Home Secretary’s dismissal of end-to-end encryption attacked
Image credit: Dreamstime
As Amber Rudd, the Home Secretary, meets with representatives of tech giants in San Francisco to discuss counter terrorism measures, her comments that “real people” do not need end-to-end encryption have provoked a backlash.
During an interview with the BBC, Ms Rudd explained that she wanted extremists to be prevented from uploading any content at all, with extremist material being stopped “at the source”. If this is not achieved voluntarily, she suggested, the government could introduce tougher legislation clamping down on sharing of this content.
Her comments coincide with the first Global Internet Forum to Counter Terrorism, a conference established by technology companies to discuss approaches to preventing extremist activity, following a spate of recent terrorist attacks, including in Manchester and London. Representatives from Facebook, Google, Twitter, YouTube, Snap, Microsoft and others companies are present.
These companies announced that they were cooperating to “disrupt terrorists’ ability to use the internet in furthering their causes while also respecting human rights”.
Ms Rudd met with these representatives to discuss cooperative efforts to tackle extremism. According to Ms Rudd, encryption tools adopted by messaging services have become “a problem”.
Messaging services run by Apple, Facebook and Google have, in recent years, adopted end-to-end encryption, making it almost impossible for messages to be accessed by anyone other than the users themselves. The police, government intelligence agencies and even service providers cannot read the contents of conversations.
While this has been described as a major step forward for privacy, critics have said that end-to-end encryption could make it possible for criminals – including terrorists, organised gangs and sex abuse rings – to communicate in absolute secrecy. The security of messaging service WhatsApp became a topic of debate in the wake of the Westminster attack, when it was reported that attacker Khalid Masood had used the encrypted service to send a final message before the rampage.
During her BBC interview, Ms Rudd said that the government supports encryption with some caveats
“We support its place in making sure that we have secure facilities in our daily lives,” Ms Rudd said. “However, there is a problem in terms of the growth of end-to-end encryption. It’s a problem for the security services and for police who are not, under the normal way, under properly warranted paths, able to access that information.”
“We want [technology giants] to work more closely with us on end-to-end encryption, so that where there is particular need, where there is targeted need, under warrant, they share more information with us so that we can access it.”
Amber Rudd is likely to push for tech companies to share more metadata – such as information about the contact involved and the number of messages sent – about messages being sent on their services. When asked about the types of metadata she may demand from tech companies, she said that she could be having those conversations “in private”.
Last week, Sheryl Sandberg, Facebook’s COO, commented in a BBC interview that encryption helps law enforcement combat terrorism by providing metadata. Rolling back encryption could cause criminals to migrate to harder-to-penetrate services.
“If people move off those encrypted services to go to encrypted services in countries that won’t share the metadata, the government actually has less information, not more,” Ms Sandberg said.
Ms Rudd’s address to the Global Internet Forum to Counter Terrorism have been overshadowed, however, by a backlash in response to a comment piece she published in the Daily Telegraph, in which the Home Secretary claimed that “real people” do not need or want end-to-end encryption on their phones.
Writing in the Huffington Post, Martha Spurrier, the director of Liberty, compared encrypted messaging to private spoken conversations, and said that “when you hear the government attacking encryption, they are attacking nothing less than your basic human rights.” In a written statement, the Open Rights Group commented that – contrary to Ms Rudd’s suggestion – security is what makes a service attractive to users.
“Some people want privacy from corporations, abusive partners or employers. Others may be worried about confidential information, sensitive medical conversations, or be working in countries with a record of human rights abuses,” a blog post on its website said.
“Whatever the reasons people want secure communications, it is not for the Home Secretary to tell the public that they don’t have any real need for end-to-end encryption.”
““Real people” need privacy; it gives them the freedom to act without fear.” said Dr Paul Bernal, a University of East Anglia lecturer and internet privacy expert. “Reducing privacy chills freedom of expression.”
“[Ms Rudd’s] suggestions won’t help against sophisticated terrorists, and unsophisticated terrorists can be caught any number of ways.”