End-to-end encryption is once again under attack by authorities, this time in the UK and, once again, the idea is to undermine this fundamental feature of internet security by forcing tech companies to install backdoors in their apps and services.
UK’s Home Office wants to force Facebook to undermine the security of its products – Messenger, WhatsApp, and Instagram chat – in order to allow both police and spy agencies access to conversations they wish to see.
As security experts have been warning for years, once such a vulnerability is present, it can be used by anyone, including criminals and other bad actors – but British law enforcement and politicians pushing the idea still seem to think that they will be the only ones exploiting it.
In fact, the Home Office went as far as to declare end-to-end encryption “an unacceptable risk” to user safety and even to society – instead of recognizing that eroding encryption brings with it the threat of mass surveillance under the assumption that everyone’s a criminal, as organizations like the Open Rights Group are warning.
This privacy group also urged PM Boris Johnson not to abandon his dying libertarian instincts and go along with what are said to be dangerous and Orwellian impulses of the country’s law enforcement.
Facebook has in the past defended its deployment of end-to-end encryption as a way to keep users and their private information safe from hackers and thieves.
As is so often the case when authorities promote the demise of end-to-end encryption, the way they justify it is by citing the need to protect children from online predators, or prevent terrorists and other criminals from communicating.
The way the UK plans to force Facebook to comply and build in backdoors is thought to be by using legal orders called “technical capability notices.”
These secret notices were ushered as part of the Investigatory Powers Act passed in 2016, in response to Edward Snowden’s revelations about mass surveillance carried out by the US and the UK.
The act was at the time blasted by activists, including Snowden himself, as allowing for the most extreme surveillance ever enacted in western democracies.
Yet, while politicians are considering an attempt to ban end-to-end encryption, it’s also politicians that are making the most of it to prevent investigations into what they’re been up to.
UK government officials could be banned from using the self-destruct message feature on encrypted messengers such as WhatsApp and Signal, if a recent legal challenge is successful. A public interest group is arguing that encrypted messengers and the self-destruct messages feature could result in lack of accountability.
WhatsApp and Signal are one of the most preferred messengers by government officials in the UK and elsewhere. These platforms come with end-to-end encryption, a level of security that ensures only the sender and recipient can see the messages.
It is not wrong for government officials to prefer secure messaging options. However, they might be using these platforms to shield themselves from accountability; and, as a public servant, there’s a fine line between security and obscurity.
According to a report on the BBC, transparency campaigners have sent a letter to the government arguing the potential lack of accountability should government officials use the self-destruct messages feature.
An official guidance that came into effect in 2013, requires the retaining of official communications by cabinet ministers, but only “if it is needed for substantive discussions or decisions in the course of conducting business.” Per the law, messages between a minister and special advisors on government policy, for example, would need to be retained.
The law mandates the recording and archiving of such communications. However, it is the responsibility of the sender or recipient to record the messages.
A spokesperson for the Cabinet office told BBC that copies of official communications are “retained in line with the guidance.” The spokesperson added that there are “appropriate arrangements” in place to make sure the guidance is followed, and that the arrangements are “kept under periodic review.”
Understandably, some still feel more needs to be done to make sure official communications via encrypted messengers are kept and archived.
The legal challenge has been brought by a non-profit political group called Citizens through the law group Foxglove. The Citizens warned that encrypted messengers’ features carry the risk that our current time might be a “black hole” in history.
“We are in an unprecedented national emergency and we are going to have no records of how decisions were made or even who made them,” a spokesperson for the Citizens added.
“Government business is being conducted under a cloak of secrecy enabled by the tech platforms. The only way we can have any hope of holding power to account or even simply maintaining the historic record is through transparency.”
The group’s letter to the government demands a disclosure on the current measures in place to ensure important official communications are recorded and archived as the law requires. If the group does not receive a satisfactory answer within two weeks, it will proceed to a judicial review.