In The Register

First to the lectern was Mike Burgess, director general of the Australian Security and Intelligence Organisation, who opened by saying “The internet is a transformative information source… and the world’s most potent incubator of extremism.”

As he outlined an argument that a dynamic tension exists between security and technology, Burgess added “encryption protects our privacy and enables our economy…and creates safe spaces for violent extremists to operate, network and recruit.”

[…]

“But even when the warrant allows us to lawfully intercept an encrypted communication, we cannot actually read it without the assistance of the company that owns and operates the app,” he said. “The company has to be willing and able to give effect to our warrant.”

[…]

ASIO boss Burgess also discussed AI, a technology he said is “ equal parts hype, opportunity, and threat”

[…]

“Finding a critical piece of intelligence is less like looking for a needle in a haystack than looking for a needle in a field of haystacks,” he said. “AI makes that process easier and faster; it can identify worrying patterns and relationships in minutes and hours rather than weeks and months.”

But only if the data it’s working on isn’t encrypted.

There's the sleight of hand; start out talking about executing warrants, and while people are nodding, slip ever-so-gradually into advocating for carte blanche to conduct limitless, methodologically dubious, extrajudicial fishing expeditions.

Google intended its Web Environment Integrity API, announced on a developer mailing list in May, to serve as a way to limit online fraud and abuse without enabling privacy problems like cross-site tracking or browser fingerprinting.

[…] 

To do this, the system would need to check, via attestation, whether the visitor's software and hardware stack met certain criteria and thus was authentic. That's great until it's abused to turn away visitors who have a setup a website owner isn't happy with – such as running a content blocker or video downloader.

Technical types saw this immediately, and became concerned that Google wanted to create a form of digital rights/restriction management (DRM) for the web. One benefit could be that ad fraud might be easier to prevent; but the risk is that the API could be used to limit web freedom, by giving websites or third-parties a say in the browser and software stack used by visitors.

Apple incidentally has already shipped its own attestation scheme called Private Access Tokens, which while it presents some of the same concerns is arguably less worrisome than Google's proposal because Safari's overall share of the web browser market across all devices is far lower than Chrome's.