The British and US Government’s plans to weaken online security are “unworkable” and contribute to “extreme economic harm”, a group of the world’s leading computer experts have said.
Authorities including David Cameron and FBI director James Comey have said that tech companies shouldn’t use end-to-end encryption, which stops messages from being snooped on. Such technology is used in apps like iMessage and WhatsApp, to ensure that messages can't be read as they pass between people.
But a new report from some of the world’s leading computing experts argues that giving intelligence agencies access “will open doors through which criminals and malicious nation states can attack the very individuals law enforcement seeks to defend”. Tech companies have long argued that opening up back doors to surveillance agencies inevitably means that other actors will exploit them, weakening security.
Proposals to give intelligence agencies exceptional access to communications are “unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when Internet vulnerabilities are causing extreme economic harm”.
“If law enforcement’s keys guaranteed access to everything, an attacker who gained access to these keys would enjoy the same privilege,” the report argues. The British and US governments’ preferred approach would also make such an attack more likely to succeed, they argue, since giving the keys needed to unlock encryption over to spying organisations would make them more likely to be lost.
David Cameron and the rest of the Government have long argued that encryption is dangerous — in January, Cameron said that he didn’t want to allow any encrypted communications, and the home secretary Theresa May intends to push through legislation that will force tech companies to make their users’ data available to governments. They say that keeping communications secret helps terrorists, since they can use networks to communicate without surveillance from the authorities.
The new MIT report is named ‘Keys Under Doormats’ and is written by a group of computer scientists many of whom were part of an influential report that helped stop similar legislation being passed at the beginning of the modern internet. They argue that the new challenge is “even greater today than it would have been 20 years ago”.
“In the wake of the growing economic and social cost of the fundamental insecurity of today’s Internet environment, any proposals that alter the security dynamics online should be approached with caution,” they argue in the 26-page report. “. The complexity of today’s Internet environment, with millions of apps and globally connected services, means that new law enforcement requirements are likely to introduce unanticipated, hard to detect security flaws.
“Beyond these and other technical vulnerabilities, the prospect of globally deployed exceptional access systems raises difficult problems about how such an environment would be governed and how to ensure that such systems would respect human rights and the rule of law.”
The experts' criticisms echo the same ones made by many tech companies. Apple's Tim Cook said in June for instance that the company believes "people have a fundamental right to privacy", and Facebook said yesterday that it feels "weakening encryption presents a variety of other security issues".
Register for free to continue reading
Registration is a free and easy way to support our truly independent journalism
By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists
Already have an account? sign in
Join our new commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies