Washington — The U.S. and Australia announced the beginning of negotiations on Monday over an agreement that would significantly boost law enforcement cooperation under a 2018 U.S. law meant to facilitate cross-border data access for investigators.
The move comes days after the U.S. signed a similar landmark agreement with the U.K. Under the 2018 Clarifying Lawful Overseas Use of Data (CLOUD) Act, the agreement gives American and British law enforcement agencies the power to compel tech companies in either country to provide data relevant to investigations about serious crimes including terrorism, child sexual abuse and cybercrime.
If finalized, the agreement between the U.S. and Australia is expected to include similar terms.
"We have some way to go before the agreement is finalized, but once in place it will mean service providers based in the United States can respond directly to electronic data requests issued by our enforcement agencies under Australian law for data critical for the prevention, detection, investigation and prosecution of serious crime," said Peter Dutton, the Australian minister for home affairs.
The negotiations come on the heels of a Department of Justice summit on Friday where Attorney General William Barr and officials from the U.K. and Australia voiced concerns about Facebook's proposal to implement end-to-end encryption across its platforms.
End-to-end encryption provides strong protections for users' privacy, but can also make it difficult for law enforcement to access important data in urgent investigations.
Facebook has been a valuable partner to law enforcement, and filed 16.8 million reports to the National Center for Missing & Exploited Children (NCMEC) in 2018, accounting for about 90% of all tips. End-to-end encryption would prevent anyone other than the participants from seeing the contents of private conversations on platforms like Messenger.
"Privacy is important. So is cybersecurity, and the integrity of user data," Deputy Attorney General Jeffrey Rosen said. "But there are other important values, like user and public safety that also need to be considered and factored in. If we lose sight of that, we fail to honor the victims of these horrible crimes — victims who are often the most vulnerable members of our society."
In a Facebook post about the company's encryption plans in March, CEO Mark Zuckerberg wrote that Facebook would work to "improve our ability to identify and stop bad actors across our apps by detecting patterns of activity or through other means, even when we can't see the content of the messages, and we will continue to invest in this work."
But in a letter to Zuckerberg on Thursday, Barr, Dutton, Acting Homeland Security Secretary Kevin McAleenan and British Home Secretary Priti Patel said the company hasn't done enough. If Facebook were to go ahead with end-to-end encryption, they wrote, the number of child exploitation reports would decrease by 70%, citing an estimate from the NCMEC.
"When it comes to preventing crime, we hope the industry will continue to be an ally, not an adversary," Barr said on Friday.
Barr said CLOUD Act agreements would help law enforcement track down criminals, and pushed Facebook and other tech companies to be more vigilant in uncovering crimes on their platforms.
"While we should not hesitate to deploy encryption to protect ourselves from cyber criminals, this should not be done in a way that eviscerated society's ability to defend itself against other kinds of criminal threats," Barr said. "In other words, making our virtual world more secure should not come at the expense at making us more vulnerable in the real world."
Clare Hymes contributed to this report.