The system for providing communication information to the Japanese government will only introduce a vulnerable mechanism against cyber attacks: once again calling for the withdrawal of the Cyber Espionage and Cyber Attack Bill
“Backdoors” as prime targets for new cyber attacks
The Cyber Espionage and Cyber Attack Bill is currently under review in the House of Councillors. The organizations that have signed this statement have consistently called for the withdrawal of this bill. We once again state the reasons why it should be withdrawn and urge the government, which submitted the bill, and the opposition parties that supported it, to withdraw it.
A system for providing communication information to the government would grant cyber attackers unprecedented new means of accessing communication information.
Cyberattacks and other harmful acts targeting information and communications networks target the entry points where internal and external communications connect to the internet. Defending these entry points is the role of communication service providers and other network administrators, which is similar to securing the entrances and exits of a building.
The only way to achieve perfect security for information within an organization is to completely isolate and seal off internal communications from the outside world, thereby preventing any information from entering or leaving the organization. However, this system would make communication with the outside world impossible, thereby compromising the fundamental function of information and communications, which is to facilitate communication with the outside world. Therefore, it is essential to have an “entry point” for communication with the outside world.
This bill would require communication service providers to establish a separate “back door” distinct from existing “entrances and exits” to enable government agencies such as the police and Self-Defense Forces to access communication information. In other words, it would involve creating an additional entrance and exit between the organization and the outside world for the purpose of providing communication information to the government.
For illegal intruders into the network, this backdoor will become a new entry point that did not previously exist. To use an analogy, it is like installing a “police-only entrance” in addition to the existing entrances to ensure the safety of a building. From the attacker's perspective, this means one more point of attack.
The government will argue that the backdoor is capable of perfectly defending against illegal intrusion from outside.
However, since the people managing the communications information that passes through this backdoor have the ability to open and close the door, whether intentionally or accidentally, the backdoor inherently possesses a vulnerable nature. Furthermore, this backdoor, which provides the technical possibility of comprehensively collecting communications information, results in the government itself creating an environment that is more vulnerable to cyberattacks. This is the exact opposite of what the bill intends to achieve.
The fundamental principle of network security is to minimize points of contact with the outside world, keep systems as simple as possible, and ensure that communication information is accessible only to its intended users. This bill significantly deviates from this fundamental principle of security.
Therefore, telecommunications carriers should not agree to the government's request for cooperation as outlined in this bill. We urge all telecommunications carriers to express their opposition to this bill based on their social responsibility as telecommunications carriers.
Political activists, human rights activists, journalists, and other individuals who are inconvenient to the government will be targeted
The bill contains various provisions that are intended to restrict the collection and analysis of information. However, we believe that regardless of the wording, as long as the government has the technical capability to collect communications information comprehensively, it will be impossible to prevent comprehensive collection, surveillance, and espionage.
Unfortunately, the law cannot completely control technology. For example, speeding cars exist because it is technically possible to manufacture cars that can exceed the legal speed limit.The same applies to this bill. Even if the law includes various restrictions on the collection of communications information, it does not include technical restrictions. The Diet has not discussed technical details such as programs for the collection of communications information or cyberattack methods. Therefore, we strongly fear that once the information collection system is established, there is a risk that illegal acts will become technically possible, just as they are with cars.
Various cases can be imagined in which this information collection could be dangerous.
It could be used as a means of collecting information on opposition lawmakers who hold seats in the Diet. It is necessary to be prepared for the possibility that privacy information that could be disadvantageous in elections or internal party discussions that are not supposed to be disclosed to the outside world could be leaked to the government through information and communication systems. Even ruling party lawmakers could be subject to “background checks” on their eligibility for cabinet positions, for example, using communication information as a technical means.
Journalists face an extremely high risk that communications with their sources, including whistleblowers, will be monitored by the government. In such cases, the safety of those being interviewed cannot be guaranteed. This could lead to interviewees becoming more cautious and refusing to cooperate with interviews. Such a situation would make it difficult to expose abuses of power and would constitute a clear violation of press freedom.
The same applies to lawyers. If communication information is monitored by the government, the confidentiality of communications with clients cannot be technically ensured, making it impossible to guarantee their safety and increasing the risk of leaks of internal information related to litigation. This is particularly problematic for lawyers facing power crimes against the state, as the technical environment makes it easier for the government to monitor information.
Activists opposing government policies are also exposed to a technological environment where their personal relationships and organizational structures can be monitored in greater detail by the police. In particular, groups and individuals in Japan working with immigrants, refugees, and others with overseas roots are subject to stricter surveillance of communications with overseas entities.Furthermore, movements opposing U.S. military bases will be exposed to an environment where it becomes easier to provide communication information related to opposition activities to the U.S. military through the Japanese government.
Needless to say, comprehensive communication information collection backdoors will allow the government to obtain information related to people's daily privacy, and it is not the case that only those involved in social activities will be subject to surveillance and spying.
* Do you still support the bill?
We ask all members of the National Diet: This bill will create a new vulnerability to cyberattacks that did not exist before. Do you still support this bill?
The issues regarding the backdoor in this bill mentioned above are only a small part of the overall problems with the bill. These issues are important but have not even been discussed in the Diet, which is why we are raising them here. We urge all members of the Diet to pay attention to this issue and call for the bill to be withdrawn.
May 12, 2025
JCA-NET
ATTAC Tokyo Metropolitan Area
Anti-Surveillance Information
Femin Women's Democratic Club