeover
>   > warrant.
>   >
>   > The ACIC said the Bill would allow it, through the collection,
> assessment, and dissemination of criminal intelligence and
>   > information, to inform national strategies to address transnational
> serious and organised crime.
>   >
>   > "To deliver on this purpose, the powers and capabilities of the
> ACIC must keep pace with technological trends and emerging threats
>   > to ensure the agency is able to adequately tackle serious
> cyber-enabled crime and sophisticated criminal groups using encrypted
>   > platforms," it said.
>   >
>   > "The agency must be enabled to support law enforcement outcomes to
> protect Australians against the most sophisticated and
>   > high-threat actors, who increasingly utilise advanced
> communications technologies to mask their criminal activities."
>   >
>   > *Elsewhere: ACIC running into jurisdictional data troubles with new
> national firearms database
>   > *
>   >
>   > According to the ACIC, the disruption, intelligence collection, and
> account takeover powers contained within the Bill complement
>   > the agency's existing powers by providing new avenues to gather
> information and respond to serious crime occurring online and to
>   > criminals using dedicated encrypted communication platforms.
>   >
>   > "The measures in the Bill are grounded in the principle that the
> powers granted by Parliament to the agencies charged with
>   > enforcing the criminal law should not be eroded by advances in
> technology," it wrote. "The Bill is designed to provide the ACIC
>   > and AFP with the ability to protect the Australian community from
> harms online in the same way they protect Australians in the
>   > physical world."
>   >
>   > The ACIC believes the Bill addresses gaps in current electronic
> surveillance powers.
>   >
>   > Network activity warrants provided by the Bill will "immediately
> transform the ACIC's ability to discover and understand serious
>   > criminal groups using the Dark Web and encrypted communication
> platforms to undertake and facilitate serious crimes".
>   >
>   > "Currently, while the ACIC might be able to detect criminal
> behaviour on a hidden website or computer network, we cannot identify
>   > all the individuals participating in the criminal behaviour," it
> explained. "For this reason, we require the ability to target and
>   > infiltrate the network, or class of computers, in which the crime
> is occurring so the members of the criminal group can be
>   > identified and the full nature and extent of the criminality can be
> detected through the collection of intelligence."
>   >
>   > Data disruption warrants, meanwhile, would enable the ACIC to
> interfere with the data held on online criminal networks or devices,
>   > in order to frustrate the commissioning of serious criminal
> offences.
>   >
>   > "This will be particularly powerful in the context of disrupting
> criminal activity which is largely occurring online," it wrote.
>   >
>   > Lastly, account takeover warrants, it said, would allow the agency
> to take control of an online account in conjunction with other
>   > investigatory powers, labelling it an "efficient method for
> agencies to infiltrate online criminal networks".
>   >
>   > "This will play a crucial role in uncovering the identities of
> otherwise anonymous criminals, as well as gathering evidence of the
>   > initiation and commissioning of serious offences online, including
> on the Dark Web and where encrypted communication platforms are
>   > in use," it said.
>   >
>
>   https://www.techdirt.com/articles/20210509/10235546763/australian-crime-commission-only-criminals-use-encrypted-communications.shtml
>
>   >
>   > Australian Crime Commission: Only Criminals Use Encrypted
> Communications
>   >
>   >
>   >
>   > Say That Again
>   >
>   >
>   > from the /stupefying-is-the-new-anti-encryption-normal/ dept
>   >
>   > Tue, May 11th 2021 10:44am — Tim Cushing
>   >
>   > Well, someone finally said the quiet part loud: some government
> officials actually believe the only people who need, want, or use
>   > encryption are criminals. Here's Asha Barbaschow with the
> "encryption is for criminals" news at ZDNet
>   > .
>   >
>   > /The Australian Criminal Intelligence Commission (ACIC) believes
> there is no legitimate reason for a law-abiding member of the
>   > community to own or use an encrypted communication platform./
>   >
>   > /"These platforms are used almost exclusively by SOC [serious and
> organised crime] groups and are developed specifically to
>   > obscure the identities of the involved criminal entities and enable
> avoidance of detection by law enforcement," the ACIC
>   > declared. "They enable the user to communicate within closed
> networks to facilitate highly sophisticated criminal activity"/.
>   >
>   > This is part of the ACIC's comments  [PDF] on proposed
>   > surveillance legislation that would grant Australian law
> enforcement new powers to disrupt data transmissions, surveil network
>   > activity, and engage in takeovers of targeted accounts. Here's the
> money shot:
>   >
>   > */ACIC observation shows there is no legitimate reason for a
> law-abiding member of the community to own or use an encrypted
>   > communication platform./*
>   >
>   > Well... holy shit. That's a take.
>   >
>   > The ACIC believes today's criminals are too powerful and law
> enforcement too poorly-equipped. According to the Commission,
>   > criminals are winning the tech war.
>   >
>   > /The encryption and anonymisation that underpins the Dark Web and
> encrypted communications has challenged existing powers and
>   > allowed serious and organised crime (SOC) groups and individuals to
> more effectively conceal their criminal activity. In
>   > particular, the networks established on the Dark Web and via
> encrypted communications have provided criminals with platforms
>   > to easily and more confidently communicate anonymously about, and
> obfuscate, their serious criminal activities/.
>   >
>   > And yet, criminals continue to be prosecuted
>   >
>   > and criminal activities disrupted
>   > .
>   > But the successes aren't enough. The Commission apparently won't be
> happy until all criminal activity ceases.
>   >
>   > /The electronic surveillance powers currently available to the
> ACIC, while relied upon for investigating many aspects of
>   > criminal behaviour online and criminal use of encrypted
> communications, *are not sophisticated enough to identify and disrupt
>   > the totality of activities SOC entities are undertaking* through
> the use of modern anonymising technologies to conceal their
>   > identities, their associate’s identities and the illegal
> activities being undertaken by the network of individuals./
>   >
>   > I've got bad news for law enforcement and the Commission: no matter
> what steps are taken and how many innocent people are
>   > victimized by expansions of government power, it will still be
> impossible to "disrupt the totality" of illegal activity.
>   > Sophisticated criminal organizations engaged in crime long before
> encryption was readily available and found creative ways to hide
>   > their misdeeds from investigators. It's not going to change just
> because no one -- not even innocent people who would like to
>   > protect their data and personal information from criminals -- has
> access to encryption.
>   >
>   > The ACIC's broad declaration that no one has a "legitimate reason"
> to utilize encrypted communication platforms is at odds with
>   > the paragraph directly preceding this truly baffling assertion.
>   >
>   > /Encryption and anonymising technologies have a valuable role in
> protecting the privacy and data of Australians. As such, the
>   > ACIC notes new powers cannot be exclusively focused on subverting
> encryption and anonymising technologies./
>   >
>   > I'm not sure how you reconcile these two statements. And apparently
> the ACIC doesn't know either, because it simply claims no
>   > non-criminal would need encrypted communications and immediately
> moves on to the discussion of the new warrant powers being proposed.
>   >
>   > This is a horrifyingly ignorant claim for a government commission
> to make. The worst aspect is that someone with the power to
>   > write laws is going to believe the ACIC Those who already believe
> (without evidence) that encrypted communications are only used
>   > by criminals are going to accept this assertion as evidence, even
> if the ACIC can't even be bothered to back up its own claim with
>   > any data or research. "Based on observation" is meaningless if the
> Crime Commission does nothing but observe criminal activity.
>   > This is stupid. And it would be laughable if it weren't so
> dangerous.
>   >
>
>   --
>   Kim Holburn
>   IT Network & Security Consultant
>   +61 404072753
>   mailto:kim at holburn.net aim://kimholburn
>   skype://kholburn - PGP Public Key on request
>
>   _______________________________________________
>   Link mailing list
>   Link at anu.edu.au
>   https://mailman.anu.edu.au/mailman/listinfo/link
>
> _______________________________________________
> Link mailing list
> Link at anu.edu.au
> https://mailman.anu.edu.au/mailman/listinfo/link



More information about the Link mailing list