Amber Rudd’s call to end WhatsApp encryption is incredibly naïve

This isn’t about imperilling the revenues of Facebook-owned firms like WhatsApp, but about exposing personal data to an increased risk of interception by criminals

Click to follow
The Independent Online

I sometimes think the world was a better place before the internet. But then all of a sudden I need to check which member of Bananarama married Andrew Ridgeley and I remember that I couldn’t live without Google.

Amber Rudd has a lot more on her plate than 80s pop trivia. Yet her response to questions about the apparent use of WhatsApp by Khalid Masood in the moments before last week’s terror attack suggests a level of technological understanding that is about 30 years out of date. For while few would argue that tech firms shouldn’t do more to tackle the promulgation of extremist material, to say blithely that the police should be able to access encrypted messages is breathtakingly naïve.

For one thing, it is end-to-end encryption which – for many people – makes messaging apps attractive. The increasing ability of criminals and foreign state actors to hack into private information online has made the public vastly more aware of the potential threat to their data. With online messaging services now much more popular than traditional SMS (42 billion messages sent per day, as against 20 billion texts) the security of WhatsApp, iMessage and others is – for most users – a pro, not a con.

Ex-cyber security chief says Government 'using' Westminster attack

The Home Secretary argues that messages need only be accessed in circumstances where the police or other authorised agency has been granted a warrant through the proper channels. But of course opening up any potential backdoor access creates a vulnerability which hackers will be desperate to exploit. This is not about imperilling the revenues of Facebook-owned firms like WhatsApp, but about exposing the personal data of millions of people to an increased risk of interception by criminals. That is why the argument that “those who have nothing to hide have nothing to fear” is much too simplistic.

We should remember too that there is, as far as we know, no firm evidence that Masood used WhatsApp for nefarious purposes – either in the minutes before he brought murder and mayhem to London’s streets, or at any other time. True, it is that which has brought the question of encryption into such sharp focus, for if he was communicating with accomplices it is eminently explicable for the police to want to know about it. But for the Home Secretary and Prime Minister to use an explicit absence of evidence as the basis for their criticism of messaging apps is bold to say the least. When the changes they seek could arguably do more to undermine personal, and even national, security than to protect it, such boldness looks misplaced.

What’s more, the internet is a place where a thousand flowers bloom. If WhatsApp gave end-to-end encryption the heave-ho, another service would pop up in a matter of days. If the Government really wants to control the way web firms operate and the way Britons access the internet, it will need to take a leaf out of China’s book.

Rudd’s plea appears to have struck a chord with some sections of the traditional media, in part no doubt because the desire to explore ways in which the terror threat to Britain can be reduced is thoroughly reasonable. But it is notable that big tech firms such as Google and Facebook are already the subject of a deeply critical media narrative: slammed for failings over the placement of legitimate adverts alongside inflammatory content; condemned for doing too little to combat extremist websites and for enabling the dissemination of fake news; slated for maintaining the line that they are merely ‘platforms’ and thus cannot be held responsible for content created by others. The Home Secretary’s attack on WhatsApp fits neatly into this analysis

And sure enough, there is something in it. Full-on libertarian attitudes are all very well in a sunny California startup, but they don’t stand up to much scrutiny when spouted by vast, and hugely profitable, multinationals. Google and Facebook can’t carry on with the *innocent face* routine forever; and they know it.

But there is a murkier battle here too, between established media brands which are anxious about declining direct ad revenues, and the online giants which are soaking them up – and doing so in part because they provide the window through which people increasingly consume their news. Attacks against Google et al by tabloid newspapers have to be seen against this complex backdrop.

In the end, the world’s major tech companies cannot be ostriches. They will have to do more to combat the spread of hate online. They must accept that being a ‘platform provider’ is not a get-out-of-jail-free card when it comes to avoiding responsibility for hosting highly inappropriate material. They may also have to reconfigure their relationships, commercial and otherwise, with major media brands to one of symbiosis, not conflict.

Equally though, the Government must recognise that this is 2017. Technological advances may pose new challenges to law enforcement, but they have also – in a great many ways – made the world a better, and in some ways safer, place. To imply that we can markedly reduce the threat posed by determined terrorists by making encrypted online messages accessible to the police may be neat. But it’s stunningly unsophisticated, technologically lazy and almost certainly wrong.  

Comments