WhatsApp encryption questioned by Government after Westminster terror attack
Industry experts say the call to give intelligence agencies ‘backdoor’ access to messaging apps is “misguided”.
Following reports that Wesminster attacker Khalid Masood used WhatsApp minutes before the terror attack, Home Secretary Amber Rudd asked intelligence services to enable ‘backdoor’ access to messaging apps.
Rudd called on messaging apps that use end-to-end encryption to install ‘backdoors’ in their systems, to allow law enforcement and intelligence services to access users’ conversations with a warrant, in case of a terror attack or emergency situation.
So far, there is no confirmation of evidence that Masood sent messages using WhatsApp prior the attack, but after days of investigation the police has said it believes that Masood acted alone.
It is still unclear whether the messages that Masood is said to have sent that day are related to the attack.
The home secretary asked WhatsApp’s parent company, Facebook, and other technology companies to meet on Thursday, to discuss ways in which in intelligence services can access sensitive data that could help their investigations.
Industry experts criticised Rudd’s suggestion, saying that encryption is a very important tool for the cyber security of consumers in current times, where more and more information is stored online and hackers are growing increasingly skilled.
End-to-end encryption provides a way to disassemble message content once it leaves the sender’s device and put it back together once it reaches the receiver’s device.
This means that the company providing the messaging service is unable to make sense of the conversation on its servers.
When someone sends a message using WhatsApp’s messaging app, therefore, the company does not have access to the conversation, but can only access metadata about the exchange of messages (i.e. when a message was written, the number it was sent to and where the receiver was located at the time).
Sam Dumitriu, from think tank the Adam Smith Institute, believes that Ms Rudd’s call for access is “deeply misguided”.
“It is mathematically impossible to build a back door for just the good guys. It means building a back door to your private messages for [Russian President Vladimir] Putin’s favourite hacker Guccifer,” said Dumitriu. “It means opening up your private photos to perverts like the iCloud hacker. End-to-end encryption keeps us safe.”
“Khalid Masood wasn't even on MI5’s 3,000-strong list of suspected jihadis. Ending end-to-end encryption would not have stopped the Westminster attack, but it would mean a free-for-all for cyber criminals and Putin's hackers.”
Some industry experts also believe that the government already has substantial access to consumers’ information and creating a ‘backdoor’ to encrypted messages would merely provide a way for hackers to access information users exchange on these platforms.
Anthony Walker, deputy chief executive of UK’s industry body Tech UK, said: “Following the implementation of the Investigatory Powers Act, the UK has a range of strong powers relating to interception warrants, equipment interference warrants and bulk communication data acquisition warrants that enable the security services to do their job.”
“As the outgoing chief of GCHQ Robert Hannigan said last year, within a transparent legal framework it is for all those involved - Government agencies, tech companies, academia, and civil society - to work out what is possible together.”
Messaging apps with end-to-end encryption include WhatsApp, Apple’s iMessage, Signal and Threema, while other services such as Telegram and Google’s Allo also offer it as an option.
E&T recently held an exclusive interview with Dr Ian Levy, the head of the UK’s new national cyber-security centre.