US, UK and allies renew call for state backdoors into encrypted digital products
Security services in seven allied countries want to be able to hack into digital products that protect their user’s privacy through end-to-end encryption.
The governments of the US, UK, Canada, Australia, New Zealand, Japan and India all endorsed a public statement concerning end-to-end encryption and public safety. In it, they attempt to balance the apparently contradictory aims of personal privacy and public safety.
They want to be able to hack into the communications of bad guys, but can only do so if the tech companies that provide those services build a special vulnerability into their end-to-end encryption, otherwise known as a backdoor.
“We, the undersigned, support strong encryption, which plays a crucial role in protecting personal data, privacy, intellectual property, trade secrets and cyber security,” opens the statement. “It also serves a vital purpose in repressive states to protect journalists, human rights defenders and other vulnerable people, as stated in the 2017 resolution of the UN Human Rights Council. Encryption is an existential anchor of trust in the digital world and we do not support counter-productive and dangerous approaches that would materially weaken or limit security systems.
“Particular implementations of encryption technology, however, pose significant challenges to public safety, including to highly vulnerable members of our societies like sexually exploited children. We urge industry to address our serious concerns where encryption is applied in a way that wholly precludes any legal access to content.”
In other words: we’re big fans of encryption, except when it’s done well. We recognise that bad encryption allows the state to abuse its citizens, but if you create a special vulnerability for us, we promise not to abuse it. But don’t extend this facility to repressive states, just give it to us, the goodies.
The UK’s Home Secretary, Priti Patel, has been appalled at this restriction of her ability to spy on her population for some time and was the main driver of the last round of public pressure applied over this matter. That time Facebook was specifically called out and, while this statement doesn’t name Facebook specifically, it’s that company’s continued plans to strengthen the encryption of its messaging services that are the main drivers of this call.
“We owe it to all of our citizens, especially our children, to ensure their safety by continuing to unmask sexual predators and terrorists operating online,” said Patel. “It is essential that tech companies do not turn a blind eye to this problem and hamper their, as well as law enforcement’s, ability to tackle these sickening criminal acts. Our countries urge all tech companies to work with us to find a solution that puts the public’s safety first.”
While the emotive ‘think of the children’ language is fairly cynical, this is a matter that needs to be discussed. It ultimately comes down to how much civil liberty we are prepared to sacrifice in the name of safety. This is an age-old question that always comes to the fore in times of emergency. The COVID-19 crisis has seen extensive restrictions of civil liberties by government, with minimal public accountability.
In many cases those restrictions could reasonably be argued to be justified, but there are also concerns about both how long they will be maintained and the extent to which governments will exploit this climate of fear and acquiescence to grant itself further powers in the name of safety,
China, where the virus originated, seems to have done a great job of keeping it under control, but at what cost to civil liberties? One report indicates COVID-19 has given the Chinese state all the reason it needs to massively increase its mass surveillance operations. If spying on its citizens appeared to improve safety over there, surely western governments will be tempted to try some of those techniques themselves.
It seems clear that Facebook’s own ability to identify and report criminal communications over its platforms will be significantly reduced by the implementation of full end-to-end encryption. That is a legitimate concern, but so is the prospect of everyone else’s privacy being compromised in the name of catching those baddies.
The only way to guarantee individual privacy over digital communications is to make them as secure as possible. Deliberately creating backdoors compromise that security. On top of that, governments are asking us to trust them to use this facility competently and not to abuse powers they think they should be uniquely granted. Their response to the COVID-19 crisis has complicated that request.
Isn’t the US forcing their allies to ban Huawei because of such alleged backdoors? Why do the US, UK, Canada, Australia, New Zealand, Japan and India apparently think it’s essential for them to have access to tech companies’ data but its a heinous crime if China might do it? Or perhaps they are assuming that all countries will build backdoors into the tech they can control in order to spy on as much of the world as they can get away with…
You took the words right out of my mouth. I’ve been reflecting on these challenges for some while and it strikes me that it’s very possible that we end up in some sort of digital “Cold War” (although the signs are that we’re already on the slippery slope. Perhaps we’ll see the digital world evolve into two blocks with the west no longer trusting products from the east and vice versa. Also, I do wonder how naive it is to believe that equipment manufactured by our friends don’t already carry some of these covert access points. In this case I’d worry more about the network infrastructure rather than the end user devices.
Because the US, UK and the rest of the governments that want this are so honest and trustworthy they would never abuse the trust and privacy of the people they work for namely the private citizens. This is me been sarcastic.
if USA does it it’s good and if China does it it’s bad. you can trust us (HA HA)
da knabbern die Staaten an den Nägeln. Übrigens findet sich im US- Kongressreport “INVESTIGATION OF COMPETITION IN DIGITALMARKETS” über die vier bösen Buben das Stichwort “ Backdoors” nicht..
I don’t think people in government have that much brain capacity to actually understand: how technology works.
In most cases, those folks are old chaps, who have zero idea how WiFi router works. Their understanding of anything more complex than: “I put million on my bank account” is close to “oh, that’s magic wizardry, which out specialists can handle”
So, no it not both: security AND backdoor. It’s only OR. Like it or not.
If I have another solution to this stupid control. Complete transparency. People and government will completely reveal their finances and behaviour. But, I tell you – that will never happen. US alone will never be happy, if they won’t take advantage of some country.
Well, sten stop pointless bullshit of backdoor encryption.
This is by far the most crazy comment of all times, I consider it as irrelevant threat. There are billions of people using WiFi everyday which country can afford to set up a huge department just to screen data information. Why should they do to steal the ordinary ppl information. Except the head of state has to be more careful to prevent the information from going to those subversion. I think this is another US plot to unite the allies to stay close to US security arrangement initiative to enhance her position as world number one that’s all. Claiming cyber attack as an excuse.
Crying wolf, that’s the name of the game. Whatever china does is spying and security risk while what the Western allied does is legally “monitoring and controlling security”. This is not spying to their understanding and want people to know that it’s good for them but China does not have the right to do so.
This whole thing is ridiculous, but a small cynical part of me is a little happy that it’s finally happening, because more control means more people moving to TOR, and the more people use it, the more anonymous it is.