Five Eyes Group goes tougher on encryption with vendors and providers. They can voluntarily establish lawful access solutions
The governments of the Five Eyes group – United States, United Kingdom, Canada, Australia, and New Zealand – go tougher on encryption with the vendors and providers. In a recent meeting, they agreed a document, the Statement of Principles on Access to Evidence and Encryption, in which they remind that communications technology vendors and service providers have a “mutual responsibility” to offer “further assistance” to law enforcement agencies over encryption issues. “Governments should recognize that the nature of encryption is such that there will be situations where access to information is not possible, although such situations should be rare,” a statement reported. The service providers have the option to “voluntarily establish lawful access solutions” and the “freedom of choice” in how they do it. “Such solutions can be a constructive approach to current challenges.”
But governments can also pursue technological, enforcement, legislative, or other measures to achieve lawful access solutions
But “Should (Five Eyes) governments continue to encounter impediments to lawful access to information necessary to aid the protection of the citizens of our countries, we may pursue technological, enforcement, legislative, or other measures to achieve lawful access solutions.” Furthermore, “all governments should ensure that assistance requested from providers is underpinned by the rule of law and due process protections.”
United States, United Kingdom, Canada, Australia, and New Zealand: We called for the further development and expansion of capabilities to prevent upload of illicit content, and to execute urgent and immediate takedowns
Furthermore, the Five Eyes governments explain that “while senior digital industry representatives did not accept our invitation to participate in discussions on pressing issues regarding the illicit use of online spaces, we reiterated the need for digital industry to take more responsibility for content promulgated and communicated through their platforms and applications,” reported the official communiqué. “We called for the further development and expansion of capabilities to prevent upload of illicit content, and to execute urgent and immediate takedowns.” In this case is “reiterated the importance of industry investment in human and automated detection capabilities, underscoring the need for major companies to set industry standards and to help smaller companies deploy these capabilities [and] for increased efforts to counter foreign interference and disinformation conducted via online platforms”.