Updates

Encryption

2019

In the proposed amendments to the Information Technology Act 2000, the Indian government recommended modifications on the rules regarding the liability of online intermediaries. The proposal required that intermediaries, including social media networks, e-commerce platforms and internet providers, should be expected to proactively remove unlawful third-party content, or face liability for the illegal content. The rules would change the intermediary liability landmark set by the Shreya Singhal case, 2015, which clarified that companies were only expected to remove content when ordered by a court to do so. In addition, the proposal requests online services to make available information about the creators of content to government agencies, jeopardizing the security of encryption technologies.     

2018

Australia passed a controversial law, the Assistance and Access Bill, designed to compel technology companies to grant law enforcement agencies access to encrypted messages. According to the Guardian, the law intends to ‘co-opt technology companies, device manufacturers and service providers into building the functionality needed for police to do their spying’ and ‘give to Australian agencies the ability to install key logging software to enable them to see, keystroke by keystroke, what users type into a message’. The law was adopted despite strong criticism from civil society organisations and leading tech companies, such as Apple, Cisco, Mozilla, Google, and Facebook.

The Global Commission on the Stability of Cyberspace (GCSC) has released its 'Singapore package' with the six new proposed norms for state and non-state behaviour. The norms focus on tampering with products, vulnerability disclosure and responsibility, botnets, cyber-hygiene, and conduct of offensive cyber operations by non-state actors. According to its Commissioners, the GCSC may still work on development of few additional norms, but will now put more focus on exploring the ways to steer other processes with its proposed norms.

Freedom House's report Freedom on the Net 2018: The Rise Of Digital Authoritarianism shows key findings that: 

  • Declines outnumber gains for the eighth consecutive year, with almost half of these being election-related.
  • China trains the world in digital authoritarianism.
  • Internet freedom declined in the United States (mostly due to a decline in net neutrality protections).
  • Citing fake news, governments curbed online dissent (17 countries).
  • Authorities demand control over personal data (18 countries increased surveillance).

In his introduction to the report, Fake news, data collection, and the challenge to democracyAdrian Shahbaz said 'Events this year have confirmed that the internet can be used to disrupt democracies as surely as it can destabilize dictatorships'  [...] 'With or without malign intent, the internet and social media in particular can push citizens into polarized echo chambers and pull at the social fabric of a country, fueling hostility between different communities.'

 

                                                                               Changes in Internet Freedom 2018 Freedom House

In a statement submitted to the Australian parliament, Apple criticised Australia’s proposed Access and Assistance Bill 2018, calling for stronger encryption. Apple wrote that it is concerned that future governments may use the overly broad powers of the bill to weaken cybersecurity and encryption. Apple also expressed concern that insufficient independent judicial oversight will reduce consumer trust and security. The draft bill also favors the government’s interpretation of the law’s terms and the technical facts, which may invite uncertainty, confusion, and potential abuse, the company stated. The bill will create unprecedented interception requirements for the Australian Security Intelligence Organization (ASIO), and it contains secrecy mandates Apple considers to be unnecessarily stifling. The last concern raised was about the extraterritoriality and global impact of the law, as Apple pointed out that a provider may suffer civil liability caused by complying with the law.

The Five Country Ministerial of 2018 adopted a Statement of Principles on Access to Evidence and Encryption on 3 September. Underlining that privacy is not absolute in the physical world if so a court authorizes, the group of counties stated that court decisions about legitimate access to data must also be upheld, otherwise law enforcement is unable detect and pursue criminals, including child sex offenders, terrorists and organized crime groups hiding behind encryption. The statement affirmed three principles in relation to encryption that each of the Five Eyes jurisdictions will consider how best to implement. The principle of mutual responsibility stated that providers of information and communications technology and services are subject to law and obliged to assist with the execution of lawful orders, while governments should understand that in rare cases access to information is not possible. The second principle stated that rule of law and due process protections are paramount in lawfully accessing information. The third principle stated service providers should create lawful access solutions to their products and services. However, the third principle also warned that should governments continue to meet obstacles to lawful access to information, they may pursue other means to achieve said access.

Pages

 

The GIP Digital Watch observatory is provided by

in partnership with

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top