David Cameron has said he will legislate to eradicate the encrypted ‘safe spaces’ where terrorists can plot their attacks online. But how would a ban on encryption work, and could it pit the government head-to-head against Apple and other web giants?
With Europe reeling from last week’s terrorist attacks in Paris politicians are calling for greater state surveillance powers to prevent a recurrence. It’s been raised in France, Italy, the US and now Britain.
Yesterday David Cameron pledged that if the Conservatives win the next general election they’ll introduce laws allowing the government to access any encrypted messages . The idea is that terrorists will not be able to use the web to secretly plot attacks.
“In our country, do we want to allow a means of communication between people which even in extremis, with a signed warrant from the home secretary personally, that we cannot read,” he asked.
“My answer to that question is: ‘No we must not’.”
But his proposal lacks detail and raises questions not only in terms of privacy but also logistics. It’s impossible to ban encryption totally, as secure email, mobile phones, online shopping and banking all rely on it. We each use encryption daily. And the appeal of apps such as Apple’s iMessage is not just that they are secure, but that the companies themselves cannot access messages even if they want to. They’re for the eyes of the sender and the recipient only.
Any kind of exemption for existing services, of course, would render the whole thing useless – so could end up in a situation where tens of thousands of otherwise innocent Snapchat, WhatsApp or Skype users are clogging up the courts. In practice, Government seems more likely to demand that any encrypted services adapt to allow access when required. But many big technology companies, such as Apple, have already said they would refuse such requests. The Edward Snowden revelations, however, indicate that this has not always been the case for all companies.
Chief executive Tim Cook boldly said last year: “I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.”
Would the UK really end up in a situation where it effectively banned Apple’s FaceTime and iMessage because the company refused to install a backdoor for spies? It seems unlikely, but if the proposed laws were passed and Apple refused to back down, it could result in just such a standoff.
There’s already legislation that can force UK citizens to disclose the private key – essentially the password – to any encrypted message with a court order. And refusing to hand it over is no easy loophole: you can be jailed for up to two years.
What Cameron is after, essentially, is the ability to look at any message, at any time. It isn’t clear how he’ll get it.
This article was written by Matthew Sparkes Deputy Head of Technology from The Daily Telegraph and was legally licensed through the NewsCred publisher network.