Five Eyes want “cooperation” from tech companies on encryption

Australia’s internet service providers (ISPs) and device makers are about to receive an uncomfortable request from the Federal Government and its Five Eyes partners: to give up user data if asked.

Five Eyes partners - an alliance comprising Australia, Canada, New Zealand, the United Kingdom and the United States - have emerged from two days of talks and have come out with a joint communique stating their commitment to establish cooperation from the tech industry on protocols for sharing information.

“During the five country ministerial meeting, we committed to joint efforts to counter the spread of violent extremism and recruitment efforts by extremist groups that advocate and utilise violence to achieve their objective,” the communique stated

In addition, the ministers further committed to a shared approach to engaging with Communication Service Providers (CSPs) to address online terrorist activities and propaganda, and to support a new industry forum led by Google, Facebook, Microsoft and Twitter.

The group stated that encryption can severely undermine public safety efforts by impeding lawful access to the content of communications during investigations into serious crimes, including terrorism.

“To address these issues, we committed to develop our engagement with communications and technology companies to explore shared solutions while upholding cyber security and individual rights and freedoms.”

This furthers comments made on 28 June by Australia's Attorney General, George Brandis. In an interview with ABC Radio National Breakfast, he said that accessing encrypted communications was “a very important part of the proceedings between Australia and our four Five-Eyes partners.”

“So what we decided to do in particular was to engage with ISPs and device makers to ensure we secure from them the greatest possible level of cooperation,” Brandis said. “I also discussed with my American counterpart, Attorney-General [Jeff] Sessions, the development of cross-border access without having to go through the rather prolonged procedure of mutual legal assistance.”

“What we need is to develop, and what we’ll be asking the device makers and the ISPs to agree to, is a series of protocols as to the circumstances in which they will be able to provide voluntary assistance to law enforcement,” he said.

Brandis also raised the possibility of legislative changes to enforce information sharing from the tech industry.

“There are also, of course, the capacity which exists now in the United Kingdom and in New Zealand under their legislation for coercive powers, but we don’t want to resort to that, we do not want to resort to that,” he said.

“What we want to engage with the private sector to achieve is a set of voluntary solutions.”

Five Eyes members also jointly expressed concerns over recent cyber attacks such as WannaCry and Petya.

“Ministers and Attorneys General noted their concerns with the recent cyber events that have affected various institutions and individuals in all of our countries,” the communique said. “The “WannaCry” ransomware attack, which began on May 12th and impacted individuals in over 150 countries, is an unfortunate reminder that cyber attacks are increasing.”

“To address cyber security threats, we note the robust cooperation underway between our five countries on cyber issues and note our collective efforts to study and assess key emerging issues and trends in cyber security to prevent, detect and respond to cyber threats.”