So, over the weekend the British Home Secretary, Amber Rudd pointed out that the Westminster terrorist had been speaking to somebody just before then attack using WhatsApp messenger. Of course, there is no way for the information to be intercepted as WhatsApp uses end to end encryption so the data cannot realistically be intercepted by security services. Now Ms Rudd claims that there should be a way that organisation with judicial authority should be given access to the encrypted data, and that the tech companies should cooperate to help with this task.
Now what you can take away from this is that the Secretary of State in charge of UK homeland security for all its citizens is asking for the tech companies to weaken encryption which could have a devastating effect in the long run for digital security. Now obviously, everything possible needs to be done to try and stop these horrendous crimes form taking place and clearly no tech companies are helping these people to facilitate their crimes. Something must be done to try and come up with a solution that stops potential criminal activity being organised through secure applications and the privacy of individuals that will stop hackers having a field day.
So, what can be done, as we saw last year, tech companies are unwilling to create back doors for governments to gain access to locked and encrypted devices. This was proven with the Apple vs FBI IPhone case. You need to have strong encryption especially when devices are used to transfer financial and payment information but doing so especially with programs that use end to end encryption basically does give criminals an undetectable haven to organise any activities they wish. I really do not think currently there is a solution to the problems. Maybe as bot architecture improves there will be a way identify and intercept possible suspect conversations. Online privacy is a minefield and one that needs to be walked over very carefully.
Another thing that could throw a spanner in the works on this issue is, who would have access to the data. Now I am guessing in the UK it would be accessed by GCHQ, but who would have the authority to request the data. I know with the new UK data retention and investigatory powers act, it is basically every UK government department and their brother can request your data. I mean I understand the Home Office may need potential incriminating data about you, however I find it a bit much that the Food Standards Agency needs to know what I bought my wife off Amazon for her birthday.
So, this story has a lot of running still to do and I am sure there will be plenty of talking form lawyers of all sides before anything happens on this one. Strong encryption needs to stay to protect people’s privacy but to offset that with the need for law enforcement to get much needed data, I do not have a clue.