Canada Among Five Countries Calling for Backdoors Into Encrypted Products

September 4, 2018

As cybersecurity measures grow stronger and companies pour resources into protecting their data and products from malicious attacks, governments are growing concerned that they too may end up locked out when important information needs to be accessed.

Canada has joined with the U.S., the U.K., Australia and New Zealand to call for tech companies to build backdoors into their encrypted products to better allow access for law enforcement. This new statement comes out of the Five Eyes pact, an intelligence-sharing agreement between the five countries. As part of the pact, various statements were made regarding a host of different issues related to technology, including open internet, migration and border management, and the sharing of criminal information.

The statement made on encryption stands out amongst the rest, however, due in part to the five countries also releasing a separate memo on the matter. Encryption can sometimes be used in conjunction with terrorist and criminal activities, so the statement looks to address better ways to access services or products that are protected—all without actually weakening the encryption mechanisms themselves.

“The inability of intelligence and law enforcement agencies to lawfully access encrypted data and communications poses challenges to law enforcement agencies’ efforts to protect our communities,” the statement reads. “Therefore, we agreed to the urgent need for law enforcement to gain targeted access to data, subject to strict safeguards, legal limitations, and respective domestic consultations.”

The five countries implore tech companies to begin voluntarily adding backdoors into their products for “lawful” access, but if governments “continue to encounter impediments” on their path to access encrypted criminal data, they could be forced to mandate a way in.

“The increasing gap between the ability of law enforcement to lawfully access data and their ability to acquire and use the content of that data is a pressing international concern…Otherwise, court decisions about legitimate access to data are increasingly rendered meaningless, threatening to undermine the systems of justice established in our democratic nations,” the statement reads.

At this point, the call for universal backdoors is more of a plea than a legally-binding document. Each of the five countries would have to best consider how to implement their own principles from the statement, which focus on mutual responsibility, how the rule of law and due process is paramount, and the freedom of choice for lawful access solutions.

Interestingly enough, Canada’s recently released National Cyber Security Strategy does not touch on the idea of backdoors into services or products for the use of collecting evidence. It does focus on enhanced encryption methods via quantum computing and satellites, but it seems this Five Eyes statement was made to directly address tech companies that are currently shunning the idea of introducing a government-accessible backdoor.

As part of the intelligence-sharing meeting, the five countries also released another statement meant to counter the illicit use of online spaces in an effort to protect citizens from child predators, terrorists, violent extremists. This would be done by developing capabilities to prevent illegal content from ever being uploaded, deploying automated functions when there’s a failure to prevent illegal content, build hash sharing efforts to assist in removing illicit content, and setting more ambitious industry standards.