Facebook CEO Mark Zuckerberg has hit back at calls by US, UK and Australian governments to block end-to-end encryption in messaging apps. In doing so, he joins Apple, Google, Microsoft and others who have previously stood up for strong encryption.
As we learned yesterday, the US attorney general and acting head of Homeland Security have co-signed an open letter with the UK’s secretary of state for the Home Office and Australia’s minister for Home Affairs …
The letter was sent to Facebook CEO Mark Zuckerberg, urging him to abandon plans to implement end-to-end encryption as standard across all its messaging apps – or alternatively to build in a back-door for government access.
Although Facebook is the target in this case, authorities have been putting similar pressure on other tech giants whose apps use end-to-end encryption, which include’s Apple’s iMessage and FaceTime.
End-to-end encryption should mean that only chat participants can read the messages, and that the tech companies themselves have no means of doing so. However, the UK government came up with a plan which would subvert this, known as the ‘ghost user’ proposal.
It’s relatively easy for a service provider to silently add a law enforcement participant to a group chat or call. The service provider usually controls the identity system and so really decides who’s who and which devices are involved — they’re usually involved in introducing the parties to a chat or call…. In a solution like this, we’re normally talking about suppressing a notification on a target’s device… and possibly those they communicate with.”
In short, Apple — or any other company that allows people to privately chat — would be forced to allow the government to join those chats as a silent, invisible eavesdropper.
This is what the letter asks Facebook to do if it goes ahead with the switch to strong encryption across all its services.
Enable law enforcement to obtain lawful access to content in a readable and usable format.
Currently, WhatsApp messages use end-to-end encryption, but Facebook Messenger doesn’t unless you select the Secret Chat feature in the mobile app.
Apple, Google, Microsoft and others have previously completely rejected the ghost user idea, arguing that it puts both privacy and security at risk, though Facebook was silent on the issue at the time.
The letter includes the usual justification of fighting terrorism – ignoring the fact that terrorists are exceedingly unlikely to trust any mainstream chat platform – but this time throws in a strong dose of ‘Won’t someone please think of the children?’.
[Strong encryption] puts our citizens and societies at risk by severely eroding a company’s ability to detect and respond to illegal content and activity, such as child sexual exploitation and abuse, terrorism, and foreign adversaries’ attempts to undermine democratic values and institutions, preventing the prosecution of offenders and safeguarding of victims. It also impedes law enforcement’s ability to investigate these and other serious crimes. Risks to public safety from Facebook’s proposals are exacerbated in the context of a single platform that would combine inaccessible messaging services with open profiles, providing unique routes for prospective offenders to identify and groom our children.
Reuters reports Zuckerberg arguing that there are other approaches to protecting child safety which would likely be more effective than banning end-to-end encryption in messaging apps.
He said he was “optimistic” that Facebook would be able to identify predators even in encrypted systems using the same tools it used to fight election interference, like patterns of activity and links between accounts on different platforms.
He also suggested the company might further limit the ways adults can interact with minors on Facebook’s platforms.
The Electronic Frontier Foundation has strongly condemned the letter.
Many people—including journalists, human rights activists, and those at risk of abuse by intimate partners—use encryption to stay safe in the physical world as well as the online one. And encryption is central to preventing criminals and even corporations from spying on our private conversations, and to ensure that the communications infrastructure we rely on is truly working as intended. What’s more, the backdoors into encrypted communications sought by these governments would be available not just to governments with a supposedly functional rule of law. Facebook and others would face immense pressure to also provide them to authoritarian regimes, who might seek to spy on dissidents in the name of combatting terrorism or civil unrest, for example.