Introduction

Proton, the Switzerland-based encrypted email service, has taken a firm stand against the Australian online safety regulator’s proposed standards that could potentially weaken encryption. The company’s founder, Andy Yen, has vowed to fight in court rather than compromise user privacy.

Proton will never break encryption for any gov’t. If it comes down to it, we’ll fight #Australia’s eSafety regulator in court rather than spy on our users.

Read @andyyen’s take on Australia’s eSafety proposals in this interview with the @guardian. (1/2)https://t.co/pvu9yQVgXFβ€” Proton (@ProtonPrivacy) December 15, 2023

Take Action: Sign the joint letter in response to Australian eSafety proposed industry standards – Global Encryption Coalition

Background of the Issue

The eSafety commissioner of Australia, Julie Inman Grant, proposed standards requiring cloud and messaging service providers to detect and remove known child abuse and pro-terror material β€œwhere technically feasible.” This includes disrupting and deterring the creation of new harmful content.

Proton Mail Joins Global Encryption Coalition to Challenge Australia’s eSafety Standards

Concerns Over Privacy and Encryption

Privacy and security groups, including Proton, argue that these draft standards could force companies to compromise encryption to comply. The eSafety regulator has stated that it does not advocate for weaknesses or back doors in encrypted services. However, the concern remains that the standards, as written, could lead to such outcomes.

Proton’s Stance

Andy Yen, Proton’s founder and CEO, expressed concerns that the proposed standards would require services, encrypted or not, to access, collect, and read users’ private conversations. He emphasized that these measures could force companies to bypass their encryption, posing risks to businesses and citizens while being ineffective against online harms.

Legal Preparedness

Proton has a history of upholding its encryption standards in various countries, including Iran and Russia. Yen stated that Proton would not change its product or break encryption in Australia and is prepared to fight any enforcement notice in court.

eSafety Commissioner’s Response

The eSafety commissioner welcomed feedback on the draft standards, including on the technical feasibility exception. The associated discussion paper clarifies that the standards do not require service providers to design systematic vulnerabilities into encrypted services.

Industry Safety Codes

Alongside this issue, five other industry safety codes covering social media, internet service providers, equipment providers, hosting services, and apps are set to come into effect. These codes aim to put the onus back on the industry to act against harmful content on their platforms.

Feedback and Finalization

Feedback on the draft standards is open until December 21, with the eSafety commissioner considering refinements before finalizing the standards.

Conclusion

Proton’s legal challenge against Australia’s eSafety regulator highlights a critical debate on balancing online safety with the right to privacy and secure communication. The outcome of this battle could have significant implications for tech companies and users globally, setting a precedent in the ongoing tension between privacy rights and regulatory efforts to combat online harms.

🎧 Related Podcast Episode