Cryptography Researchers & Users Could Face Jail Time In Australia

Journalist:
May 28, 2015

In recent weeks, not only has UK Prime Minister David Cameron suggested the banning of encryption use, Australia is on its way to making it a criminal offense to even lecture on the topic. Starting next May, academics could face prison for empowering individuals with the knowledge of cryptography.

As Defence Report states,

“Without the exclusion for academics, as enjoyed by the US and UK, university researchers would need prior permission from a Minister at the Department of Defence (DoD) to communicate new research to foreign nationals or to publish in any research journals.”

According to the journal, this would mean “an email to a fellow academic could land you a 10 year prison sentence.”

Daniel Mathews, Lecturer in Mathematics at Monash University, writes that Australia considers academic computer science courses military technology. And, the professor also posits, technology such as cryptography will soon be made illegal if the Defence Trade Control Acts remains unamended.

The Defence Trade Controls Act (DTCA), passed into law in April, and due to be enforced May 2016, sees to to it that so-called “supplies of technology” – such as cryptography – will result in ten years imprisonment.

Alongside military weapons, the DTCA includes many “dual-use” goods, including chemicals, electronics and telecommunications – even encryption.

As Mathews writes,

…Very roughly, it covers encryption above a certain “strength” level, as measured by technical parameters such as “key length” or “field size”.

According to Mathews, the government sets the bar for encryption covered under the Act unreasonably low.

The bar is currently set low. For instance, software engineers debate whether they should use 2,048 or 4,096 bits for the RSA algorithm. But the DSGL classifies anything over 512 bits as dual-use. In reality, the only cryptography not covered by the DSGL is cryptography so weak that it would be imprudent to use.

The DSGL also covers systems, electronics, and equipment used to implement, develop, produce or test it.

One will need a permit to “supply” DSGL technology to people outside Australia without a permit.

Passed in 2012, the DTCA is scheduled to come into effect in May 2015. The Act is more-or-less preceded by the Australian government’s Defence and Strategic Goods List (DSGL), which categorizes goods considered important to national defense and security, and which are thusly under tight controls.

As Mathews writes,

The DSGL vastly over-classifies technologies as dual-use, including essentially all sensible uses of encryption. The DTCA potentially criminalises an enormous range of legitimate research and development activity as a supply of dual-use technology, dangerously attacking academic freedom —- and freedom in general —- in the process.

In recent months and years, Australia has published reports on technology and its augmentation to criminal elements.

For instance, online criminal activities were featured  in the Australia Crime Commission’s (ACC’s) latest biennial report about organized crime.

“Serious and organised criminals have,” the report warns, “proven themselves adept at identifying and exploiting new and emerging technologies to facilitate their crime, to expand their reach, and to provide them with the anonymity and distance from their crime which makes it difficult for law enforcement to detect and identify them.”

The ACC’s report also mentions the use of darknets buried within anonymizing networks like TOR as havens for illegal online activity.

The UK’s Prime Minister David Cameron recently expressed his concern over criminal use of encryption and threatened to ban instant-messaging apps without encryption back doors for government at a time when he is receiving criticism for having said of Britain, “For too long, we have been a passively tolerant society, saying to our citizens: as long as you obey the law, we will leave you alone.”

To be sure, in contradiction to what seems to be official Australia policy of regulating and controlling cryptographic technologies, communications minister Malcolm Turnball advocated such tools prior to the passing of DTCA.