Apple and other tech companies must provide government intelligence agencies access to encrypted messaging services, the United Kingdom’s Home Secretary declared in the wake of the Westminster terrorist attack, claiming there must be “no place for terrorists to hide” from surveillance.
In an interview with the BBC, Home Secretary Amber Rudd called the use of end-to-end encryption communications offered by tech companies and used by terrorists as a “completely unacceptable” situation. Rudd insists organizations behind encrypted messaging systems should not “provide a secret place for terrorists to communicate with each other.”
“In this situation, we need to make sure that our intelligence services have the ability to get into situations like encrypted WhatsApp,” claims Rudd. It is reported that Khalid Masood, a man who killed four people in Westminster last week in an attack on the Houses of Parliament, had used WhatsApp two minutes before he started his attack.
Messaging services, including Apple’s iMessage and WhatsApp, perform end-to-end encryption on communications between users as a security and privacy measure against hackers. This also prevents government intelligence agencies from reading the message directly and from compelling the company hosting the service from providing the message’s content, even with a warrant.
Andrew Marr, the interviewer, brings up the ongoing encryption debate in the United States, where Apple continues to resist against requests by law enforcement to add a backdoor to iOS which allows access to stored data and encrypted communications. Rudd’s response to a question about whether the UK government could force Apple and other manufacturers to open up their devices to intelligence agencies suggests she wants to go a different route.
“If I was talking to Tim Cook, I would say to him that this is something completely different,” claims Rudd. “We’re not saying ‘open up,’ we don’t want to ‘go into the cloud,’ we don’t want to do all sorts of things like that.”
“But we do want them to recognize that they have a responsibility to engage with governments, to engage with law enforcement agencies when there is a terrorist situation. We would do it all through the carefully thought-through, legally covered arrangements, but they cannot get away with saying we are a different situation. They are not.”
In many cases, technology companies do already work with law enforcement agencies to provide information in a serious event, like a terrorist attack. Even so, the amount of help is only limited by the usable data stored on its servers, and while information such as the recipient, sender, and time of the message may be viewable, the encrypted message itself is not able to be passed on.
The United Kingdom has previously investigated the possibility of forcing device producers into adding backdoors or weakening security as part of the Investigatory Powers Bill, but removed the requirement before it passed in 2016. Arguments from Apple provided to a parliamentary committee warned of “dire consequences” if sections that weakened device security were kept in the bill.
While a backdoor would provide access to this encrypted data, it is a solution that may cause more problems than it solves.
During the San Bernardino investigation, Apple CEO Tim Cook declared in an open letter that the U.S. government’s request for a backdoor for the iPhone was “something we consider too dangerous to create.” The requested “feature” would have “the potential to unlock any iPhone in someone’s physical possession,” and despite government assurances that it would only be used for the investigation, “there is no way to guarantee such control.”