UK Home Secretary Amber Rudd has caused controversy once more by calling on messaging apps like WhatsApp to get rid of end-to-end encryption, touting the need for national security and arguing that it aids terrorists. But she didn’t stop there. Rudd also stated that “real people” do not need end-to-end encryption.
Not only is Rudd’s remark naïve and dangerous, it is difficult to imagine just how poorly thought out the comments were. Tech pundits are agog at the affront, and have pushed back with thoughtful arguments. Their position is that ordinary people not only benefit from encryption, they need it.
The problem, as Rudd sees it, stems from the fact that in recent years, messaging services, including those from Facebook, Apple, and Google, have adopted end-to-end encryption. This makes it almost impossible for the authorities to access messages without a user’s compliance.
Rudd’s remarks were in advance of a trip to Silicon Valley to meet with tech leaders. She hoped to press them for help with the encryption dilemma. She claims, “We don’t want to ban encryption, but our inability to see what the terrorists are doing undermines our security.” However, her many arguments point to the fact that she really would like to ban it.
One example is when she told the BBC that she has conveyed to the tech firms that she wants more metadata of encrypted messages to be handed to law enforcement officials. Metadata refers to information about a conversation – the who, what, how, and when. It reveals who took part, when and for how long – but not the contents itself. To that end, she told the BBC,
“We want (technology companies) to work more closely with us on end-to-end encryption, so that where there is particular need, where there is targeted need, under warrant, they share more information with us so that we can access it.”
Rudd’s wrong if she thinks that the average citizen doesn’t care about privacy and the need to protect themselves from the government’s prying eyes. However, this is more than just about the ordinary citizen – professionals depend on strict privacy, too. Journalists must protect sources, human rights defenders risk oppression and punishment without it, and lawyers who conduct private discussions need to keep information safe.
To blithely dismiss or, worse, deliberately miss, this obvious truth is rather alarming for someone in high government position.
Renate Samson, chief executive of Big Brother Watch, with a nod to rampant cybercrime and widespread hacking, went further, saying,
“Suggesting that people don’t really want security from their online services is frankly insulting, what of those in society who are in dangerous or vulnerable situations, let alone those of us who simply want to protect our communications from breach, hack or cybercrime.”
While WhatsApp has been singled out for vilification and made a target of the end encryption faction, the truth is that many sectors – public and professional – rely on its security to conduct business. These groups include, but are by no means limited to, protesters living under repressive regimes, politicians, gig economy workers, the police, and those with abusive partners – just to name a few who rely on WhatsApp or some other kind of end-to-end encryption.
Meanwhile, there has been push-back against Rudd’s stance. Privacy rights groups like the Electronic Frontier Foundation have expressed concern about the possibility of heavy-handed blocking of content. It said such a move would have a significant impact on free speech online. Another comes from Paul Bernal, a senior lecturer at UEA Law School, who told Business Insider via email,
“Amber Rudd’s comments are depressingly unsurprising — this is part of a bigger trend against encryption that we’ve been seeing for some time — and are based on a fundamental misunderstanding of both the technology and of privacy itself. From a technological perspective, it misses that creating an opening for law enforcement or the intelligence services creates an opening for all kinds of others — from criminals (and indeed terrorists themselves) to foreign powers, to malicious individuals.”
Rudd is banking on the fact that, since companies are constantly making trade-offs between security and product marketability, there is an opportunity for government and law enforcement to leverage this waffling and get them to voluntarily comply. But if tech firms still remain steadfast and non-compliant, what then? Stay tuned.