Why Amber Rudd's anti-WhatsApp encryption spiel is 'technologically illiterate rubbish'
Experts warn Amber Rudd's anti-encryption proposals would put UK citizens at risk.
If UK Home Secretary Amber Rudd listened to any cybersecurity expert for 10 minutes she would quickly come to understand how nonsensical her "incompetent, illiterate meddling" against strong encryption technology has come to be, experts warn.
Rudd believes that end-to-end encryption (E2E), used in apps like WhatsApp and Telegram, aids terrorism and as a result it is bad news. In an article in The Telegraph this week (1 August), Rudd claimed that "real people" don't expect security in their digital services.
Despite the UK having one of the most invasive surveillance regimes in the world – under the Investigatory Powers Bill – giving police and security services the ability to literally hack into targeted smartphones and computers, it's not enough for Rudd.
She wrote: "Real people often prefer ease of use and a multitude of features to perfect, unbreakable security. So this is not about asking the companies to break encryption or create so called 'back doors'. Who uses WhatsApp because it is end-to-end encrypted?"
She went on to not-so-subtly plead for back door access. The home secretary, like Theresa May before her, is likely just mirroring what the UK security services are saying.
Officials from British intelligence have long feuded with encryption and, much like their US counterparts, complain it offers criminals safe spaces to chit-chat. It works by ensuring that only the sender and recipient of a message can read its content – not the firm who made the software.
Metadata is still collected; the time of messages and who is contacting whom. As Facebook's Sheryl Sandberg told the BBC: "The message itself is encrypted but the metadata is not, meaning that you send me a message, we don't know what that message says, but we know you contacted me." That is available to governments upon warranted request, said Sandberg.
Experts say the use of end-to-end encryption is not up for debate, that ship has sailed. It is used to protect banks, social media networks, email inboxes, smartphones and tablets. Strong encryption literally protects private data from being intercepted and stolen by hackers.
"It's the same kind of technologically illiterate rubbish we've heard from Rudd before - superficially attractive but the only effect will be to make us less safe, not more," Paul Bernal, lecturer in IT, privacy and human rights at the University of East Anglia Law School, told IBTimes UK.
"End-to-end encryption helps businesses with confidentiality and security, and protects us all from criminals, scammers and more - and the terrorists and criminals that Amber Rudd thinks she's protecting us against will be able to apply their own encryption anyway.
"The competent ones, that is - and the incompetent ones can be caught any number of ways. The underlying problem is a fundamental misunderstanding of the relationship between privacy and security - in the end, they're mutually supportive, not in conflict."
This week Rudd is fishing for friends in Silicon Valley. According to Reuters the politician is expected to appeal for action from representatives from Facebook, Twitter, Microsoft and Google, saying that extremists have "sought to misuse" their platforms to spread hate and propaganda.
This is something they already know, and are each attempting to solve. Nevertheless, these companies – some of the most powerful and lucrative businesses in the world – are unlikely to budge. Just look at what happened when the FBI attempted to pick a fight with Apple.
"If she thinks Silicon Valley will take this kind of thing seriously, she has another thing coming," Bernal said. "We need privacy to get security - and if you reduce privacy, you reduce our security. No one serious in the tech industry will see this as anything but incompetent, illiterate meddling."
Normal citizens 'will suffer'
For many, Rudd's anti-encryption agenda is reminiscent of Groundhog Day – where experts are doomed to sit down and politely listen to the same discredited claims over and over again from politicians who fail to grasp the concept that encryption is a necessary technology.
It's not even being debated that some terrorists use WhatsApp – that's a fact. But experts point out that they also use burner telephones, they use Royal Mail, they use word-of-mouth, they may even (allegedly) use the Sony PlayStation.
"The suggestion that real people do not care about the security of their communications is dangerous," said campaigner Jim Killock.
Killock, the executive director of UK digital rights campaign Open Rights Group, stressed in a blog post published on 1 August that Rudd must now be "absolutely clear on what co-operation she expects from internet companies" and tech firms like Facebook and Google.
"It is not the home secretary's place to tell the public that they do not need end-to-end encryption. She is causing immense confusion because at the moment she sounds like she is asking for the impossible," said Killock.
"[Rudd] must give the public a good idea of the risks she wants to place them under. If WhatsApp turn off or compromise encryption, you can expect criminals to use something else. The people who will suffer are law-abiding citizens who want privacy and security."
© Copyright IBTimes 2024. All rights reserved.