If you’re using a messaging app that does not use end-to-end encryption (E2EE), your communications could be read by the company whose app you’re using, as well as government authorities and other third parties, who are incentivized to collect as much personal data on you as possible.
Strong encryption makes societies freer and, thankfully, several messaging apps use E2EE to prevent anyone except you and the intended recipient from reading the message’s contents—much to the chagrin of governments and corporations who want to see what you’re writing.
A joint statement: Give us access
Australia, Britain, Canada, New Zealand, and the U.S.—dubbed the Five Eyes Alliance—have banded together with India and Japan to push for access to encrypted messages on apps like Facebook’s Messenger and WhatsApp.
These countries argue in a press release issued this week that the only way to effectively stop criminal activity is to allow governments lawful, warranted access to encrypted messages with a backdoor.
This is the latest in a series of attempts by governments in the Five Eyes to undermine end-to-end encryption enjoyed by hundreds of millions of users, including journalists and citizens who rely on secure communications to report and communicate freely.
[Interested in the latest privacy legislation? Sign up for the ExpressVPN Blog Newsletter.]
In their “international statement,” the seven governments want the tech industry to “ensure lawful access for law enforcement and other competent authorities to digital evidence, including when encrypted or hosted on IT servers located abroad” and to do so “without prohibiting or weakening encryption and in full respect of privacy and fair trial guarantees consistent with applicable law.”
While the press release doesn’t go into technical detail about the requested backdoors, it does outline three measures the countries would like to see implemented:
- Embed the safety of the public in system designs, thereby enabling companies to act against illegal content and activity effectively with no reduction to safety, and facilitating the investigation and prosecution of offences and safeguarding the vulnerable;
- Enable law enforcement access to content in a readable and usable format where an authorisation is lawfully issued, is necessary and proportionate, and is subject to strong safeguards and oversight; and
- Engage in consultation with governments and other stakeholders to facilitate legal access in a way that is substantive and genuinely influences design decisions.
In short, this alliance wants to maintain the integrity of current end-to-end encryption while also fundamentally breaking it.
Countries have tried this before
Realistically, their request is nothing new. Since Edward Snowden’s revelations 2013, intelligence agencies have found themselves more often butting heads with the makers of apps and devices that hold encrypted data. Perhaps the most controversial example of such conflict has been in the case of the 2015 San Bernardino shootings, when the FBI tried to compel Apple to decrypt the shooter’s phones, to no avail.
Snowden brought into sharp relief just how much data governments were collecting and spurred a movement to improve online encryption to the point where no one except the sender and receiver can see the messages being transmitted, i.e., end-to-end encryption (Signal is the messaging app of choice for the security-conscious, you can read why here).
Several countries have already made legal headway into dismantling encrypted messaging on their own. Australia is ahead of the curve, having passed a law in 2018 that requires tech companies to build backdoors into any communication systems, including apps, phones, or web services built in Australia.
The U.S. Senate is also about to vote on a bill that seeks to make tech companies responsible for illegal material posted by their users, meaning they must monitor all their communications.
Like any joint statement from a group of countries, the only meaningful takeaway is that this is what these governments want from companies—it doesn’t mean companies will do anything. The U.S., UK, and Australia also tried this last year, calling for Facebook to build backdoors; this year’s simply has more signatories on the statement.
That is not to say that this statement should be dismissed entirely. Countries like Australia and the U.S. are already enacting their own legislation to compel Facebook and other messaging apps to decrypt their software for law enforcement. In addition to restricting freedom of speech, they are impeding our ability to use the internet as freely and privately as we used to.
Global implications: Everyone loses
With different countries implementing their own sets of laws and regulations for companies to follow, we may see more companies withdrawing services from entire regions. This is a problem, as explained in a recent interview with encryption expert Riana Pfefforkorn:
“Increasing governmental control, regionalization/splintering, and rising censorship all will combine to threaten free speech and the ability of people in different parts of the world to freely exchange communications and ideas with each other.”
Legislation requiring backdoors doesn’t just affect users in the countries enacting them. What’s likely to happen is tech companies will implement changes to their products that will affect all users, unless the company makes different regional versions of their app.
So what can be done?
Pfefforkorn advises speaking out against any bills that seek to undermine your privacy and freedoms, as well as familiarising yourself with censorship-resistant tools like VPNs, open-source encrypted messaging apps, and the Tor browser.
There are unfortunately no shortcuts to protecting your internet freedoms. It takes work to pressure your government to take your internet privacy seriously, persuade your peers to do the same, and prepare yourself for the possibility that these laws will pass. But it’s worth fighting to preserve the internet as it was originally envisioned—open, decentralized, and free.
Comments
Dear Fred, read history and you will aleays see that gpvernments want to have the Control of their citizens. How it‘s work:
Make people afraid: crime, terror, now pandemia….
So people want to be protected and may the price is lost of privacy. In older times the vommunication by letter was well protected by law. Also in this times was crime, war, terror … only by judge could be open the letter. So and now they want to have the right to go in your privacy! Dictatorian greetings from China. Btw this was also in fascist Nazi-Germany the rule. And it‘s a way to dictatorship.
It is so fucking disheartening to see Big Brother coming out of the closet. I’ve been preaching about governments exceeding their mandate and violating our rights all my life! Not living much longer has one benefit, being I won’t have to witness their criminal behavior at it’s most repugnant. Keep up the good fight Great Free People of the World!
Cea mai smecher aplicatie
What countries have the most internet freedom and can’t be bought or bullied by the seven?
Yet Blue Wren will utter no word of protest when Silicon Valley helps build out tech totalitarian and social credit systems for the Chinese. The Seven Nations and the USA are fascist, as compared to whom?
On the other hand, maybe law enforcement simply needs this to do their work, there are many protections in place for non-criminals, and it’s really no big deal. I know that many law enforcement agencies are hamstrung by end-to-end encryption and cannot pursue criminal activity. If they follow procedures to protect citizens, I really don’t see what the problem is. Our tax dollars are paying for the police to do their job; we need the police to do their job; let’s allow them to.
Go get a education in online privacy and then come back here and post comments on this website because you are so uneducated in online privacy and you know nothing about online privacy. Criminals will use the Dark Net/ Deep Web if they can’t use messaging websites/ Programs/ Apps on the Clear Net so there is no point in the Police, FBI, CIA, NSA, Governments and etc… Forcing websites/ Programs/ Apps and etc… To be De-Crypted because it will do nothing. Also I know a dozen other ways criminals could communicate with each other online on both the Clear Net and the Dark Net/ Deep Web, De-Crypting Messaging Websites/ Programs/ Apps and etc… On the Clear Net will only make the Police, FBI, CIA, NSA, Governments and etc… Spy on everyone and invade everyone’s privacy, Not just that but Computer Hackers could also find and get hold of that information and use it against you. So go get a education in online privacy before you post a comment on here.
DOPE ^^^^ is this James Comey? C Wray, Obama ?
Australia is asking for this because we are the lap dog of the United States. Welcome to the smiley face fascism of the Morrison Government.
@Blue Wren,
You OBVIOUSLY wouldn’t know Fascism if it smacked you in the face…probably call yourself a socialist or commie do you ?