UK Home Secretary supports back doors while claiming 'real people' don't need end-to-end encryption
Amber Rudd, the UK Home Secretary, has claimed that "real people often prefer ease of use and a multitude of features to perfect, unbreakable security." Rudd holds the Conservative government's belief that it should be able to access encrypted messages, even when end-to-end encryption is used, such as with WhatsApp.
Using terrorism as a justification for wanting to gain access to encrypted messages, she goes on make extraordinary and misguided claims about what she and the government want. Her bizarre and misinformed rant in the Daily Telegraph is deeply concerning, not only because of the implications her suggestions have on privacy, but also the lack of technical knowledge she demonstrates while making her claims and demands.
The Telegraph article immediately tries to tug on heartstrings by pointing out that terrorists "use internet platforms to spread their vile ideology," and that while there is plenty of material visible on social media that can be dealt with, there's a hidden danger too. "Beyond the harmful content that is openly available, there is that which we cannot see, in the form of encrypted data," she says.
The article continues, making a perfectly reasonable statement: "Encryption plays a fundamental role in protecting us all online." But, she says, this encryption is abused by some people. "The particular challenge is around so called 'end-to-end' encryption, where even the service provider cannot see the content of a communication." (Quite why it is "so-called" end-to-end encryption and not just end-to-end encryption is anyone's guess. Maybe it makes it sound a bit creepier, a bit geekier, a bit bad.)
Rudd says -- seemingly without the remotest hint of irony nor, it would appear, an understanding of the implications of what she suggests:
To be very clear -- Government supports strong encryption and has no intention of banning end-to-end encryption. But the inability to gain access to encrypted data in specific and targeted instances -- even with a warrant signed by a Secretary of State and a senior judge -- is right now severely limiting our agencies' ability to stop terrorist attacks and bring criminals to justice.
She adds, absurdly:
I know some will argue that it's impossible to have both -- that if a system is end-to-end encrypted then it's impossible ever to access the communication. That might be true in theory. But the reality is different.
No, Amber. The reality is not different. That's the very point of end-to-end encryption. The very point. To suggest otherwise does nothing besides illustrating your complete lack of understanding in this field.
Real people often prefer ease of use and a multitude of features to perfect, unbreakable security. So this is not about asking the companies to break encryption or create so called "back doors". Who uses WhatsApp because it is end-to-end encrypted, rather than because it is an incredibly user-friendly and cheap way of staying in touch with friends and family? Companies are constantly making trade-offs between security and "usability", and it is here where our experts believe opportunities may lie.
In a communications platform using end-to-end encryption in which even the service provider does have the decryption keys, the only way to gain access to data would be through the creation of back doors. Label it however you want, but a system that allows for the bypassing of end-to-end encryption -- in whatever the circumstances -- is a back door. A back door can be used, and it can be misused. It can be used by the government (for good or bad), and it can also be used by the bad guys. To ignore this fact is woefully naïve, and a dangerous way of approaching things.
The Conservative government is hellbent on trying to control the internet, and police the unpoliceable. The fact that it can’t is driving it mad, and leading politicians who really don’t know what they are talking about to make nonsensical verbal expulsions that are counterintuitive, dangerous and just plain untruthful.
Rudd is clearly not very in touch with "real people" if she feels they would be willing to give up their privacy, give up their security, and grant the government the right to access their data on a whim. The tired old maxim "if you've got nothing to hide, you've got nothing to fear" will almost certainly be wheeled out in one form or another, but that misses the point entirely.
There are options. But they rely on mature conversations between the tech companies and Government -- and they must be confidential. The key point is that this is not about compromising wider security. It is about working together so we can find a way for our intelligence services, in very specific circumstances, to get more information on what serious criminals and terrorists are doing online.
This is still a back door. And a back door is dangerous.
Remember, we're not just talking about WhatsApp. There are plenty of other services that make use of end-to-end encryption, and it's not a technology that's employed only in messaging tools. If the government tries to create back doors or weaken security in any way, it will be completely counterproductive. It will blow up in the government's face and, as much I love the idea of that happening, there consequences are far too serious to allow things to get to that point.