Apple, WhatsApp, Google and more attack plan to let spies read people's private conversations

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

Apple, WhatsApp, Google, Microsoft and more have joined together to attack a plan to allow spies to read people's private messages.

The company released an open letter in which they criticised a proposal, made by senior staff at UK intelligence agency GCHQ, to fundamentally change the world's biggest messaging apps so that spies could see them.

The proposal would work by allowing intelligence agencies to be a secret participant in all conversations, letting them see the contents of chats and calls when they wanted to.

But the open letter argued that such a situation would undermine privacy and security, as well as the trust users put in private messaging platforms.

As well as being signed by many of the world's biggest tech firms – including Apple, Google, WhatsApp and Microsoft – it also earned the support of a wide range of civil society groups as well as security and privacy experts.

The open letter begins by praising many of the principles outlined in the piece by senior GCHQ staff. It praises them for focusing on important issues like privacy rights and cyber security.

But it goes on to attack one specific suggestion inside that the article: the adding of a special user that would allow law enforcement to read conversations inside a group chat or phone call.

"Despite this, the GCHQ piece outlines a proposal for 'silently adding a law enforcement participant to a group chat or call' This proposal to add a 'ghost' user would violate important human rights principles, as well as several of the principles outlined in the GCHQ piece. Although the GCHQ officials claim that 'you don’t even have to touch the encryption' to implement their plan, the 'ghost' proposal would pose serious threats to cybersecurity and thereby also threaten fundamental human rights, including privacy and free expression."

It goes on to explain that proponents of the "ghost user" suggestion argue that it would be possible to allow law enforcement to secretly be added into conversations, allowing them in effect to be a participant in every conversation that happens. That would allow the chats to be protected by encryption, they argue, since the chats would remain protected but spies would be a normal participant in them.

But the letter says that such a proposal is misguided, since it would still end up undermining the security of conversations and allow for vulnerabilities to be opened up. The current system works by tying keys to individual users, and only allowing users with those keys to be able to read conversations – that system would be undermined by one that gave the keys to somebody else at a general level.

They also note that even if the security commitments did hold true, there is nothing to guarantee that spy agencies would not abuse the access that such technology would give them. It argues that the access could enable stalking and abuse, and claims that the protections that decide how UK and US spying agencies can use the data they are given are not strict enough.