UK Government to Spy on Users by Asking Messaging Apps to Weaken Encryption

Last week, British Prime Minister Theresa May received harsh criticisms from experts for her proposal to regulate the internet and essentially weaken encryption of messaging applications such as Whatsapp and Telegram.

In a response to a terror attack that occurred in London, May stated that the act of terror can be attributed to the existence of “safe spaces” on the web such as the dark web and encrypted messaging platforms that criminals are using to distribute data and communicate with one another.

May also placed the blame on major internet service providers and internet companies that are responsible for offering encrypted services and privacy-focused solutions to users. She strongly emphasized that unregulated and private areas of the web are triggering more terrorist attacks within the UK.

However, analysts at prominent cyber security firms and mainstream media outlets such as Wired have stated that weakening of encryption is not a practical solution under any circumstances. Firstly, an attack on encryption could jeopardize global financial systems and banking that could inflict severe financial damages onto major financial service providers. Other sectors such as travel and health care could also be affected by the lack of encryption.

More importantly, the idea that the “good guys” can see, surveil and control the “bad guys” is flawed as a whole because it is difficult to justify what is considered good and bad. For instance, if internet service providers and app developers are forced by the government to build backdoors to allow law enforcement agencies to surveil on users, the surveillance on the public and billions of internet users can’t be justified.

The US government’s plan to request travelers to forfeit passwords, social media account data, email information and data stored in personal devices such as laptops was criticized by experts and data analysts for the identical reason. It is an attack on the privacy of people in general and the idea that the complete removal of privacy would discourage and decrease terrorist attacks is invalid.

More importantly, Colin Clarke, a counterterrorism expert at RAND, said in an interview that the internet is oversold in terms of radicalization. Although the internet and its encrypted areas such as the dark web are used by criminals and terrorists to communicate, the majority of conversations are settled offline.

Michael Kenney of the University of Pittsburgh stated:

“Traditionally the way [UK extremist group] Al-Muhajiroun have worked is that most of their radicalization has occurred offline.”

Therefore, May’s plan on requesting encryption service providers and messaging applications such as Whatsapp and Telegram to install backdoors in order to surveil hundreds of millions of mobile users would likely do more harm than good. It will place the privacy of millions of British mobile users under jeopardy.

Essentially, May’s strategy is to implement backdoors on messaging applications to enable law enforcement agencies including the MI5, the United Kingdom’s domestic counter-intelligence and security agency, to surveil on potential suspects.

However, cyber security expert Jennifer Arcuri stated that the implementation of backdoors would leave messaging apps vulnerable to hacking attacks and grant access to others apart from the MI5. In fact, it is possible that terror attacks can be carried out by hackers that exploit the encryption vulnerability or backdoor on messaging apps if they are built upon the request of the government.

Still, discussions on implementing backdoors on messing applications are being pursued, mostly because Westminster terrorist Khalid Masood utilized Whatsapp almost immediately before carrying out the horrific attack that led to the deaths of multiple British citizens.