UK Home Secretary Amber Rudd is pitching for a compromise so that the government can obtain metadata from social media companies and preserve end-to-end encryption at the same time.
Amber Rudd says she doesn’t need to understand end-to-end encryption to know that it helps terrorists and criminals.
Speaking at the Conservative party’s annual conference in Manchester, Rudd said that while end-to-end encryption is important, she wants a way out so that the government can have some access to communications but isn’t getting much help from social media companies.
When questioned about her understanding of how end-to-end encryption works, Rudd said that she doesn’t have to understand it completely because she knows for a fact that it helps criminals.
However, she said that while it is easy to allege that her colleagues do not have an in-depth understanding of the concept, they are doing their best to understand it.
“I don’t need to understand how encryption works to understand how it’s helping, end-to-end encryption, the criminals,” she said. However, moments later, she changed her course and said that while encryption is important, all she needs is access to some metadata.
“I understand the principle of end-to-end encryption and the fact it can’t be unwrapped… There are other areas, to do with metadata…to do with other access that could help and we don’t get that help,” she said.
While she may be gunning for a way out, the only way out at the moment is weakening encryption controls or creating backdoors so that encrypted communications can be decrypted and handed over to government agencies.
Both UK-based enterprises, as well as multinational entities which hold customer data in the UK, have resisted previous attempts by the government to bypass encrypted customer data, fearing that such backdoors will also be exploited by hackers and enemy states.
According to information obtained by Sky News earlier this month, WhatsApp decided not to create a backdoor to help government agencies access encrypted messages that may help the latter prevent terrorist attacks.
At the moment, the information that WhatsApp can, and does, provide to authorities includes the name of an account, the date it was created, the last time it was accessed, the IP address of the device which was used to access it and the associated email address.
However, considering that Ms Rudd is gunning for more, it seems the government won’t relent until it is able to read everything that is posted by social media users on various platforms.
“What Ms. Rudd fails to understand is that encryption is fundamental to the success of the UK economy, from banking to trading to e-commerce, and encrypted messaging apps are just the tip of the iceberg,” said Kevin Bocek, Chief Cyber-Security Strategist at encryption experts Venafi.
“Ms Rudd has highlighted her own shortcomings in understanding the basic workings of encryption. The ‘reality’ of end-to-end encryption means tech companies are unable to give access – it is not simply ‘theory’ but the laws of mathematics that make breaking encryption impossible without a backdoor which leaves systems accessible to cybercriminals alongside law enforcement.
“Ms Rudd is proposing to make the public safer from terrorists – with no proof removing encryption will have an impact – while leaving them at the mercy of cybercriminals,” he added.
By talking about a compromise, Rudd is essentially reiterating what she said in May in the aftermath of the Manchester terror attacks. While she initially lashed out at the likes of WhatsApp and Facebook and termed usage of end-to-end encryption by social media firms as “completely unacceptable”, she later turned around and clarified that she never asked for a complete ban on encryption.
“What I have always said is the internet provides an incredibly important place for people to do business, encryption is important for banking, for everything else as you say. But we need to do better to stop terrorists being able to use it,” she said on the Andrew Marr show.
“We are making good progress with the firms that have put in place end-to-end encryption. Some of them are being more constructive than others, but we will continue to build on that. The area that I am most concerned about is the internet companies who are continuing to publish the hate publications, the hate material that is contributing to radicalising people in this country,” she added.