On Sat, Dec 08, 2018 at 06:26:21PM -0800, Owen DeLong wrote:
Which is it…
It’s being reported on NPR as “Australia required Apple and others to remove encryption protections from their devices.”
That’s a massively different (and arguably even worse) outcome than “Australia is requiring Apple and others to provide decryption technology to law enforcement.”
Part of the problem is... nobody really knows. There's very little meaningful oversight or judicial review of the whole system, and the law is *very* badly written, vague and without any clear guidance as to what is *actually* required. It doesn't even define things like "systemic weakness", which is the standard by which a required change is judged when determining whether it is within the scope of the law: anything which doesn't introduce a "systemic weakness" is a-OK. I'd say lawyers are going to make a fortune out of arguing this, except as I said, there's very little judicial oversight. Someone who is asked to do something which they think introduces a systemic weakness is basically SOL if the Attorney General and Communications Minister disagree. - Matt