UK Home Secretary Priti Patel has taken to the pages of The Telegraph to call for Facebook to insert back door access to the end-to-end encryption system of its messaging platform and other , as members of the Five Eyes nations meet to call for the same.
When protecting digital traffic, there are effectively two methods: client-server cryptography and end-to-end cryptography. In client-server cryptography, your traffic is encrypted between your client device and the remote server and vice-versa; anyone on the server, however, can access the traffic in its unencrypted form. In end-to-end cryptography, popularly and controversially used in Facebook's WhatsApp instant messaging platform, the encryption remains intact from client device to client device regardless of how many servers it passes through on the way - meaning there's no easy way for ne'er-do-wells nor security services to capture the traffic in its unencrypted form.
Back in 2017 then-Home Secretary Amber Rudd called for back door access to be provided to governments, security services, and law enforcement while claiming that 'real people' don't care about encryption. A year later the governments of the 'Five Eyes' countries - the UK and Australia, Canada, New Zealand, and the United States of America - hinted at the need for mandatory back-door access, and were supported by the UK's Government Communications Headquarters (GCHQ) and National Cyber Security Centre (NCSC). Most recently US Attorney General William Barr has joined the ranks of the non-technical claiming that it's entirely possible to add a back door into an end-to-end cryptosystem without threatening the security or privacy of its legitimate users.
Now, current Home Secretary Priti Patel has become the latest to demand back door access - specifically, to WhatsApp and other Facebook products. In a comment piece penned for The Telegraph's print edition, not currently available online but shared to Twitter by Sky News' Alexander Martin, Patel claims that 'where systems are deliberately designed using end-to-end encryption, which prevents any form of access to content, no matter what crimes that may enable, we must act.
'This is not an abstract debate,' Patel continues. 'Facebook's recently announced plan to apply end-to-end encryption across its messaging platforms presents significant challenges which we must work collaboratively to address. This use of end-to-end encryption in this way has the potential to have serious consequences for the vital work which companies already undertake to identify and remove child abuse and terrorist content. It will also hamper our own law enforcement agencies, and those of our allies, in their ability to identify and stop criminals abusing children, trafficking drugs, weapons and people, or terrorists plotting attacks.
'Today, we called on tech companies, including Facebook, to work with us urgently on detailed discussions,' Patel states, the 'we' referring to the other Five Eyes nations who met with the Home Secretary earlier this week. 'We want to focus on reasonable proposals, so that they implement changes in a way that does not undermine the safety of their own users and the wider public but also respects their business incentives and their users' privacy.'
So far, none of those in favour of back door access to end-to-end crypto systems have adequately addressed the two largest concerns: That it will be impossible to prevent criminals from obtaining access through the same back doors as authorised agents, and that the existence of open-source end-to-end encryption utilities such as the GNU Privacy Guard (GPG) mean that even if Facebook and other major companies bow to demand for back-door access criminals will be able to continue to communicate entirely securely and without observation should they so choose - and choose they shall.
September 15 2020 | 14:00