Encryption: The battle over government access to private WhatsApp and Facebook chats

Fight could decide how safe and secure conversations are in the future

Amber Rudd says WhatsApp's encryption of messaging may come to an end after Westminster terror attack

End-to-end encryption is the technology that keeps messages sent on WhatsApp, iMessage and other secure platforms. It is also becoming a major battleground in deciding the future of the internet.

On one side stands many of the most powerful people in the UK and US governments. On the other is some of the largest technology companies in the world.

And between them is the fight for whether communications over the internet should be able to be read by security services and the police, and whether it is worth weakening the protections that keep them private to do so.

The debate has been revived by senior politicians on either side of the Atlantic. Most recently, new home secretary Priti Patel suggested that encryption on Facebook-owned platforms was hindering investigations by law enforcement.

What are backdoors?

To stretch the not especially good metaphor of their name, it is as if every phone that sends a message is a key, and every phone that receives one is a lock. Messages will only work if those two things match up exactly – and without the two coming together, the key and the lock are entirely meaningless.

A backdoor is another lock, and one that governments can open in every case. Rather than having to ensure the key and door match up in every case, they can simply use that backdoor to circumvent the encryption and read whatever is being passed between the two.

More precisely, and a little more technically, it is a kind of master key. It means that encrypted messages can be intercepted and opened, no matter who they were sent by and meant for.

When an encrypted message is sent, the phone that is doing so scrambles up the message so that it looks meaningless to anyone who would see it. The only way to unscramble that nonsensical message is to use the recipient's key to put it back together again, which ensures that messages are protected as they are passed between devices.

The backdoor can unlock any message. In doing so it undermines the promise of end-to-end encryption – the message can be read in the middle – but theoretically means that messages could still be kept safe.

Why do people want them?

Supporters of backdoors, who oppose strong encryption, argue that it is unsafe to allow people to send messages completely privately. The government needs a backdoor so that it can monitor people's conversations, they argue, because those conversations could be used to plan criminal activity or recruit people into it.

That is the argument now being offered by the UK government.

“This is not an abstract debate: Facebook’s recently announced plan to apply end-to-end encryption across its messaging platforms presents significant challenges which we must work collaboratively to address,” wrote Ms Patel in her new Telegraph article.

“The use of end-to-end encryption in this way has the potential to have serious consequences for the vital work which companies already undertake to identify and remove child abuse and terrorist content.”

“It will also hamper our own law enforcement agencies, and those of our allies, in their ability to identify and stop criminals abusing children, trafficking drugs, weapons and people, or terrorists plotting attacks.”

Why do others oppose them?

As long as these kind of backdoors have been discussed, technology companies and privacy advocates have opposed them. They argue that it is not only bad to provide a backdoor into encryption but technically impossible – and that there is no way to weaken encryption for the government without weakening encryption for everyone.

Any backdoor that is added can potentially be opened for anyone, they argue. The tools to read messages could quickly fall into the wrong hands, and as a result would make anyone using those chat apps unsafe.

Last year, for instance, a coalition that calls itself "Reform Government Surveillance" – which includes Apple, Facebook, Google, Microsoft and a host of other technology companies – once again dismissed talk of backdoors.

"We have consistently raised concerns about proposals that would undermine encryption of devices and services by requiring so-called 'exceptional access' for law enforcement," it wrote in a statement in May, during one of the previous discussions over backdoors.

"Recent reports have described new proposals to engineer vulnerabilities into devices and services – but they appear to suffer from the same technical and design concerns that security researchers have identified for years. Weakening the security and privacy that encryption helps provide is not the answer."

But it is not simply technology companies and privacy advocates who argue that weakening encryption is not the approach. This month, Michael Hayden – who served as director of the National Security Agency as well as in many other senior roles in the US establishment – suggested on Twitter that he too did not think the the security risks of giving governments backdoor access to private communications were worth it.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in