- Perhaps feeling the need to get cosy with each other again after the Huawei issue, they’re turning their fire on the common enemy: encryption
- There’s still an attempt to differentiate ‘good’ code busting (by the authorities) from bad code busting (by foreign states). In fact there is no difference
The so-called ‘Five Eyes’ intelligence sharing group, comprising British Commonwealth countries, plus the US, have had a meeting in London this week to push for open back doors. Not naughty, nasty back doors like the ones Huawei is supposed to have enabled, but ‘good’ back doors to allow the authorities (and our spies) in to look at our messaging.
The security ministers (collective noun anyone?) want high tech communication systems (read Facebook Instagram, WhatsApp and Apple) to include mechanisms in the design of any encrypted services they offer to ensure that governments and their spooks can (acting with appropriate legal authority of course) obtain access to data in a usable format. So they want to create that festering contradiction, a secure comms systems that lets the authorities in to see what’s going on.
According to the group, tech companies are “deliberately designing their systems in a way that precludes any form of access to content, even in cases of the most serious crimes.” Well, yes, that’s what end-to-end encryption means. Nobody gets to read the message except the person to whom it’s intended (as the email footers say).
The timing is good: with Facebook/WhatsApp currently on the political ropes over privacy breaches and tax avoidance accusations, the spectre of Zuckerberg sheltering pedophiles, drug users and terrorists is much easier to prosecute than it used to be. But in this instance he appears (until he caves and welcomes the spooks in) to be on the side of the angels.
The usual arguments remain...
That there’s no such thing as just a teeny bit open - once there’s a way in others will find it and the idea of total message security is gone.
Once it has, then other, more authoritarian states will demand that they should have access too.
That it allows criminals to evade detection. (So do lots of things. Authorities will just have to work harder to bring the miscreants to book)
And, ministers must keep in mind how slightly annoyed they might be should one of their number find their messages have been hacked.
So what’s stimulated this five eyes speaking as one voice (without mixing metaphors too badly) ?
In fact Zuckerberg waded straight into the encryption debate earlier this year when he signalled a privacy-focused strategy shift for Facebook. End-to-end encryption was key and he said he would develop a highly secure private communications platform to sit on Facebook’s Messenger, Instagram, and WhatsApp services.
Apple is also in the crosshairs here, ever since its run-in with the FBI over decrypting a mass shooters mobile phone back in 2015.
One solution, allegedly floated by British officials was that there shouldn’t be talk of ‘back doors’. Instead, encrypted devices could be tapped after a message had been decrypted. This wouldn’t mean weakening the actual encryption, but rather “going around it”. Semantically this is brilliant, in terms of real-world security it’s rubbish.
Whether the meeting will result in any concerted action against the big tech platforms to get them to conform (whatever that will mean) is uncertain.
Stay up to date with the latest industry developments: sign up to receive TelecomTV's top news and videos plus exclusive subscriber-only content direct to your inbox – including our daily news briefing and weekly wrap.