UK Home Secretary Amber Rudd says it’s “unacceptable” authorities can’t bypass encryption
The debate over whether authorities should have the means to bypass encryption under the ruse of national security has been reignited after UK Home Secretary Amber Rudd says it’s “completely unacceptable” the government cannot easily access communications.
Critics will note government calls to expand intrusive surveillance measures often follow terrorist attacks like the tragic events in London which resulted in five deaths and over twenty injured last week after ISIS fanatic Khalid Masood plowed his car into pedestrians on Westminster bridge and murdered heroic Police Constable Keith Palmer – who defended Parliament with his life.
“It is completely unacceptable. There should be no place for terrorists to hide,” says Rudd. “We need to make sure that organisations like WhatsApp, and there are plenty of others like that, don’t provide a secret place for terrorists to communicate with each other.”
Without the need for extended surveillance measures, Masood was placed on a terror watch list in the past but was removed in what’s proven to be a devastating error. The focus should be on why he was no longer deemed a threat, and not using public fear to pass intrusive legislation.
Similar to Masood, authorities had sufficient intelligence to highlight Amri as a threat
Rudd is summoning the leaders of technology companies to a meeting on Thursday 30th March to discuss the best course of action. She hopes to persuade companies to cooperate voluntarily without the need to pass legislation forcing them to comply but refused to rule out doing so if agreements cannot be reached.
“These people have families, have children as well,” she added. “They should be on our side, and I’m going to try to win that argument.”
In the days following the London attack, the Met Police reported 2,700 items including "massive amounts of computer data" were seized in searches at 16 properties with 5 searches ongoing. A 30-year-old man was arrested in Birmingham on Sunday on suspicion of preparation of terrorist acts, making him the 12th person to be held over the incident.
Although unconfirmed, there’s likely a correlation between the computer data seized and the arrests made which could help Rudd’s case. However, all but two people have since been released from police custody which indicates either their innocence or a lack of evidence to prosecute.
It emerged yesterday, following a parliamentary inquiry, that Anis Amri, the perpetrator of the attack on a Christmas market in Berlin last year which killed 12 people, was known to be planning to carry out a suicide attack nine months before it occurred. The German equivalent of CID even warned in a confidential memo to regional authorities last March that it had intercepted communications indicating Amri was planning a suicide attack and recommended him to be deported.
Government calls to expand intrusive surveillance measures often follow terrorist attacks like the tragic events in London
The state government of North Rhine-Westphalia ruled that an order to expel Amri was not legally enforceable and he was allowed to roam freely before carrying out the expected attack. Uwe Jacob, head of the North Rhine-Westphalia Landeskriminalamt, said he and his staff suspected Amri was behind the Berlin attack the moment they heard of it. “Our immediate reaction was please don’t let it be Amri,” Mr Jacob told a parliamentary inquiry.
Similar to Masood, authorities had sufficient intelligence to highlight Amri as a threat but a failure to act on the information led to lives being lost or individuals left with serious injuries.
"It is right that technology companies should help the police and intelligence agencies with investigations into specific crimes or terrorist activity, where possible,” said Jim Killock. Executive Director of the Open Rights Group. “This help should be requested through warrants and the process should be properly regulated and monitored.”
"However, compelling companies to put backdoors into encrypted services would make millions of ordinary people less secure online. We all rely on encryption to protect our ability to communicate, shop and bank safely."
Putting deliberate vulnerabilities in apps will leave them vulnerable to being exploited by parties outside the government. After the recent WikiLeaks dump, we know the CIA and the GCHQ discovered vulnerabilities in a range of devices and rather than disclose them, hoarded them for use in their own operations.
Where a threat is suspected, it’s clear security agencies have more than enough powers to obtain the information they need after the correct warrants are obtained. What’s less clear is whether the intelligence could be used to better prevent known threats such as Masood and Amri from endangering others.
Do you think authorities should be able to bypass encryption? Share your thoughts in the comments.
- » T-Mobile and Sprint merger nears completion after federal judge approval
- » 5G to take consumer market by storm in 2021, Omdia predicts
- » BT says the UK gov's decision to limit Huawei gear will cost it £500m
- » Huawei: Hey FCC, can you stop calling us a national security risk?
- » Bipartisan US delegation express Huawei concerns during Munich Security Conference