APPLE IS SO UNIMPRESSED with Australia's Access and Assistance 2018 bill that the company has sent a seven-page letter outlining concerns. While that may sound like a lot, it's worth remembering that at 56 pages, the iTunes terms and conditions makes the latest note look like the back of a cereal box.
All the same, Apple has serious concerns about the upcoming bill, which pledges to force tech companies to assist Australian authorities to decode encrypted devices or be on the sharp end of an AU$10m fine. That's around £5.43m - not much to Apple: the equivalent of a regular person losing 10p down the sofa. Sure, it's annoying, but can you really be bothered to get it back?
Apple apparently can. The letter, uploaded by TechCrunch here, tears into the policy over the course of six sections, namely:
Overly broad powers that could weaken cybersecurity and encryption
A lack of appropriate independent judicial oversight
Technical requirements based only on the government's subjective view of reasonableness and practicability
Unprecedented interception requirements
Unnecessarily stifling secrecy mandates
Extraterritoriality and global impact
"We encourage the government to stand by their stated intention not to weaken encryption or compel providers to build systemic weaknesses into their products," the company writes.
From a technical standpoint, the key problem with government requests is always the same: there is no such thing as a backdoor that only the goodies can use. Weakened security is weakened for all, not just the people you want to let in. That's before we even get into the potential for such backdoors to be abused by the self-described goodies themselves.
The vague wording is another problem, and Apple fears that "ill-defined restrictions" could lead to some very sinister interpretations.
"For instance, the bill could allow the government to order the makers of smart home speakers to install persistent eavesdropping capabilities into a person's home, require a provider to monitor the health data of its customers for indications of drug use, or require the development of a tool that can unlock a particular user's device regardless of whether such tool could be used to unlock every other user's device as well," the letter warns
Still, it's not all criticism. Apple is at least positive about the Australian government's collaborative approach with tech companies, rather than trying to legislate over their collective heads.
"We appreciate the government's outreach to Apple and other companies during the drafting of this bill," the company writes. "While we are pleased that some of the suggestions incorporated improve the legislation, the unfortunate fact is that the draft legislation remains dangerously ambiguous with respect to encryption and security."
We'll have to wait and see whether Apple's intervention falls on deaf ears or not. But the truth about encryption and law enforcement is less black and white than either side would like to admit. µ
Slack, hack and crack
A flaw in the protocol affects iOS, macOS and Windows 10
Wig wearer has issue with non-wig-wearer