Jim O'Callaghan

The justice, home affairs and migration minister last week said in a speech that a new Communications (Interception and Lawful Access) Bill would “establish the clear legal principle that interception powers apply to all communication services”.

He said the existing Interception of Postal Packets and Telecommunications Messages (Regulation) Act 1993 “has been impacted by developments in technology and debates on the appropriate balance of individual privacy rights”.

In his speech, Mr O’Callaghan noted: “Some companies and commentators argue that it is not technically possible to provide for lawful interception of encrypted digital communications or, if possible, it should not be permitted on the basis that it is an unacceptable intrusion on individual privacy and human rights.

“It is also asserted that it is not possible to limit the application of an interception power to encrypted communications involving bad actors — if encryption is weakened for a subset of cases, encryption will end up weakened for everyone.”

However, he said he was engaging with EU partners on shared efforts to find “technology solutions to enable encrypted data to be accessed in a lawful manner while safeguarding cybersecurity”.

The new Irish legislation would, he said, include “enhanced legal safeguards, including for the first time judicial authorisation” and would be developed following wide consultation.

The minister said he believed that “effective lawful interception powers can be accompanied by robust privacy, encryption and digital security safeguards, to ensure that they are only used when necessary and proportionate”.

However, a privacy expert with the Irish Council for Civil Liberties (ICCL) told Irish Legal News she has “grave concerns about any proposals to force companies, such as WhatsApp or Signal, to weaken or break their encryption for law enforcement access”.

Olga Cronin, ICCL’s human rights and surveillance senior policy officer, said she accepted that “the 1993 Act on interception of communications has remained largely unchanged since 1993 while our methods of communication have changed”.

She said more details were needed on the safeguards to be included in the new legislation, which would need to include “independent judicial authorisation and strict controls on the use of the data”.

However, she expressed scepticism about the technological basis of any new interception powers covering encrypted communications.

“End-to-end encrypted messaging services are vital to protect the privacy and security of citizens and governments’ communications around the world,” Ms Cronin said.

“Encryption is also central to protecting our everyday activities online such as personal banking, online shopping, accessing health data, and carrying out our employment.

“The notion that we can create ‘safe’ backdoors just for the ‘good’ guys is a fantasy. Cybersecurity experts around the world agree — you cannot open the door a little without opening it for everyone, including criminals and hostile actors.

“The European Court of Human Rights has warned that such measures could enable routine, general and indiscriminate surveillance and be exploited by malicious networks, thereby compromising the security of all users’ electronic communications.”

She urged Mr O’Callaghan to “consult openly with technologists, civil society, and cybersecurity professionals before advancing any legislation that could damage the digital privacy and security of everyone”.