Following last week’s terrorist attack in London, the UK government has renewed a familiar campaign against digital encryption. Echoing criticisms made in 2015 by then prime minister David Cameron after the Charlie Hebdo attacks in Paris, UK home secretary Amber Rudd this weekend described the government’s inability to read messages on end-to-end encrypted messaging apps as “completely unacceptable.”
“We need to make sure that organizations like WhatsApp don’t provide a secret place for terrorists to communicate with one another,” Rudd said on the BBC’s Andrew Marr Show on Sunday. “It used to be that people would steam open envelopes or just listen in on phones […] but in this situation we need to make sure our intelligent services have the ability to get into situations like encrypted WhatsApp.”
Rudd’s comments were criticized for her apparent lack of technological understanding, but they outline a familiar and global battle between governments and tech firms. After the San Bernardino attack in December 2015, the US government made similar complaints, demanding that Apple de-encrypt an iPhone belonging to one of the shooters. (They later gave up the legal battle and used a purchased exploit instead.) And in Brazil, the government has blocked WhatsApp on a number of occasions for allegedly failing to cooperate with police investigations.
In response to Rudd’s comments, security and privacy experts outlined the dangers of introducing backdoors into encrypted apps. Jim Killock, executive director of the Open Rights Group, said such a move would “make millions of ordinary people less secure online.” He added: “We all rely on encryption to protect our ability to communicate, shop and bank safely.”
The former cyber security chief of the UK’s Ministry of Defense, Major General Jonathan Shaw, also criticized the move, suggesting that ministers’ motivations were opportunistic. Speaking on BBC Radio 4’s Today program, Shaw said the government was trying to “use the moment” to extract concessions from tech companies. He added that any encryption backdoor would only provide temporary help. “The problem will mutate and move on,” said Shaw. “We are aiming at a very fluid environment here. We are in real trouble if we apply blunt weapons to this, absolutist solutions.”
Although many in the tech industry believe attempts to ban encryption are futile, it’s not clear exactly how the UK government would proceed, and it seems unlikely that a full “ban” would be contemplated. Following the introduction of new surveillance legislation last year, the UK has the legal justification needed to compel tech companies to de-encrypt messages, but those companies might say this isn’t technically feasible or just ignore such demands. What happens next is anyone’s guess. “It is difficult to see how the UK Government could force a US-based company like WhatsApp to comply,” Killock told The Verge.
Rudd is expected to meet with representatives from tech companies including WhatsApp and Facebook later this week.
UK government renews calls for WhatsApp backdoor after London attack – The Verge