AWS on Australia’s encryption Bill and government-wide contract

Many governments are mulling similar legislation to the Australian Bill. Amazon is playing a wait & watch game on what actually gets implemented in Australia…:

[…] Speaking with a handful of journalists during Amazon Web Services (AWS) re:Invent last week, president of security engineering and AWS CISO Steven Schmidt discussed Australia’s encryption laws and did not rule out the potential to challenge the law in court.

“Encryption is one of those topics that is extremely complex and it’s something where, like everyone else, we recognise the legitimate needs of law enforcement and intelligence organisations to protect people,” Schmidt told journalists.

“At the same time, we have to make sure that any implementation of a particular law or regulation understands the privacy requirements of people everywhere, and it is extremely dangerous to build in backdoors in encrypted systems.”

As the Bill is only a year old, Schmidt said it’s unclear what the actual implication is going to be, saying it is a matter of waiting to see what happens over time.

“But what we’re very concerned about is any kind of regulation or law that would require a company to build a backdoor in encrypted systems,” he said.

“We’ve heard a lot customers ask questions, we’ve heard a lot of customers be concerned about it, what we advise customers to do in those circumstances is just use the encryption services that we’ve got, we will make sure to help them architect their systems and services as efficiently and effectively as we possibly can, and we’ll see what happens.”

[…]

Original Article