New Zealand and its Five Eyes security partners have made another plea for social media companies like Facebook to allow governments to access their encrypted data.
Andrew Little, Justice Minister and minister responsible for this country’s intelligence agencies, issued the statement alongside Five Eyes partners Britain, the United States, Canada and Australia, as well as India and Japan.
They say they support strong encryption that protects privacy, trade secrets and cyber security, but the technology also poses significant risks to public safety.
They are particularly worried about end-to-end encryption across major messaging services saying social media is the most common method for sexual predators to meet and groom children online.
Little said the growth in incidents of child sexual abuse and exploitation had been “phenomenal” with notifications to the US National Centre for Missing and Exploited Children rising from 1 million in 2014 to 18 million in 2018.
“There is a massive demand for this most abusive and vile material online.
“Enforcement authorities around the world have to have a means to deal with that.”
Encryption had an important purpose in providing privacy and security, such as its use by banks, but the reality was some social media platforms harbour “some of the most vile and insidious human activity you could imagine”, he told Morning Report.
“Criminal activity is happening on them, and we need to be able to deal with that as well. It’s about getting the balance of interests right.”
The governments’ statement is not about giving the state an inherent right of access, but co-operating with social media platform owners.
“Any request for information and assistance should be on a warranted basis. State governments should demonstrate there’s been reasonable cause to suspect criminal offending.”
GCSB director-general Andrew Hampton told Nine to Noon there was a legal responsibility under New Zealand’s Telecommunications Interception Capability and Security Act to provide access with the proper warrants.
“All network operators have to provide interception capability, including taking encryption off if they put it on.”
The legislation applies to organisations that operate in New Zealand, but the issue was how to enforce that on a global company, he said.
A key part of enforcement is having countries working together and having common legislative frameworks, he said.
Hampton said the agency fully supports strong encryption to keep people’s information secure and run the banking system.
“The problem is bad actors hide behind encryption so what you need is a means by which those social media companies can be required to provide lawful access.
“What the minister’s statement is about is encouraging those global companies to be part of the conversation around how best to give that effect.”
New Zealand had no plan to follow Australia’s anti-encryption legislation in 2018, but preferred to engage in “constructive dialogue”. Little said there seemed to be a greater awareness on the part of social media companies that they have a social responsibility.
The Five Eyes governments have issued similar calls in the past for tech companies to allow authorities such as the police to get access to data in a readable and usable format.
Computer security consultant Adam Boileau said the signatories were gradually introducing the public to what Western governments would like for encryption, and asking tech companies to come up with ideas.
But it was also a type of victory for encryption, he said. “It acknowledges encryption is important in protecting privacy and its use in commerce… is important and that’s the Government, and the governments of the Western nations, conceding that mass surveillance isn’t a thing they can have any more.”