Apple, WhatsApp, Google and more attack plan to let spies read people's private conversations

World's biggest tech companies, civil society groups and security and privacy experts join together to sign open letter

Andrew Griffin
Thursday 30 May 2019 15:24
The WhatsApp messaging app is displayed on an Apple iPhone on May 14, 2019 in San Anselmo, California
The WhatsApp messaging app is displayed on an Apple iPhone on May 14, 2019 in San Anselmo, California

Apple, WhatsApp, Google, Microsoft and more have joined together to attack a plan to allow spies to read people's private messages.

The company released an open letter in which they criticised a proposal, made by senior staff at UK intelligence agency GCHQ, to fundamentally change the world's biggest messaging apps so that spies could see them.

The proposal would work by allowing intelligence agencies to be a secret participant in all conversations, letting them see the contents of chats and calls when they wanted to.

But the open letter argued that such a situation would undermine privacy and security, as well as the trust users put in private messaging platforms.

As well as being signed by many of the world's biggest tech firms – including Apple, Google, WhatsApp and Microsoft – it also earned the support of a wide range of civil society groups as well as security and privacy experts.

The open letter begins by praising many of the principles outlined in the piece by senior GCHQ staff. It praises them for focusing on important issues like privacy rights and cyber security.

But it goes on to attack one specific suggestion inside that the article: the adding of a special user that would allow law enforcement to read conversations inside a group chat or phone call.

"Despite this, the GCHQ piece outlines a proposal for 'silently adding a law enforcement participant to a group chat or call' This proposal to add a 'ghost' user would violate important human rights principles, as well as several of the principles outlined in the GCHQ piece. Although the GCHQ officials claim that 'you don’t even have to touch the encryption' to implement their plan, the 'ghost' proposal would pose serious threats to cybersecurity and thereby also threaten fundamental human rights, including privacy and free expression."

It goes on to explain that proponents of the "ghost user" suggestion argue that it would be possible to allow law enforcement to secretly be added into conversations, allowing them in effect to be a participant in every conversation that happens. That would allow the chats to be protected by encryption, they argue, since the chats would remain protected but spies would be a normal participant in them.

But the letter says that such a proposal is misguided, since it would still end up undermining the security of conversations and allow for vulnerabilities to be opened up. The current system works by tying keys to individual users, and only allowing users with those keys to be able to read conversations – that system would be undermined by one that gave the keys to somebody else at a general level.

They also note that even if the security commitments did hold true, there is nothing to guarantee that spy agencies would not abuse the access that such technology would give them. It argues that the access could enable stalking and abuse, and claims that the protections that decide how UK and US spying agencies can use the data they are given are not strict enough.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in