The move came after employees working for OPTF were approached by the Victoria police and Australian federal police over several months including via help chat messages, letters and phone calls. Victoria police also visited the apartment of an employee late last year, asking questions about the app and its encrypted messaging, the company says.
Under anti-terrorism laws passed in 2018, law enforcement can issue notices requiring developers to assist with an investigation. This can include technical assistance which could require companies to build capability for law enforcement to break the encryption used in their services.
But the powers have rarely been used. And if they had, neither the AFP or the services targeted can divulge what an organisation has been ordered to do.
The office of the home affairs minister, Tony Burke, was approached for comment.
The Greens digital rights spokesperson, Senator David Shoebridge, said it was a problem if Australia had policies hostile to end-to-end encryption while privacy law was failing to protect people’s personal information.
He said the AFP approaching Session employees was “seriously troubling”.
“Are police now taking the view that just trying to protect your privacy makes you potentially guilty?
“We need a sovereign tech industry that delivers safe and secure products for local users and to make this happen the industry is telling us they urgently need an effective suite of privacy and data laws.”
Good to see this getting some coverage in mainstream outlets, and by the Greens.
Did the image need to be a spooky-scary guy, though?
Except it can eg, bypass lawyer/client privilege
I don’t see how - lawyer-client privilege applies no matter the medium of communication, surely?
My poor sweet summer child…
?
You should look up the Lawyer X scandal that occurred in Australia. Police don’t respect anything.
Yeah, I’m aware of the Gobbo case. But, like, lawyer-client privilege is a legal construct, so if the cops are willing to break the law, then, yeah, of course it doesn’t protect you. If they’re willing to illegally access your messages through an E2EE messaging app, then they are presumably willing to access it illegally through people you’ve communicated information to in cleartext. I could be being dense, but I just don’t understand what point No1 was making.