The missing sections have now been incorporated in the online version and are highlighted in red.
The report, entitled Review of policy relating to encryption technologies, is the outcome of a study conducted in 1996 by Gerard Walsh, a former deputy director-general of the Australian Security Intelligence Organisation (ASIO). Publication of the report was eagerly awaited by members of the law enforcement community, other government departments, commerce, and the online community. It was expected that the report would examine the the various issues in the crypotography debate and encourage further comment and consultation.
The report was listed for sale by the Australian Government Publishing Service in January 1997, but was hurriedly withdrawn from the list 3 weeks later, following an enquiry by Electronic Frontiers Australia (EFA) as to the reasons why it was not actually available for sale. The original intention had apparently been to allow for a 3-month consultation period for public comment. EFA then released a Media Statement calling for the release of the report.
In March 1997, EFA applied for release of the report under the Freedom of Information Act. This request was denied, quoting various sections of the Act relating to national security and law enforcement as justification for the denial. EFA then submitted a request for review of the decision, and this request was successful, resulting in the release of an edited photocopy of the report in June 1997.
This is an important report and covers a number of issues of relevance to the global cryptography debate.
A number of paragraphs were deleted from the copy supplied to EFA. These have been identified in the report, together with an annotation referring to the section of the report under which that paragraph was claimed to be exempt from release.
However, in December 1998, the missing sections were obtained. The originally deleted paragraphs have been highlighted in red.
Reproduced below are the 3 sections of the Act under which parts of the report were deleted. The full text of the Freedom of Information Act 1982 is available online from the Australian Legal Information Institute (AUSTLII).
Freedom of Information Act 1982 - Sect 33
Documents affecting national security, defence or international relations
33. (1) A document is an exempt document if disclosure of the document under this Act:
(3) Where a Minister is satisfied as mentioned in subsection (2) by reason only of matter contained in a particular part or particular parts of a document, a certificate under that subsection in respect of the document shall identify that part or those parts of the document as containing the matter by reason of which the certificate is given.
(4) Where a Minister is satisfied that information as to the existence or non-existence of a document as described in a request would, if contained in a document of an agency, cause the last-mentioned document to be an exempt document under this section for a reason referred to in subsection (1), he or she may sign a certificate to that effect (specifying that reason).
(5) The responsible Minister of an agency may, either generally or as otherwise provided by the instrument of delegation, by writing signed by him, delegate to the principal officer of the agency his or her powers under this section in respect of documents of the agency.
(6) A power delegated under subsection (5), when exercised by the delegate, shall, for the purposes of this Act, be deemed to have been exercised by the responsible Minister.
(7) A delegation under subsection (5) does not prevent the exercise of a power by the responsible Minister.
.........
Freedom of Information Act 1982 - Sect 36
Internal working documents
36. (1) Subject to this section, a document is an exempt document if it is a document the disclosure of which under this Act:
(a) would disclose matter in the nature of, or relating to, opinion, advice or recommendation obtained, prepared or recorded, or consultation or deliberation that has taken place, in the course of, or for the purposes of, the deliberative processes involved in the functions of an agency or Minister or of the Government of the Commonwealth; and (b) would be contrary to the public interest. (2) In the case of a document of the kind referred to in subsection 9 (1), the matter referred to in paragraph (1) (a) of this section does not include matter that is used or to be used for the purpose of the making of decisions or recommendations referred to in subsection 9 (1).
(3) Where a Minister is satisfied, in relation to a document to which paragraph (1) (a) applies, that the disclosure of the document would be contrary to the public interest, he or she may sign a certificate to that effect (specifying the ground of public interest in relation to which the certificate is given) and, subject to the operation of Part VI, such a certificate, so long as it remains in force, establishes conclusively that the disclosure of that document would be contrary to the public interest.
(4) Where a Minister is satisfied as mentioned in subsection (3) by reason only of matter contained in a particular part or particular parts of a document, a certificate under that subsection in respect of the document shall identify that part or those parts of the document as containing the matter by reason of which the certificate is given.
(5) This section does not apply to a document by reason only of purely factual material contained in the document.
(6) This section does not apply to:
(7) Where a decision is made under Part III that an applicant is not entitled to access to a document by reason of the application of this section, the notice under section 26 shall state the ground of public interest on which the decision is based.
(8) The responsible Minister of an agency may, either generally or as otherwise provided by the instrument of delegation, by writing signed by him, delegate to the principal officer of the agency his or her powers under this section in respect of documents of the agency.
(9) A power delegated under subsection (8), when exercised by the delegate, shall, for the purposes of this Act, be deemed to have been exercised by the responsible Minister.
(10) A delegation under subsection (8) does not prevent the exercise of a power by the responsible Minister.
..........
Freedom of Information Act 1982 - Sect 37
Documents affecting enforcement of law and protection of public safety
37. (1) A document is an exempt document if its disclosure under this Act would, or could reasonably be expected to:
(3) In this section, "law" means law of the Commonwealth or of a State or Territory.
Table of Contents
Terms and Abbreviations
Chapter 1. Conclusions and Findings
1.2 Findings
1.1 Conclusions
Chapter 2. Context and Approach of the Review
2.2. The Approach
2.3. Creative Tension or Competition
3.2. On law enforcement and national security
3.3. The statistical vacuum
3.4. Policy uncertainty
3.5. Today's problems for the investigators
3.6. The imminent challenge
3.7. Towards response strategies
4.2. National security
4.3. The cost of alternatives
4.4. Decryption capability for law enforcement and national security?
4.5. Public key infrastructures
4.6. International agreements
4.7. Third party systems
4.8. The Internet
5.2. Export controls
6.2. Maintaining investigative capability
6.3. Coordination of operational capacity
6.4. A new legislative approach
Annexe B. Australia Online [extract]
Annexe C. US Administration statement on commercial
encryption, 12 July 1996
Annexe D. UK Government paper of regulatory intent
concerning use of encryption on public
networks, 11 June 1996
Annexe E. OECD guidelines governing the protection of
privacy and transborder flows of personal
data
Annexe F. US Administration statement on encryption issued
by the Vice-President, 1 October 1996.
1. This report is in response to an invitation from the Secretary of the Attorney-General's Department to review the policy relating to encryption technologies and offer a view whether legislative or other actions are indicated to cater for national security and law enforcement interests in the face of the information and communications revolution and the continuing need to safeguard privacy. Terms of reference of the Review are attached at Annex A.
2. The structure of the report is set out in Chapter 2. Limited resources precluded the Review inviting written submissions or conducting public hearings. Instead, the strategy adopted was to consult directly with as representative a sample of interested parties as time and resources would permit. All were uniformly generous with their time. For that, and the assistance given by the Security Division of the Department, I express my appreciation.
3. There is an immediate need for broad public discussion of cryptography. The report's conclusion identifies the essential conundrum - strong cryptography, imminently available to the mass market, will offer significant enhancement of data security and personal and corporate privacy, but also provide a powerful shield behind which criminals and others may operate. Should government intervene and mandate conditions of use, intervene only when disadvantage to the state is evident, provide the framework of principles while legislative power addressing other but related powers of the state are kept relevant, or do nothing? How the inherent tensions in this issue are resolved will affect the whole community. Hence, the need for broad discussion and contribution. This report is intended to contribute to that process.
4. The Australian Government is seeking public comment on the contents of this report. Comments should be directed to:
Facsimile: (06) 270 2254
Email: security.division@ag.ausgovag.telememo.au
Gerard Walsh
10 October 1996
| AFP | Australian Federal Police |
| algorithm | a mathematical operation or formulation performed to calculate new values (of text) from old. Encryption is done via an algorithm.. To disguise the information and make it unintelligible, a key is fed into the algorithm, along with the text to be converted into cyphertext. The same key or its pair, fed into the decryption algorithm returns the cyphertext into the original text. |
| ASC | Australian Securities Commission |
| ASIO | Australian Security Intelligence Organization |
| asymmetric key | also referred to as public key or two key encryption. A method of encryption in which different keys are used to encrypt and decrypt. The keys are mathematically related but it is not possible to infer one from the other. One key may be made public and the other kept private, allowing Smith to encrypt and send a message to Jones using Jones' public key and Jones to decrypt it using her private key. With RSA (see below) either key can be used to encrypt as long as the other is used to decrypt, but anyone with access to Jones' cyphertext can decrypt her messages because her public key is known. |
| AUSCERT | the Australian Computer Emergency Response Team (AUSCERT), an independent Internet security body. |
| AUSTEL | the Australian Telecommunications Authority |
| AUSTRAC | Australian Transaction Reports and Analysis Centre |
| authentication | (1) in computer security, the act of identifying or verifying the eligibility of a station, originator or individual to access specific categories of information; (2) in data security, a measure designed to provide protection against fraudulent transmissions by establishing the validity of a transmission, message, station or originator; (3) in data security, processes that ensure everything about a teleprocessing transaction is genuine and that the message has not been altered or corrupted in transmission; (4) in computer security, the process that verifies the identity of an individual as established by an identification process; (5) in data security and data communications, both the prevention of undetected alteration to data and peer entity (mutual verification of each other's identities by communicating parties) authentication. |
| bit | binary digit - here either of the mathematical characters zero or one |
| certificate | a set of information which, at least, identifies the certification authority issuing the information; unambiguously names or identifies the owner; contains the owner's public key; and is digitally signed by the certification authority issuing the certificate. |
| certifying authority | an entity that verifies the identity of another entity, allocates a unique name to that entity and verifies the correctness of information concerning that entity by signing a public key certificate for that entity. |
| cryptography | the art or science that treats of the principles, means and methods for rendering plaintext unintelligible and for converting encrypted messages into intelligible form. |
| clipper chip | a hardware encryption device first sponsored by the United States government in April 1993 and intended to be the sole encryption system used on the Internet. Legislation was prepared to back the proposal. It would have had an enforced system of escrow built into it, permitting law enforcement agencies armed with a warrant to decrypt any clipper-encrypted messages. Each chip was registered and pre-programmed with some numbers issued by the two escrow agencies (both government agencies). Knowledge of these two numbers, available on production of a warrant, would allow the calculation of the session key used and the identity of the sender, but not the recipient. The proposal was abandoned in 1995. |
| confidentiality | in computer security, a concept that applies to data that must be held in confidence and that describes the status and degree of protection that must be provided for such data about individuals as well as organisations. |
| cyberspace | the ether or medium through which messages are transmitted - at least the Internet and the networks connected to it. |
| cyphertext | the text after encryption. It is sent by the user over an insecure communication channel on the assumption that the equivalent plain text will be unable to be inferred by cryptanalysis and so is safe from a passive and an active attack. |
| data compression | in codes, reduction of the size of the data by techniques which exploit redundancies in the data; in memory systems, a technique that saves storage space by eliminating gaps, empty fields and redundancies to shorten the length of records or blocks. |
| decryption | the conversion of cyphertext into its plaintext equivalent by use of the appropriate key. |
| DES | the Data Encryption Standard (DES) specifies an algorithm to be implemented in electronic hardware devices and used for the cryptographic protection of computer data. It became mandatory for US Federal agencies in June 1977. The algorithm is public but the design principles remain classified. DES uses a 56-bit key and encodes text in 64-bit blocks. |
| digital signature | a digital signature is a technique or procedure for the sender of a message to attach additional data to that message which forms a unique and unforgeable identifier of the sender and the message. |
| DSD | Defence Signals Directorate |
| DSTO | Defence Science and Technology Organisation |
| encryption | the transformation of data to an unintelligible form in such a way that the original data either cannot be obtained (one-way encryption) or cannot be obtained without using the inverse decryption process (two-way encryption). |
| FBI | Federal Bureau of Investigation (USA) |
| GII | Global Information Infrastructure - a worldwide 'network of networks' creating a global information marketplace, encouraging broad-based social discourse within and among all countries. By interconnecting local, national, regional and global networks, the GII can expand the scope of benefits of advances in information and telecommunications technologies on a global scale. See also, the Internet and note that the GII is probably a short-hand reference to what the OECD called in 1980 as transborder flows of information. |
| hacking | the act of gaining unauthorised access to a computer network by defeating the system's access controls. The act is often compounded by one or more offences relating to breaches of confidentiality, privacy, national security, altering or erasing data, intellectual property and commercial interests. |
| Internet | a worldwide interconnection of individual networks operated by government, industry, academia and private parties. [The Internet originally served to connect laboratories engaged in government research, and has now been expanded to serve millions of users and a multitude of purposes.] |
| Jones | see Smith |
| key | a key is a number, whose size is expressed as a number of bits in binary arithmetic (eg 56-bit) |
| key distribution | public keys can be distributed freely through listing on a bulletin board or via a directory. Public key encryption depends on confidence the public keys are correct. Users need to be assured they have valid keys for other people and keys need to be provided/copied by dependable means. |
| key escrow | a concept, principally advanced by the US Government, under which keys for cryptographic systems would be registered with government appointed agencies and be accessible by law enforcement agencies on production of a warrant. |
| key length | the size of a key and measure of its strength. In simplistic terms a 40/384-bit secret/public key system may be classified as weak, a 56/512-bit system as borderline: and an 80/1024-bit system as strong. |
| LAN | Local Area Network |
| LEAC | Law Enforcement Advisory Committee established by the regulating agency, A USTEL. |
| NCA | National Crime Authority. |
| OECD | Organisation for Economic Cooperation and Development |
| phreaking | the unauthorised use of telecommunications services or equipment at the expense of another. This act not only defrauds carriers and service providers of rightful service charges but may also damage the integrity of the switching and billing systems. |
| PKAF | a Public Key Authentication Framework would allow for the establishment of a trusted public key system, allowing any entity to determine the trust and validity of a public key certificate claimed to be associated with another entity. The proposal was prepared by the PKAF Task Group, formed by Standards Australia from representatives of industry and government. |
| plain text | data or a message in ordinary language or format, which can be understood by a person or a computer. |
| public key encryption | see assymetric system |
| private key encryption | see symmetric system. Not to be confused with the private key of a public key pair which is used for confidentiality purposes. |
| RSA | an algorithm for creating public key private key pairs and algorithms for the subsequent encryption and decryption of text. Designed by Rivest-Shamir-Adleman, after whom it is named. This system is commonly used for public key encryption and the only public key system which creates key pairs which can be used for either role. |
| Smith | a fictional identity, like Jones, thought preferable by the author to colourless cyphers like A, B, C and a variant from the A lice and Bob who habituate frequent such texts. In a further attempt at verisimilitude, Smith is of the male gender, while Jones is a female. |
| steganography | in data security, the concealment of the existence of messages, literally covered writing. This can take the form of filling in inter-message gaps with padding characters, thus although the existence of the communication link is not concealed an attacker is denied information on when messages are being transmitted. |
| symmetric key | a method of encryption in which the same key is used to encrypt as to decrypt. Also referred to as secret key or single key encryption. This sort of encryption is used in telephone scramblers. The key length can be varied for different levels of protection. It is a much faster process than using asymmetric keys. |
| trusted third party | an entity providing user services ranging from the provision of authentication services such as the verification of a client's public key, time stamping of documents, digital signatures and key retrieval services. |
CONCLUSIONS AND FINDINGS
1.1 Conclusions
1.1.1 The relationship of the individual to society is determined by an elaborate series of structured and informal arrangements. That our society should be an open, pluralist, democratic, ethnically diverse one, eschewing discrimination on the grounds of age, gender, religion, race, physical or intellectual handicap or any other discriminator which denies dignity is universally agreed.
1.1.2 Individuals living in community cede certain rights and privileges to ensure order, equity and good government, even if sometimes reluctantly. To this end, a lawful right to conduct intrusive investigations has been given to law enforcement and national security agencies and to ensure the exercise of those intrusive powers is properly controlled, various forms of oversight and a package of administrative law measures have been instituted. These have produced a significant increase in public accountability, but our time is characterised by a mistrust of all powerful institutions which seek to limit the freedoms of ordinary citizens.
1.1.3 The general availability to the individual of data security, whether for storage or communications, will alter the relationship between the citizen and the state. It will mark a rare opportunity, in the second half of this century, when advantage moves in the citizen's favour. In recent years the balance has shifted markedly to the advantage of the state and to law enforcement and national security, as technology and computing power have provided powerful investigative tools to trace or profile individual subjects. 1 As long ago as 1890 the Harvard Law Review decried the threat to privacy which 'recent inventions and business methods' posed - the invention was black and white photography and the methods invasive investigations by brash newspapers! 2 The Review accepts the considerable and necessary benefit which cryptography will bring to the citizen, not only for confidentiality but also for authenticity, integrity and non-repudiation. It is, however, only confidentiality services with which this Review is concerned.
1.1.4 The point is strenuously made by law enforcement and national security representatives that loss of access to real-time communications and to data stored electronically would have a significant and deleterious effect on investigative capability. That effect would be the loss of tactical intelligence by which their investigations are directed, the denial of evidence which may secure the prosecution of serious criminals, significant on-costs and increased risk.
1.1.5 This Review was commissioned by the Commonwealth and is directed to Commonwealth requirements. The terms law enforcement and national security have, therefore, a clearly intended Commonwealth application when specific matters are addressed. Law enforcement is primarily taken by the Review to embrace the Australian Federal Police (AFP) and the National Crime Authority (NCA). In a secondary sense, it includes the Australian Customs Service (ACS), the Australian Transaction Reports and Analysis Centre (AUSTRAC) and the Commonwealth Law Enforcement Board (CLEB). National security is taken to refer specifically to the Australian Security Intelligence Organization (ASIO). But these matters, law enforcement in particular, cannot be isolated in a federal sense. The Review consulted with the police services of New South Wales and Victoria as major representatives of State and Territory police services. The conclusions at which the Review arrived have equal application for the States and Territories and the nature of the challenge of encryption dictates that responses and solutions be nationally based. There will be a need for complementary, coherent and consistent action by the Commonwealth, the States and Territories in this matter.
1.1.6 The public availability of encryption has drawn differing responses from governments. This review has confined its study to cryptography, of which encryption is the process by which data is transformed into an unintelligible form, so the original data cannot be obtained or cannot be obtained without using the inverse decryption process. It has not concerned it self with other forms of data manipulation, such as steganography or data compression, which may cause difficulty in understanding the meaning of the data. Some countries, such as France, Israel, Belgium and China, have limited the importation of encryption systems and products and effectively mandated the escrowing of keys. Burma, in late September 1996, banned connections to the Internet. In days of cyberspace access, any attempt hermetically to seal borders seems an exercise in futility. Other countries, such as the United States and the United Kingdom, while proposing voluntary national arrangements which place conditions on the use of encryption, have not excluded the prospect of mandatory arrangements.
1.1.7 Recognising the importance of the information and communications revolution to Australia's development and to the needs of electronic commerce, successive Governments have favoured a process of self-regulation to deal with encryption policy, believing competition and consumer demand will ensure the interests of all sectors are addressed.
1.1.8 While the needs of electronic commerce, intellectual property and the protection of safety-critical industrial 'processes may be attended by self- regulation, the requirements of law enforcement, security and privacy stand somewhat apart. It is a paradox that the purposes for which cryptographic methods may be used can be mutually conflicting - providing the security needed to move vast streams of commercial, financial and medical data across open networks and providing impregnable communications security for terrorists and organised crime to wreak their havoc on society. The challenge for all governments is to secure a balanced policy outcome.
1.1.9 Law enforcement and national security need to be able to collect the tactical intelligence and evidence critical to the effective prosecution and coordination of their inquiries. There was an understandable concern mentioned by some that government may be seeking to enhance the powers of law enforcement and security under the guise of a paradigm shift in technology. That is not so. The objective of the review was to ensure investigative capability was maintained, while privacy and civil liberties were preserved. The Review was satisfied the availability of real-time decrypted communications is central to the investigative capability of law enforcement agencies and the national security service.
1.1.10 It was not clear, at the time the Review concluded, what public form of key management infrastructure would be required in Australia. There was a period, not so much earlier, when it was automatically accepted that independent entities would generate and archive keys. Developments in technology see individuals capable of generating their own keys reliably, but it remains likely that many will rely on a commercial independent entity to assist in data retrieval. The notion of 'trust' will be central to any system of electronic commerce or third parties. It is difficult to imagine all individuals will be able or inclined to establish themselves the networks of trust necessary to engage in business with confidence. In view of the premium to be placed on trust and the high potential for corruption in the third party service provider area, a system of integrity screening and registration for providers is indicated. The process adopted by casino authorities should prove a useful model.
1.1.11 The need for certification facilities (affording a level of authentication or confidence in a person's private key) is clear and the sort of structural and procedural model provided in the Public Key Authentication Framework (PKAF) seems widely to be accepted. Clear indication of government support by, for instance, an announcement of intended usage of the system, would be timely and provide an urgently required planning base. For the purposes of electronic commerce, there will be a need for legislation to give digital signatures the equivalent force and effect of a witnessed hand-written signature. As in the case of third party service providers, a form of vetting and registration of those who would offer certification authority services is indicated.
1.1.12 A certification authority is neither an escrow agency nor a trusted third party; it will not retain or archive key materials unless specifically requested by customers to do so and then only under contractual conditions that remove any liability which may flow from compliance with lawful orders to produce such materials to instrumentalities of the state. Its function relates to certifying to the integrity or personal ownership for both authentication and confidentiality purposes, to authenticating digital signatures for commercial, legal, evidentiary and similar purposes.
1.1.13 Some may argue the more organised, or 'professional', criminal elements would be unlikely to rely on any service providers, too easily risking becoming hostages to fortune - a view recited by all law enforcement agencies consulted by the Review. But convenience, lethargy and a lack of discipline repeatedly prove themselves capable of overcoming such caution, at least among the less professional strata. In such circumstances, they may be few or many, government agencies could seek search warrants to obtain 'keys' where these were held either by the subject of the investigation or the registered third party service provider.
1.1.14 Criminal enterprises, like normal businesses, may be expected to generate their own key materials. There will be the capacity to generate a staggering number of keys, to use a computer randomly to choose the algorithm, to change the key randomly with every transaction or to change the key automatically at intervals set at seconds rather than minutes, while transactions proceed. In such instances, there is no third party or service provider to be approached. Either voluntary or coercive attempts to require production of the 'key' are unlikely to prove successful and the user would likely be unaware of the key being employed. The invocation of the principle of non self-incrimination may well represent the polite end of the possible range of responses.
1.1.15 In light of this situation, the Review does not recommend mandatory third party arrangements. Some form of voluntary third party service seems an inevitable development, however, for electronic commerce and intellectual property reasons, as well as interoperability and international agreements. It is likely to prove of limited assistance to law enforcement and national security investigations.
1.1.16 Any attempt to prohibit the importation of cryptographic materials would be misguided and harsh to the privacy rights of all citizens. Strong commercial encryption is in the national interest and a role can be argued for government to advise the community about the integrity/vulnerability of systems and products. On this note, the national interest strongly suggests Australia should not be dependent on products originating in one country. The risk of national dependence on the United States, which manufactures the majority of the world's software, would at least be reduced by diversification of supply and there is scope for government to take a lead here. There is, of course, some hope that the technology which passes through generations in the blink of an eye [a Web year was described to the Review as 90 days and going down!] may provide some comfort to law enforcement and national security. In the meantime, some practical suggestions are made.
1.1.17 Changes should be made to strengthen focussed investigations of the AFP, the NCA and ASIO, to review the sanctions for non-compliance with directions to produce and to protect more effectively sensitive operational methods used by these agencies to acquire access to encryption keys or systems. There should be no change to the tests to be satisfied before warrant requests are approved - they should remain as stringent as they are today. Nor should there be any change to oversight arrangements.
1.1.18 The wide and easy availability of cryptography will enhance the privacy of citizens, where they have control over the use to which data is being put. It should allow some protection against the data-matching, profiling and peddling of personal information for commercial gain which have become endemic, through ignorance or obfuscation of the need for informed consent. 3 It will adversely impact on the capability and investigative approach of law enforcement agencies and the security service and may, consequently, provoke some redefinition of that fundamental relationship between citizen and state. To presage the imminent end to civilisation, however, which some foreign law enforcement advocates assert will ensue should their favoured approach not be adopted, is neither a novel prophecy nor lends substantial assistance to the debate.
1.1.19 The work of the sub-group of the Organisation for Economic Cooperation and Development (OECD), tasked with developing draft guidelines on cryptography, is important. The aim is a framework of principles addressing the needs of the global village. 4 Electronic commerce requirements, if nothing else, will likely dictate some common infrastructure to guarantee interoperability. If the European Union, the United States or Japan, for example, or any combination of these, was to muster sufficient support for a particular model, Australia would be foolish not to follow suit. At this stage, however, there is no such agreement and, hence, no need to take an independent policy position on this issue.
1.1.20 The conundrum for government is the encryption genie is out of the bottle: a genie with the potential to enhance data security and personal and corporate privacy but also to provide a shield of invisibility for criminals and others. While the pace of change continues relentlessly, the most appropriate policy response remains to watch developments closely, to reinforce and protect the investigative capacity of law enforcement and the security service, to maintain the requirement that telecommunications services provided by carriers be susceptible to interception, to progress the development of the OECD guidelines on cryptography, to ensure appropriate arrangements for the screening, performance standards and registration of third party service providers and certifying authorities are put in place, to coordinate policy and technical development which may provide a solution to public safety needs and to stimulate public discussion of and involvement in the search for a truly balanced solution.
1.1.21 The implications for law enforcement and national security of encryption, though significant, appear dwarfed by the potential fiscal consequences, particularly when allied to more powerful processing and the progressively increasing capacity for individuals to engage in anonymous transactions. They are matters, however, outside the Terms of Reference.
1.2 Findings
1.2.1 The main finding of the Review is that major legislative action is not advised at this time to safeguard national security and law enforcement interests in the face of the challenge presented by cryptography, though a range of minor legislative and other actions are indicated.
The 1994 judgement, that encryption was a looming problem which warranted close monitoring, remains substantially valid. The problem, in a substantive sense, still lies ahead of law enforcement and national security agencies but the distance is shortening rapidly.
1.2.2 The option recommended by the Review to cater for national security and law enforcement interests in the face of the encryption challenge is to strengthen and further protect the investigative capability of those agencies, to recast the relevant statutory provisions in clear purpose terms to prevent premature aging and to consider the introduction of a new statute (the Aid to Public Safety Act is proposed) which would aggregate the various intrusive investigative powers, or at least those in the Attorney-General's portfolio, into one place. This would facilitate the process of review, as indicated by changes in technology or circumstance, and likely engender a more controlled public discussion.
1.2.3 Australia has not been disadvantaged by the absence of policy decisions on the issue of key management infrastructure. Many foreign governments have moved early, but not necessarily to advantage. The rate of technological change, developing public knowledge and expectation of the Global Information Infrastructure and the reaction to the control mechanisms attempted by some governments suggest, generally, a continuation of this course. The immediate exception, on public administration grounds rather than anything else, would be the introduction of screening and registration procedures for third party service providers and certifying authorities. The third quarter of 1996 saw more intensive global engagement on this issue than any comparable earlier period. The greater risk for Australia, in the short term, is the lack of certainty about who is directing government policy and who, therefore, is coordinating the work progressing across a range of fronts. That is an issue which needs urgently to be addressed.
1.2.4 The Review's findings are set out against each term of reference. Those of a broader nature, which do not specifically relate to a particular term of reference, have been aggregated under term number 2.
| Term of Reference 1. | The Review is to examine whether legislative or other action should be taken to safeguard national security and law enforcement interests in the light of the rapid development of the Global Information Infrastructure and the continuing need to safeguard individual privacy. |
Findings:
1.2.5 The Review does not support legislative action at this stage to prescribe a form of key management infrastructure accessible by government for purposes of national safety, but overseas proposals and developments will need to be kept under close watch. The effort within the OECD to develop draft guidelines on cryptography is worthwhile and should provide a useful framework for national and international approach to this issue. A further Review is recommended late in 1997, when technology will have advanced further, any early impact of deregulated communications will be apparent, the position of other countries such as Britain and the United States will be clearer (both plan to introduce legislative measures), the OECD work will be largely concluded and the position Australia might best adopt to balance its national security and law enforcement interests with its support for electronic commerce, privacy and continuing access to the communications and information revolution, might be clearer. (paragraphs 3.4.1-3; 3.7.1-7; 4.5.11-16; 4.6.1-2; 5.1.5-9 refer)
1.2.6 The Review found a lack of clarity as to which Minister and which department had responsibility for cryptography policy and the consequent danger of a lack of coordination in policy development. These deficiencies need to be overcome. (paragraphs 2.3.1-2; 3.4.3-5; 6.1.1-4 refer)
1.2.7 The Review identified a number of areas where legislative action might be taken to ensure Australia's national security and law enforcement interests. These are set out at term 3(c).
| Term of Reference 2. | The objective of the Review will be to present options for encryption policies and legislation which adequately address national security, law enforcement and privacy needs while taking account of policy options being developed to address commercial needs. |
Findings:
1.2.8 The Review does not recommend specific options for encryption legislation at this time. The policy options being developed to address commercial needs are as yet inchoate. The process of developing guidelines on the use of cryptography by the OECD Ad Hoc Group of Experts is still 6 months from conclusion and international agreements based on such a framework would seem to represent the only basis for trusted third party encryption of telecommunications. 5 (paragraph references as per 1.2.5)
1.2.9 There is no draft proposal at large which meets well the competing demands of law enforcement/national security, privacy and commercial needs. (paragraphs 4.5.1 1; 4.6.2; 4.7.1-6 refer)
1.2.10 The conceptual difficulty in resolving those tensions in one set of arrangements is exacerbated by the requirements of law enforcement and national security being predicated on access, while privacy and commercial needs are predicated on protection.
1.2.11 There seems no compelling reason or virtue to move early on regulation or legislation concerning cryptography. Law enforcement and national security agencies have certainly experienced difficulty where subjects of investigation have refused access to encrypted stored data and it has not been possible for them or other agencies to decrypt this material. It is questionable, though, whether any range of policy decisions concerning key management would have altered this situation materially. For the present, the investigative capability of the agencies is not significantly affected. (paragraphs 3.2.1-4; 3.5.3-4; 4.1.2 refer)
1.2.12 To ensure policy positions are properly coordinated and reflect the interests of the different parts of government, it would be preferable if these followed decisions by Ministers on policy responsibility, were coordinated by a standing inter-departmental committee and that the committee was constituted at an appropriate level. (paragraphs 3.4.2-5 refer)
1.2.13 For reasons of electronic commerce and international cooperation in the law enforcement and national security areas, Australia's policy positions must mesh with those of her major trading and cooperating partners. While a few countries have made public policy commitments, these are likely further to change. International acceptance of the OECD draft guidelines on cryptography, the drafting of which is due to conclude early in 1997, may provide a basis for that consistency in national approach essential for the GII. (paragraphs 4.6.1-4 refer)
| Term of Reference 3(a). | Key factors to be addressed include Australia's national security and defense interests; |
Findings:
1.2.14 While national security and defense interests provided the framework within which the other terms of reference in paragraph 3 were examined, the injunction in the first term of reference of the Review to have regard for the continuing need to safeguard individual privacy and a reminder of that at term 3(d) provided some tension when different requirements were to be served. The approach of the Review was to seek to strike a balance, leaving the privacy advantage with the community as a whole when the security or defense interests, taken at their broadest, were unable to demonstrate an impediment to the performance of their functions and model mechanisms of control either failed or were oppressive.
| Term of Reference 3(b). | an assessment of the present state of encryption technology and prospective developments in encryption technology over the next few years likely to impact on Australia's national security and law enforcement interests; |
Findings:
1.2.16 Data is being stored securely on computer systems or being sent over the telephone system beyond the reach or visibility of the investigative agencies. (paragraphs 3.5.1-4 refer)
1.2.17 The likely trend will be from software encryption applications with separate keys generated by the individual's computer system or an independent entity to primarily hardware solutions where random keys are rapidly generated and changed by the equipment itself and recognized and understood by those to whom data transmissions are directed (paragraphs 3.6.1-7 refer)
1.2.19 The AFP should chair an inter-agency group tasked with the preparation of an assessment of the impact which the loss of real-time access to voice and data communications would have for law enforcement and national security. The assessment should be submitted to the Secretary of the Attorney-General's Department for presentation to the Secretaries Committee on National Security. (paragraph 4.1.3 refers)
1.2.20 The future direction of encryption technology depends largely on advances in the field of pure mathematics and computing power which increases, on average, by the power of 10 every five years. We will likely see dedicated microchips able to work faster and process more complex algorithms. at reasonable speed. Secure faxes will become more common. Remote banking facilities will become available. Local area computer networks (LANs) will use encryption for communication between workstation and file server or mail server. This encryption will be transparent to the user. Each computer or user on the network will have its own public/private key pair, used to generate random session keys. Further ahead, quantum computing and, perhaps, quantum cryptography are mentioned, as are molecular memories, but none is predicted to cause major change to the projected trend line of development. (paragraphs 3.1.1-4 refer)
1.2.21 The availability of an encryption function on major software applications or as a service to telecommunications users would likely be taken up quickly by the community, but particularly the more significant targets of law enforcement and national security agencies. Microsoft, for example, recently indicated it would soon offer such an application. (paragraph 3.4.6 refers)
| Term of Reference 3(c) | whether Australia's present laws are adequate to ensure Australia's security and law enforcement interests in an environment of rapidly emerging new technologies; |
Findings:
1.2.23 The Telecommunications (Interception) Act 1979 is considered adequate by national security and law enforcement agencies, though a range of issues such as the continuing capacity to trace calls; the test of reasonableness (as applied) under which law enforcement and national security agencies may seek such action; access to call record information and caller identification from carriers and service providers; the legal status and, therefore, obligations of service providers after 1 July 1997; the impact of satellites (eg systems are being launched by Asian countries which will cover significant parts of Australia); and some jurisdictional matters in relation to the Internet loom as issues which the Law Enforcement Advisory Committee (LEAC) and the Attorney-General's Department will need to pursue. (paragraphs 3.4.1-2; 3.6.7; 4.8.4; 6.2.4 refer)
1.2.24 The Telecommunications Act 1991 would become inadequate if the license condition on carriers first to obtain approval from the Minister for Communications and the Arts, who is required to consult with the Attorney-General, before marketing any telecommunications service not susceptible to interception should be varied. 6 (Paragraph 6.2.18 refers)
1.2.25 The Telecommunications Act 1991 should establish a requirement for all communications service providers to be registered, which would facilitate the service of warrants and access to customer data bases by law enforcement and national security agencies. The purpose is not to restrict entry to the sector but to meet these requirements and ensure service providers may be kept informed of changes affecting their functions. (paragraphs 6.2.4-5; 6.2.18; 6.2.21 refer)
1.2.26 The ability to trace calls will continue to be of major importance to the AFP, NCA and ASIO (and the State police services), even in situations where interception or access to communication content is denied. The application of the 'reasonableness' principle by communications carriers or service providers will need to extend beyond life-threatening situations. The containment of consequential costs might best be managed by limiting, more than currently, those agencies authorised to make such requests. (paragraphs 3.6.7; 6.2.4 refer)
1.2.27 Invocation of the principle of non self-incrimination is likely to prove an obstacle to efforts by law enforcement agencies to obtain encryption keys by search warrants or orders made by courts and tribunals. (paragraphs 3.2.4; 3.5.1-4; 3.7.10-11 refer)
1.2.29 Consideration should be given to establishing a further and more serious category of offence where encryption is used to obstruct investigation by law enforcement or national security agencies into the preparation for or commission of a criminal offence and to give the Commissioner of the AFP authority, analogous to the ss. 28/29 powers provision available to the Chairman of the NCA, to require production of information or material which would render seized encrypted data intelligible. (paragraphs 3.7.10; 3.7.11; 6.2.22 refer)
1.2.30 The narrow definition of a listening device in the Australian Federal Police Act 1979 should be amended to reflect the purpose of such devices, namely to transmit data. The current wording restricts transmission to voice only. (paragraphs 4.3.5; 6.2.1; 6.2.20; 6.4.4 refer)
1.2.31 The criteria of Class 2 offences as set out in section 12(B) of the AFP Act should be widened so that listening devices might be deployed in the investigation of computer and information crime. The use of computers as communications devices is much more common than when the Act was drafted and that trend is only likely to become more prevalent. (paragraphs 6.2.2; 6.2.20 refer)
1.2.32 Authority needs to be created in the AFP Act, subject to the normal warranting processes for the exercise of intrusive powers, for the agency to install tracing or tracking devices which transmit data, to enter premises or perform this remotely, to do so without seeking or obtaining the permission of the owner or user of the equipment or premises, to transit other premises necessary to reach the nominated premise and to re-enter such premises as are necessary to maintain, replace or remove devices. Removal of devices, under the same warrant conditions, would be permitted after the expiration of the warrant, if secure circumstances do not obtain in the term of the warrant. Call-tracing should not be a facility confined in its application to life- threatening situations but available for the investigation of serious crime or security, intelligence subjects. (paragraphs 6.2.6; 6.2.9; 6.2.20 refer)
1.2.34 All amendments and suggestions made in relation to the AFP Act should be mirrored by amendment to the ASIO Act, both for its security intelligence and its foreign intelligence investigation obligations.
1.2.35 There will need to be integration between federal, state and territory law enforcement agencies as Commonwealth investigations frequently cover several jurisdictions, the State and Territory police forces operate in the same areas of criminal investigation and the latter police forces employ the same core technology and encounter the same problems. These issues might usefully be explored at a meeting of the Standing Committee of Attorneys-General and the Australian Police Ministers Conference. (paragraph 6.2.28 refers)
1.2.36 Statutory protection needs to be afforded those sensitive operational and technical methods employed by law enforcement agencies in the course of their investigations. The process of establishing a public interest immunity claim may implicitly reveal sufficient of a conceptual and operational approach as to destroy the integrity of such a method. Where high personal risk and damage to the investigative capability of the agency may result, should protection of the operational methods employed in a particular investigation not be absolute, agency heads should be empowered to issue a certificate, pursuant to the proposed provision, identifying the operationally sensitive information protected from disclosure, discovery by legal process or access under the FOI Act. (paragraphs 6.2.12-17; 6.2.20 refer)
1.2.37 Consideration be given to incorporating all intrusive investigative powers, or at least those of the agencies in the Attorney-General's portfolio such as the AFP, ASIO, AUSTRAC and the NCA, into one statute with an aim and title like 'the Aid to Public Safety Act'. The various powers should be expressed in terms of their purpose, not the means by which those purposes may be achieved. The benefit would rest in common approaches across Commonwealth agencies, a clearer over-arching purpose, a positive encouragement to inter-agency cooperation and the greater speed and political ease with which necessary amendments may be effected to ensure the statute remains relevant to developing technology and practice. (paragraphs 6.4.1-8 refer)
1.2.38 Instead of the current four or more types of warrant for intrusive investigative activities by law enforcement and national security agencies, to which further types are proposed at 1.2.28, 1.2.32 and 1.2.33, all warrant types should be reduced to one of two: the interception of communications or entry into property. (paragraph 6.4.8 refers)
| Term of Reference 3(d) | measures to safeguard individual privacy including an examination of the warranting provisions that may be required to enable law enforcement and national security authorities to gain access to encrypted material, whether in the form of stored data or a message transmitted over a telecommunications network; |
Findings:
1.2.39 The ready availability of strong encryption, with no requirement to escrow or register keys, nor to entrust them to any independent entity, is the most effective safeguard of individual privacy. (paragraphs 3.4.8; 4.5.7; 4.5.10; 4.6.3; 4.8.4 refer)
1.2.40 The current regime of stringent warranting provisions for the exercise of intrusive investigative powers should continue and apply to any change to the range of those powers. (paragraphs 2.2.6; 5.1.7; 5.1.9 refer)
1.2.41 To ensure the privacy rights and civil liberties of those subjects of investigation by law enforcement and national security agencies are preserved, where a court or tribunal is prevented from examining any circumstances surrounding covert investigations because a statutory protection against involuntary disclosure has been invoked by an agency, such cases or a sample of these cases should be examined by a senior, independent official experienced in the conduct and handling protocols of sensitive matters. As the Inspector- General of Intelligence and Security has the function to inquire into matters referred to the Inspector-General by the Human Rights and Equal Opportunity Commission in respect of the intelligence community, the sole aspect to be reviewed here, this function would be caught within existing responsibilities. In the case of Commonwealth law enforcement agencies, the function might be given to the proposed National Integrity and Investigations Commission. (paragraphs 6.2.24-27 refer)
| Term of Reference 3(e) | an assessment and evidence of the benefits of access by law enforcement and national security agencies to encrypted data; |
Findings-
1.2.43 There are indications, more frequently seen by law enforcement agencies than ASIO, that the subjects of investigation are making significant use of encryption to store data securely. It is already a frequent experience that this data cannot be decrypted. (paragraphs 3.2.4; 3.5.1; 3.5.3; 4.1.2; 4.4.1 refer)
1.2.44 Real-time access by law enforcement and national security agencies to the voice and data communications of their subjects of investigation is essential to core capability. The loss of that access would seriously impair capability, increase the risk factor in their operations and entail a range of staffing, budgetary, legislative and political consequences. (paragraphs 4.3.1-6 refer)
1.2.45 The lack of reliable national statistics on attacks on computer and communications systems will hamper policy development in areas such as electronic commerce and cryptography. The proposed IDC on Cryptography should consider the matter in the light of the review of AUSCERT commissioned by DOCA and its impact. (paragraphs 3.3.4-5)
| Term of Reference 3(f) | an assessment of the most appropriate means offending the development, implementation and maintenance of a decrypting capability for existing and emerging technologies; |
Findings:
1.2.46 No cogent reason was presented to the Review which suggested an independent cryptanalytical capability should be established for law enforcement and national security interests. (paragraphs 4.4.1-5 refer)
1.2.47 While general support for an independent decryption capability was evident among law enforcement agencies, the limited opportunities and expectations with which decryption would be approached would not justify the significant establishment and recurrent budgetary allocation required. (paragraphs 4.4.6-7 refer)
1.2.48 A 'closed' forum at a senior technical and operational level involving law enforcement, national security and the Defence Signals Directorate should be established to discuss and share attack methodologies against encryption, the covert acquisition of keys, agree possible research projects and review cooperation arrangements. Such a forum would provide a means for keeping the Secretaries Committee on National Security informed of any significant change to the investigative capability of law enforcement or national security agencies as a result of encryption. 8 Because of the protocols surrounding this field, it would be sensible for such a forum to be covered by memoranda of understanding agreed by the heads of the various agencies. (paragraphs 4.4.7- 12; 6.3.2 refer)
1.2.49 The cost of enhancing in-house facilities to produce a modest decryption capability should not necessitate New Policy Proposals, but the Commissioner of the AFP, the Chairman of the NCA and the Director-General of ASIO should ensure investment in staff training, development and secondments and minor capital expenditure on decryption facilities are planned and implemented in a coordinated fashion. The proposed inter-agency forum may provide the vehicle to coordinate that investment and development. (paragraphs 4.4.7; 6.3.1-3; 6.3.5 refer)
| Term of Reference 3(g) | whether Australia should seek to negotiate agreements with any other country or countries governing access to encrypted data where public keys (under a 'Commercial key Escrow' or 'Trusted Third Party' system of encryption) are held outside Australia; |
Findings:
1.2.50 It would be premature to enter formal negotiations with other countries on access to encrypted data, where public keys are held in those countries, until there is some certainty as to likely key management infrastructures. Reciprocity is a standard feature of such access agreements. Caution against entering formal negotiations is not intended to preclude substantive discussions on the issues. Indeed, the US has intimated that a condition of easing export controls may be the existence of a form of certified key management. (paragraphs 4.6.1-2 refer)
1.2.51 Such agreements should reflect the arrangements which national security and law enforcement agencies have in place to handle the exchange of sensitive tracing and operational matters. Those arrangements, properly, have regard for the legal, political and human rights record of the requesting country and the likely use which may be made of the information sought. (paragraph 4.6.4 refer)
| Term of Reference 3(h) | whether legislation is desirable to: (i) regulate the availability of 'Commercial Key Escrow' or 'Trusted Third Party' encryption; or (ii) facilitate the development of 'Commercial Key Escrow' or 'Trusted Third Party' systems of encryption; |
1.2.53 There is a high risk of corruption in the third party service provider sector and the Government would be prudent to require integrity screening and registration of those who seek to offer such services to the public. The testing process employed by casino authorities should prove a useful model. (paragraphs 4.7.6-7 refer)
1.2.54 Some licensing or registration arrangement, together with a requirement to meet minimum performance standards (as proposed by Standards Australia) is indicated for Certifying Authorities providing authentication services. This may depend on the outcome of the Wallis Inquiry into the effects of deregulation of the finance system 9 or government may wish to consider it cognately with the recommendations from the working groups of officials examining a range of electronic commerce issues. The separation of the authentication from the confidentiality key is a matter where clear and early statement of government's position would assist. (paragraph 4.5.15 refers)
| Term of Reference 3(i) | the impact of overseas initiatives associated with encryption technology, particularly in relation to the extent to which international cooperation and proactive specification of desirable characteristics for encryption products and 'Commercial Key Escrow' or 'Trusted Third Party' services is desirable and recommendations as to how such international cooperation might best be achieved,. |
Findings:
1.2.55 Considerable variation exists in the approach of foreign governments to cryptography policy issues, ranging from banning, to registration, to the promotion of voluntary systems of key management which may meet some of the needs of law enforcement and security, to the deliberate decision not to take decisions on these matters while the technology continues to develop at a rapid rate and offers new approaches for dealing with the issue. (paragraphs 4.5.1-13 refer)
1.2.56 There seems to be little popular support in or outside the United States for a 'Commercial Key Escrow' system involving government agencies creating as it would significant vulnerability outside of the control of the person or corporation. 10
1.2.58 The issue of international cooperation would best be addressed frommid-1997 when there has been more developmental work, the position of a number of countries will be clearer, legislative proposals will have been introduced by some and the work. of the OECD Ad Hoc Group of Experts will have concluded. (paragraphs 4.6.1-4 refer)
| Term of Reference 3(j) | the effectiveness of Australia's export controls on encryption technology. |
Findings:
1.2.59 Any judgement as to effectiveness depends on the aspect from which the issue is approached. As the Review was enjoined to consider Australia's national security and defence interests as key factors, it may be argued Australia's export controls were effective, though American export controls may have had greater influence on the limited proliferation of 'strong' forms of encryption in the region. (paragraphs 5.2.1-4 refer)
1.2.61 From a commercial perspective, the purpose and impact of those export controls was questioned. There was criticism that Australian cryptographic products did not always meet customer requirements and suffered in comparison with American products on the counts of convenience, comparability and cost. (paragraph 5.2.6 refers)
1.2.62 The abolition, or even an amelioration, of United States export controls will likely prompt a rapid extension of key lengths as an argued talisman of data security. (paragraph 5.2.11 refers)
| Term of Reference 4. | The Review is to have regard to the Government's existing encryption policies, the work of the OECD Committee of Experts on Security, Privacy and Intellectual Property Protection in the Global Information Infrastructure on the development of international cryptography guidelines and the work of the Information Policy Task Force on the implementation of open encryption standards which address commercial needs. |
Findings:
1.2.63 The Review examined and took account of the Government's approach outlined in Australia Online 12 and by officials of the Department of Communications and the Arts. It examined the 1980 OECD Guidelines on Trans-Border Flows of Personal Data 13 and the 1992 OECD Guidelines on Information Systems Security and informed itself of their antecedents. It had the benefit of many discussions and meetings with representatives of all interested agencies on the draft guidelines on cryptography currently being developed and was invited to participate in inter-departmental discussions chaired by the Attorney-General's Department. The Information Policy Task Force had not been established in the period of this Review but a retitled Information Policy Advisory Council was due shortly to meet. 14
Footnotes:
1
Technologies include DNA analysis, fibre analysis, improved electronic
surveillance methods across public agencies such as Immigration, Social
Security, Taxation, Customs, financial institutions, communications
camera, transport companies and regulators, etc.
2
Samuel D Warren & Louis D Brandeis, The Right To Privacy, 4 Harv. L Rev. 193,
195 (1890)
3
Prof Greg Tucker notes the possibility that an unregulated GII environment
could lead to a loss of control by
individuals over their personal data, running the risk of creating a
surveillance society. From his paper titled
'Security, Privacy and Intellectual Property Rights in the Information
Infrastructure' presented to the OECD,
May 1996, p 143.
4
Not only is the relationship between the individual and the state likely to he
affected by cryptography and its
consequences but Michael Nelson argues we will see less powerful governments in
relation to trans-national
criminal organisations because traditional notions of sovereignty, national
security and warfare will be
undermined by 2020 when the whole world will be 'wired' and e-cash is the norm.
Michael Nelson, Special
Assistant, Information Security, Executive Office of the President, quoted in
BNA Daily Report for Executives,
6 September 1996, Washington, DC. A view offered also in a Technology Issue
Note published by the
National Security Agency titled 'NSA and the Cyberpunk Future', 3 June 1966, pp
4-5.
5
This group is Co-chaired by a Deputy Secretary of the Attorney-General's
Department and is scheduled to complete its work by February 1997.
6
The US Administration is proposing legislation requiring each telecommunications carrier to increase its
capacity to meet assistance capability requirements (the capacity simultaneously to undertake call tracing and
communications interceptions) equal to 0.5% - 1% of the engineered capacity of
the equipment, facilities or services that provide a customer or subscriber with the ability to originate,
terminate or direct communications.
The Congress has enacted the Communications Assistance for Law Enforcement Act
(CALEA) and authorised funding support of $500 ml. Under the Omnibus Consolidated Appropriations Bill
signed by President Clinton on September 30, 1996, the permanent Telecommunications Compliance Fund may
receive money from any US Government agency with law enforcement or intelligence responsibilities.
Carriers have raised significantly the charges levied on law enforcement agencies for special assistance.
7
Inspector-General of Intelligence and Security Act 1986. s.8 (1)(a)(v).
8
Both the Commissioner of the AFP and the Director-General of ASIO may be
invited to attend meetings of the Committee and the Secretaries of the Defence and the Attorney-General's
Department, which embrace the portfolio interests, are members.
9
The Financial Systems Inquiry, commissioned by the Treasurer under the
chairmanship of Mr Stan Wallis, is due to report to the Australian Government by
May 1997.
10
The US Administration issued two statements on July 12, 1996, one entitled
Administration Statement on Commercial Encryption Policy (shown at Annex C); the
other, US Cryptography Policy: Why We Are Taking the Current Approach.
11
A Paper on Regulatory Intent Concerning Use of Encryption on Public
Networks was issued by the British Department of Trade and Industry on 11
June 1996.
12
Policy statement on media issues published by the Coalition parties prior to
the 1996 federal election. The
section immediately relevant to this Review (personal Privacy and Commercial
Security) is shown at Annex B.
13
Attached at Annex F of this report.
14
The Information Policy Task Force was a specific proposal in Australia
Online. p 10 et seq and is specified as a relevant parameter for this Review. See Terms of Reference, attached as
Annex A to this report, para 4.
CONTEXT AND APPROACH OF THE REVIEW
2.1 The Context - Barrett's Obiter Dictum
2.1.1 This review occurred in concert with a range of similar reviews initiated by different parts of government. Some overlap was indicated, and the coordination arrangements remain something of a mystery. Topics as broad as electronic commerce or on-line services understandably attract the attention of a number of major policy departments and operational agencies, while encryption is addressed simply as an element of their broader studies. The focus of this review of encryption policy is to address law enforcement and national security interests, while ensuring individual privacy needs are safeguarded.
2.1.2 The review took as a reference point an observation made in the Barrett report on Telephone Interception in 1994 that
2.1.3 The question which obviously presents itself is whether the 1994 conclusion still stands or how it should be revised.
2.1.4 Barrett recommended the Law Enforcement Advisory Committee (LEAC) should keep the use of encryption under review and provide annual reports on its effect. 17 That task was assigned to Sub-Committee E of LEAC. It has submitted four reports to date 18. They note evidence of encryption being used in stored data (primarily hard disk) but none as far as communications are concerned. This view is qualified by the fact that the equipment used to intercept digitised signals transmitted over high-speed modems is forced to operate at the limit of capacity and some encrypted communications may not be captured. The bottom line judgement has to be that Barrett's conclusion stands intact but the time-frame is likely to be compressed. The problem is no longer a future one - the operational and investigative problem will be with law enforcement and the national security authority tomorrow.
2.2.1 Working alone on such a review, it was clearly impractical to invite written submissions or conduct public hearings. Related standing reviews already existed and others were established in the brief life of this Review. The primary issue was how law enforcement agencies and the national security service might retain their current investigative capability in a world where encryption may be generally used. The second issue was to establish if what was hidden from investigative agencies behind the veil of encryption would affect their effectiveness. Thirdly, if the impact was deleterious, should Australia be looking at emulating the type of response adopted by some foreign governments or do something else. And fourthly, should a decrypting capability for law enforcement be established and, if so, how might it be funded and maintained.
2.2.2 The structure of the Report reflects the major themes of the Review. There were some other issues and by keeping a constant eye on the Terms of Reference, these are addressed either separately or cognately.
2.2.3 The key constituencies for the review were easily identified: privacy guardians and those academics or experts who had revealed a close interest in this aspect of the debate; Commonwealth, State and Territory law enforcement agencies and the national security service; policy departments with an interest in the area; users; carriers and service providers; the information technology industry itself; and the banking or finance sector. Within quite severe resource limitations, the Review attempted to consult with a representative sample of all these sectors and expresses its appreciation for the time and thoughtful contributions which were made.
2.2.4 There were some areas of the Terms of Reference where it was not possible to make a satisfactory response or the limitations imposed on a single reviewer precluded the elicitation of the material on which a response may have been based. In instances where I was aware this occurred, I have identified areas which require further examination. Indeed, the situation in a number of these is far from settled and continuing close attention to developments in Australia and overseas is indicated. For the same reason, there are many instances where findings have not prompted recommendations but warrant close consideration. I believe Australia has suffered no damage from its disinclination to commit to a legislative or regulatory regime in the cryptography field and has had time to learn from or reflect on the early initiatives of other countries.
2.2.5 The Review addressed its terms of reference from a public policy perspective. Some understanding of the core elements of cryptography is necessary for informed discussion, but the Review did not seek to acquire, far less claim, technical expertise. To those who found themselves occasionally cast in the role of tutor and were then impelled to make over-simplifications to achieve even nodding comprehension, grateful appreciation is expressed.
2.2.6 As the Privacy Act does not apply to the private sector and the privacy impact of the issues raised in the Terms of Reference exclusively impact on the private sector, I thought it important to consult with both formal privacy protection bodies on the one hand and academics and industry experts on the other to gamer views in an area of uncertainty. I found much commonality. There is broad acceptance of the checks and balances at the Commonwealth level on intrusive investigations by law enforcement and the security service. While some changes to the scope of warranting provisions were seen as likely, these should be accepted by the community if the same level of stringency in the securing, execution and oversight of warrants is maintained.
2.3.1 Between the key constituencies mentioned above, some degree of tension was to be expected. What also became apparent was the differing philosophical position taken by various elements within each sector. This is illustrated simply by the government sector, where four separate policy departments represent the following discrete purposes:
Across such a spectrum of government interests, the fact of different philosophical approaches is not surprising. What is of concern ,however, is the lack of any coordination mechanism to bring together the disparate policy interests and review bodies. The policy outline with which the Government went to the 1996 federal election, Australia Online, elevates the protection of personal privacy above other considerations and eschews legislative action in the area of encryption. 19 The Review was advised these elements reflect the Minister's current thinking. It is not clear, though, how they and other elements infuse the policy development process throughout government.
2.3.2 Proposals for coordination arrangements are advanced in Chapter 6. The comments raised here are mentioned to understand the somewhat fragmented context in which the Review occurred.
Footnotes:
15
Report of the Review of the Long Term Cost Effectiveness of
Telecommunications Interception conducted
by Mr Pat Barrett, March 1994, paragraph 5.3.19, p 98. Commonly referred to as
the Barrett Report.
16
Ibid, p 99.
17
Ibid, Recommendation 5, p 16. The LEAC was established by the regulating
agency, the Australian Telecommunications Authority (AUSTEL).
18
Reports of December 1994, June 1995, December 1995 and June 1996.
19 Australia Online, op cit. See relevant section at Annex B of this report.
THE DIRECTION AND IMPACT OF ENCRYPTION
3.1.1 The ability to sketch confidently the direction of encryption would be a very marketable talent in the IT industry. Few are prepared to be expansive in their predictions, but some trends or tendencies have emerged. On one point all seem agreed - when personal computers are sold with standard software packages which offer a pull-down encryption facility, there will be wide use of encryption. There are plenty of encryption systems and applications available commercially and in the public domain. The volume has increased significantly over the past three years but not the variety. Commercial and private interest has principally been in the data storage area, with limited incursion into computer to computer communications. Criminal intelligence from law enforcement agencies overseas indicates the larger narcotics suppliers are using such encrypted links.
3.1.2 Likely developments over the next few years? Cryptography in modems, currently restricted by export restrictions; financial smart-cards with complete encryption which will defy transaction tracking; a continuing trend from encryption software programs to hardware-based systems; and always more speed. In the same period, communications will continue to become faster and cheaper. Relaxation of United States export controls would see systems with quality algorithms and long keys surge on to the market. There is little doubt the combination of these developments will see a major slow-down in the 'reading' capacity of the Sigint community for a period. How long that period may be and how it may be overcome are issues to be discussed in a framework of more sensitivity than the nature of this review permits.
3.1.3 And then there is quantum cryptography. Some argue it is the next wave, others dismiss it as fantasy. Gilles Brassard spoke on the subject at a cryptanalytical conference organised by the Queensland University of Technology in July 1995. He said quantum cryptography harnesses Heisenberg's uncertainty principle from quantum mechanics to allow two parties who have never met and who share no secret information beforehand to communicate in absolute secrecy under the nose of an adversary, regardless of her computing power. This is achieved by the exchange of very tenuous signals that consist on the average of one-tenth of one photon per pulse. Prototypes have been built that work over a distance of ten kilometres of optical fibre. 20 The optimists suggest commercial application is 15-20 years away, the sceptics argue it is light years
3.1.4 The short judgement of likely encryption developments may be summed up in three words which are an unintended parody of the Olympic motto: stronger, faster, cheaper.
3.2.1 There is already considerable evidence of encryption being used in the areas of organised crime, narcotics, pornography, illegal gaming for storing data. Criminal intelligence indicates the larger narcotics syndicates overseas already employ encrypted computer links (e-mail and telnet), but very few communications applications have been detected in Australia.
3.2.3 The telephone system is being used by criminal elements to send data from point to point and these exchanges are sometimes encrypted. The Review was given virtually no indication of voice communications being encrypted, though as early as 1991, an Australian company was importing voice encryption for PSTN circuits. 22 Considerable concern about hacking and phreaking was evinced, and evidence to support that concern, including attacks on law enforcement agencies own data bases. While the expected security rules that there should be no PSTN connection with the data bases apply, the reality is back-doors can be engineered by those with intimate knowledge of the systems. These activities are, however, outside the Terms of Reference of this Review.
3.2.5 In a speech in early February, 1996 an American academic, prominent on law and order issues, said:
3.2.6 Such an analysis of the medium-term future could be seen as much advocacy of the American model of key escrow as a depiction of an environment where such a model would offer attraction.
3.2.7 As the assessment is likely to be recycled, because of the weight accorded Dr Denning's views in the encryption debate, it has to be said it reflects either sudden and unreported change in the American scene or an exuberant use of the subjunctive tense. Only eight months earlier, in April 1994, Vice Admiral John M McConnell, Director of the National Security Agency, told the United States Senate's Judiciary Committee's Sub-Committee on Technology and the Law his agency's continuous monitoring of communications worldwide showed little was being encrypted. 25
3.2.8 A speech given by Louis Freeh, Director of the FBI, in late 1995 has been relied on by American conservative advocates to buttress their point of view. 26 He argued encryption should be viewed as a public safety issue, noting the Bureau was 'increasingly' being 'impeded' in its mission, not just in communications but data storage as well. He cited a terrorist case based in the Philippines which involved a plan to blow up a United States airliner as well as a plan to assassinate the Pope, a computer hacker and a child pornographer. There has been no public reference to new cases - surprising if 12 months ago the FBI was being impeded from performing its functions.
3.2.10 National statistics are not available for Australia but partial figures and the impression of those work-in. in the technical areas of law enforcement indicate we remain, fortunately, yet some distance from Denning's vision of Armageddon.
3.3.1 Regrettably, many judgements in a Review such as this must rely on anecdotal evidence. There is no reliable statistical data and the same privation will limit future related inquiries and affect, if not flaw, policy development. There is no requirement on carriers to report the take-up rate of services they market, the shift from one sector to another and the obligations of service providers are unclear. Similarly with suspected computer and communications offences, where reporting is patently uneven and often deliberately avoided.
3.3.2 Consequently, whether addressing the take-up rate of a service, the incidence of hacking or phreaking, or extortion on the threat of disabling computer systems, opinion can only be based on inference, anecdote and intuition. There is no central repository of reliable statistical information, a situation not improved by the reduction, through budgetary constraints in some areas, of the resources available for law enforcement to play a proactive role in this area.
3.3.3 The London Sunday Times articles detailing 'sting' attacks on financial institutions appeared early in this Review process. 27 They prompted a range of observations, albeit mostly anecdotal or hearsay, suggesting such attacks may not be as rare or geographically distant as the Australian community might wish. Law enforcement agencies acknowledged that institutions and corporations do not believe those responsible will be identified, let alone their assets recovered. The experience of the Sumitomo Corporation in Japan early in the Review period was a salutary reminder of the accuracy of this perception. Sumitomo admitted to its shareholders major fraud had taken place but had been stopped. The shareholders and the stock exchange exacted savage retribution for the confession.
3.3.4 The potential loss of public confidence, with the consequent perception of possible inability to meet commercial obligations, is central to financial institutions' reluctance to report major criminal activity. It was apparent to the Review that financial institutions are as restrictive in their internal communication as they are tacitum externally. An independent statutory body, funded by government, with a legislated code of confidentiality covering mandatory reporting to it and its own reporting arrangements to the parliament, operating under oversight of the Auditor-General, and independent of any external influences would be a sensible repository for the statistical data required by government and a source of advice and guidance to the corporate and commercial world. It would be able to undertake analysis of the data received, alert public and private sectors to activity trends and act as an expert witness in court proceedings.
3.3.5 Such a role would fit a body like AUSCERT, were it to be funded by the Commonwealth, placed under a strict regime of confidentiality, vouchsafed by the Auditor-General and guaranteed independence. 28 Its American equivalent is funded by the Department of Defense. The Department of Communications and the Arts commissioned a consultant to look at AUSCERT and the recommendations have now been enacted. The impact of that review on its functions should be able to be evaluated by mid-1997 when the envisaged role for AUSCERT or a similar body should be addressed by the proposed inter-departmental committee on cryptography.
3.4.1 While normally unhelpful to meet a question with a question, to address encryption technologies from a public policy point of view one first has to answer a question that is both philosophical and practical. As we develop the Global Information Infrastructure (GII) who should control it? The carriers, service providers, government, the people who use it or some amalgam of a number of these? Put another way, the question asks who should control data in the GII. Without data protection legislation in place, is the carrier prevented from acting at will with the data entrusted to networks. A traditional public policy view would argue government regulation and restraint of processes affecting civil rights and privacy produce more equitable outcomes. When governments fail in that role or, the people, at least in democracies, may proceed to remove those governments. To vest the responsibility with the carriers or service providers, those participating for profit, would expose a novel dilemma for the citizen - how does one 'throw out' a carrier or service provider judged to be abusing one's privacy or civil rights? The answer that one should shift to an alternate presumes availability and suitability, neither of which may be provided. The 'amalgam proposal' envisages governments picking up citizens' concerns, providing a framework of some sort within which carriers and providers would operate and regulate themselves.
3.4.2 At the international level, Australia is playing a significant role in the development of draft guidelines on cryptography, which will complement earlier guidelines on privacy and security of information. These should provide the international framework, to the central tenets of which it is hoped member countries would commit themselves. The process of guideline development has been measured, as the issue of cryptography policy opens for redefinition the citizen's relationship to the state and the role to be accorded governments within that relationship. National experience and expectations are very different and time is required to focus on trans-national principles. That the eye of some has been turned more to international arrangements they would wish to see in place has not helped a process which must work from first principles, formulate national policy on that basis and then move to bilateral and multilateral agreements.
3.4.3 The Australian Government's online industry election statement identified private commerce as the driver of innovation and investment in new online services. It proposed the establishment of an Information Policy Task Force (IPTF) to examine various policy issues and report to the Goveniment. 29 Meantime, many different committees and working groups are tasked with examining aspects of on-line services, electronic commerce, encryption, smart- cards and electronic cash and the daughter of Campbell 30 inquiry will pick up all of these and many more besides. These various bodies embrace, among others, the Attorney-General's Department, the Department of Communication and the Arts, the Department of Defence, the Department of Finance, the Department of Industry, Science and Tourism and a number of agencies. That is not surprising as elements of cryptography touch their functions. What is surprising is the uneven level of representation which some of those review groups attract. A formally established inter-departmental committee (IDC) would seem a more sensible and effective means of policy coordination and development than current arrangements. If established, the appropriate IDC representation would be at Branch Head level.
3.4.4 There is a need for one department to have the clear responsibility for cryptography policy and to coordinate the multi-faceted development of government policies which involve cryptographic applications. It would not seem sensible for the Department of Defence to assume this policy function. One of its portfolio organisations, the Defence Signals Directorate (DSD), is already tasked by government with the collection, production and dissemination of signals intelligence and 'to advise the Government on all matters pertaining to communications security and computer security'. 31 A role not confined solely to situations where national security could be adversely affected but also embracing sensitive official information requiring protection for privacy, financial or other reasons. 32 Defence's framework, however, is inextricably linked with sensitive and classified applications, primarily for its own and diplomatic purposes - instanced by its required alertness to dual use applications and global proliferation of cryptography. This would appear to make Defence a less than obvious choice for the role in question.
3.4.5 The Treasury and the Department of Finance have obvious interests in the whole field of electronic commerce, but cryptography is a discrete element of that issue and not a principal policy interest. The Department of Communications and the Arts has policy responsibility for broadband services, telecommunications and multimedia, but again cryptography stands a little apart from these. The Department of Industry, Science and Tourism approaches the issue from a developmental and export point of view, rather than a policy one. Embracing the interests of law enforcement, security, privacy, commercial law, intellectual property and protective security policy, the Attorney-General's Department may be seen as a preferred option to house the policy responsibility and chair the IDC. There is a need for Ministers urgently to address this issue and for it to be determined.
3.4.6 There would seem little doubt that when the major software manufacturers make available encryption applications, a majority of the world's computer users will access them. That time was not announced when this Review commenced and yet Microsoft presaged such a development in July 1996.
3.4.7 The most obvious implication for governments facing the astonishing pace of development in the communications and information sectors and the easy private availability of strong encryption is the fiscal one: such a proportion of financial transactions and movements may take place via virtual banking arrangements in cyberspace that governments may face progressive revenue starvation. Only slightly behind is the implication for the delicate balance our society has reached between privacy, law enforcement and security interests. Firstly, there is some inherent tension when these issues are conjoined.
Secondly, it is not simply a question of setting an individual's right against society's rights, for we do not face here a static balance. All who live in community accept there has to be some trade-off, but that trade-off is not an unqualified one. There must be limits. It is a flawed approach to assume a small or episodic interest of the state should necessarily predominate over the privacy interests of the individual.
3.4.8 From a privacy point of view, cryptography offers welcome security to the individual (person or corporation) and the opportunity to place data, stored or in transmission, beyond the reach of those who may seek to ascertain their private or commercial affairs. The Government's online election policy supported the availability of strong encryption, the principle of informed consent and the centrality of personal privacy in our society. It recognised not all would use encryption for honest purposes but placed the onus on law enforcement and security agencies to justify any measures which should outweigh the social and economic consequences of the loss of personal privacy and commercial security. 33
3.4.9 The range of situations likely to confront law enforcement and security agencies is as wide as their statutory mandates, but particular focus has to be given to crimes such as kidnapping or other threats of violence directed against VIPs or internationally protected persons, terrorist situations, extortion involving significant threats to public safety and attacks on the institutions of the state.
3.5.2 There have been major advances in cryptography in recent years and significant increases in commercial involvement. Cryptanalysis, however, does not necessarily maintain a constant distance behind cryptography. The interval will vary and, without moving into any sensitive detail, it cannot be expected - on budgetary, personnel and capital equipment alone - that cryptanalytical facilities will always be able to 'crack' commercial and public domain forms of encryption.
3.5.3 Law enforcement agencies noted, with some chagrin, it is not the seizure of property which poses difficulty for them. The problem arises from an inability to force disclosure of encryption 'keys' where a person invokes the principle of non self-incrimination. This problem of information being put out of reach of other than specified persons has resource implications for ASIO, where accessing plans for acts of politically motivated violence or terrorist incidents is a central part of that agency's function. It will make both human source and technical targeting a more difficult exercise - and increased difficulty impacts on flexibility, responsiveness and financial outlays.
3.6.2 It is clear secure encrypted communications are available now to the ordinary citizen with some computer literacy, the motivation to acquire the capability and the wish to communicate securely with like-minded and like- equipped people. Today, 'Smith' could use a commercial symmetric algorithm like IDEA, together with a 56-bit key producing strong cyphertext, to communicate with 'Jones', who, possessing the same algorithm and using a 56-bit key, would decrypt the message. Such a system is fast, a single key performs both the encryption and decryption function and any key number from a randomly generated pool may be used.
3.6.3 The exchange of the symmetrical keys discussed above might be performed with an asymmetrical algorithm using a pair of related but dissimilar keys, one of which is referred to as the private key and the other as the public key. The public key is then exchanged with all other parties with whom one wishes to communicate. Potentially such a key could be notified in a public directory and be accessed by all. To send a message to Jones, Smith uses a two stage process. In the first stage, he encrypts the symmetric key for the IDEA algorithm with Jones' public key (which is publicly available). In the second stage, Smith encrypts his message using IDEA with the symmetric key. Smith then sends the encrypted key and the encrypted message to Jones. On receipt of the two files, Jones performs the two-stage process in reverse. Firstly, she decrypts the symmetric key using her private key (which she alone knows) and uses this symmetric key with the IDEA algorithm to decrypt Smith's message.
3.6.4 Another level of strength is achieved by using separate 'session' keys for every message or series of messages. Automatic teller machines employs session keys which change with every transaction. A random source is used to generate, let us say, a 128-bit key which combined with IDEA produces a session key. That key is used to convert a message into cyphertext. But the key is also combined with RSA to produce an encrypted session key. 34 This is separately and first communicated to Jones and received in the 'start' compartment of the output file of her computer. When Smith sends his cyphertext message to Jones, she can decrypt it by using the specially encrypted session key which is now available to her. Such a system employs both RSA and IDEA and separate sessional keys.
3.6.5 Even if a law enforcement agency was to execute a search warrant against premises where Smith's computer was located and already had a copy of his public key, it would be extremely unlikely to be able to obtain a copy of the session key. Ibis would not be retained in Smith's computer. Unless Smith volunteered to whom communication from his computer was directed or Jones was known to be the addressee of that communication and law enforcement was able to await receipt and decryption, littl