Crims using encrypted platforms 'almost exclusively', ACIC claims

Encrypted messaging platforms are being used “almost exclusively” by serious and organised crime groups, according to Australia’s national criminal intelligence agency.

The Australian Criminal Intelligence Commission made the claim in its submission to a parliamentary inquiry examining the Surveillance Legislation Amendment (Identity and Disrupt) Bill.

If passed, the bill will create three new warrants, one of which will allow ACIC and the Federal Police to take control of a person’s online account to gather evidence about serious offences.

Other warrants will allow for data “disruption”, including the ability to “add, copy, delete or alter data”, and network intelligence gathering.

In its submission [pdf], the ACIC said “encrypted communications platforms” are used “almost exclusively” by serious and organised crime (SOC) groups and that there is “no legitimate reason” to use them.

“These platform are used almost exclusively by SOC groups and are developed specifically to obscure the identities of the involved criminal entities,” it said.

“They enable the user to communicate within closed networks to facilitate highly sophisticated criminal activity.

“ACIC observation shows there is no legitimate reason for a law-abiding member of the community to own or use an encrypted communications platform.”

ACIC’s submission does not indicate whether it is specifically referring to platforms that use end-to-end encryption like a previous submission to the inquiry by the AFP.

“Some [dedicated encrypted] platforms are marketed directly to organised criminal groups, and have been used to facilitate a substantial level of criminality,” the AFP said in its submission.

Asked for its definition of encrypted communications platforms and what evidence it has to inform the claim, ACIC told iTnews it "fully supports and recognised the legitimacy of readily available encrypted communications applications", which is at odds with its submission.

"The ACIC does not support the use of dedicated encrypted communications platforms which can only be used to communicate with similar devices, such as SkyECC, Encrochat and Phantom Secure," a spokesperson said.

"These platforms were developed specifically to obscure the identities of the user, which enables communication within closed networks to facilitate highly sophisticated criminal activity.

"The ACIC has no information to suggest these types of devices had a legitimate use before they were disrupted by law enforcement."

ACIC plans to use the new powers to understand and gather intelligence on criminal groups who use encryption to conceal criminal activities such as money laundering and drug smuggling.

It said the bill would address “gaps in current electronic surveillance powers” that have made it increasingly difficult for it to “discover, target, investigate and disrupt the most serious of crimes”.

“The electronic surveillance powers currently available… are not sophisticated enough to identify and disrupt the totality of activities SOC entities are undertaking through the use of modern anonymising technologies,” the ACIC said.

It said that while the encryption-busting powers passed in 2018 had “greatly assisted law enforcement to combat SOC groups”, additional powers were needed to “meet technology developments”.

“The ACIC seeks the amendments sought under this bill in order to fulfil its role as Australia’s national criminal intelligence agency, through the collection, assessment and dissemination of criminal intelligence and information,” ACIC said.

“To deliver on this purpose, the powers and capabilities of the ACIC must keep pace with technological trends and emerging threats to ensure the agency is able to adequately tackle serious cyber-enabled crime and sophisticated criminal groups using encrypted platforms.

“Enhancing the ACIC’s ability to collect intelligence, investigate and disrupt criminal activity should be a priority to ensure its enduring ability to respond to the challenges posed by criminals impacting Australia.”

Updated at 4:45pm to include statement from ACIC