Some companies are implementing measures to make sure that their users feel more comfortable with the access they have to their personal information, and even Facebook is jumping on the bandwagon. The social media giant recently announced that it would be implementing end-to-end encryption across its platform, meaning that only the sender and the recipient of any data can read and modify it.
Essentially, end-to-end encryption would stop exactly the kind of data mining and misuse that got Facebook into trouble in 2016 when Cambridge Analytica used its data to tamper with people’s opinions and votes. Most people would assume that encryption of their private data would be an improvement on the security of their accounts – and they would be right. The governments of three countries, however, disagree.
The United States, United Kingdom and Australia are pressuring Facebook to create a backdoor into its encrypted messaging apps that would allow governments to access the content of private communications. Their argument is that the encryption of private messages (and therefore the denial of the content of those messages to governments) would hinder the fight against child abuse and terrorism.
On the surface, their point is well taken. Law enforcement initiatives over the past decade have increasingly relied on digital evidence to prevent and prosecute crime. There are now entire task teams dedicated to infiltrating the so-called Dark Web – the areas on the Internet inaccessible to ordinary people – where cyber criminals hang out and advertise their services. The Dark Web is where human trafficking rings organise their activities and where hackers sell their malware to the organised crime rings and nation states that perpetrate attacks on corporate and government networks.
However, the fact that law enforcement is active on the Dark Web because that is where the bulk of nefarious activities take place negates the argument of the US, the UK and Australia. It is highly unlikely that a child pornography ring would plan to share illicit photos over Facebook Messenger or WhatsApp, or that terrorists would discuss their upcoming plans to bomb a building on these platforms – especially in light of the fact that Facebook does not yet have encryption in place and WhatsApp’s encryption is not as watertight as it should be, allowing criminals to breach it just a few months ago. Russia-based messaging app Telegram, on the other hand, is virtually un-hackable, and there are numerous other secure and encrypted platforms that the man on the street is unaware of.
In a column written for The Guardian, former CIA intelligence analyst and whistle-blower Edward Snowdon points out that the true explanation for why the US, UK and Australian governments want to do away with end-to-end encryption is less about public safety than it is about power: “End-to-end encryption gives control to individuals and the devices they use to send, receive and encrypt communications, not to the companies and carriers that route them. This, then, would require government surveillance to become more targeted and methodical, rather than indiscriminate and universal,” he writes.
“What this shift jeopardises is strictly nations’ ability to spy on populations at mass scale, at least in a manner that requires little more than paperwork. By limiting the amount of personal records and intensely private communications held by companies, governments are returning to classic methods of investigation that are both effective and rights-respecting, in lieu of total surveillance. In this outcome we remain not only safe, but free.”
He adds that “it is striking that when a company as potentially dangerous as Facebook appears to be at least publicly willing to implement technology that makes users safer by limiting its own power, it is the US government that cries foul. This is because the government would suddenly become less able to treat Facebook as a convenient trove of private lives.”
Worryingly, the US and UK governments are in the process of signing a treaty that will require social media companies like Facebook to hand over private messages, without direct instructions from that country’s government. In a nutshell, it will give the UK authorities the right to issue a request that is equivalent to that of a US court; and the US authorities to do the same for a UK court. The two countries have agreed not to investigate each other’s citizens as part of the deal, while the US won’t be able to use information obtained from British firms in any cases carrying the death penalty.
A ban on encryption has already been made law in Australia, with similar laws having been tabled in the UK and under consideration in Germany and the US. While most law-abiding citizens probably won’t have an issue with the fact that their private conversations are available to every government agency under the sun, it opens to door to the kinds of human rights abuses that the CIA and NSA have been accused of in the past. Imagine a 15 year old just starting to figure out his or her political view going a little overboard in some comment to friends. The government could use this as ‘evidence’ of sedition, and charge a teenager for doing no more than voice his or her opinion.
Of course, in the Internet era, it is essential for the people investigating serious criminal matters to have access to vital digital evidence, but demanding that social media platforms serve up all our private communications on a plate is unnecessary. Rather, their investigative techniques should lead them to the specific data they need to make their case, and that data can then be made available to them by the company that owns it. As Edward Snowdon says, if we allow western governments to ban working encryption, “our public infrastructure and private lives will be rendered permanently unsafe”.