UK Home Secretary Amber Rudd took a very strong position against WhatsApp and other apps providing end to end encryption to their users during an interview on BBC yesterday. She said she finds it unacceptable that terrorists can use that to “hide” and that the security services should be able to access WhatsApp conversations.
It is not my intention to make political criticism in this blog, but this is a very serious issue and it is directly related with my professional interests. I will try to explain why this is a terrible and very dangerous idea, why you should care about it regardless of the country you live in, and why I think you should try to understand it and speak up against it.
1. Finding private texting apps unacceptable is just pointless
Cryptography wasn’t invented by WhatsApp, or Facebook, or Google. It is a branch of mathematics more than anything else, and software engineers merely implement the mathematical algorithms to make practical use of it. The technology is there for anyone to use it, and the mathematical knowledge is there for anyone to find and study it. Even if the government passed a new law and forced WhatsApp to remove the encryption, that would not make the possibility to have private online conversations disappear. There will always be another option, you can’t just make the technology disappear by passing a law.
Rudd’s comment about finding this unacceptable is more or less the same as she saying she finds algebra unacceptable. If tomorrow the government decided to prohibit the study of algebra, that won’t make all of us forget about it and people all over the world keep using it and reading books about it. It is just a pointless exercise. The reasonable thing to do is first, understanding the implications of the use of cryptography, and deal with the reality of it.
Anyone with some knowledge of software development and a very rudimentary understanding of cryptography can create a private texting application. We don’t need WhatsApp for that. Forcing the big companies not to do it won’t stop the terrorists using some other application.
2. The right to have a private conversation is a basic human right
The right to privacy is recognised by the UN, the European Convention on Human Rights and – not surprisingly – the British Human Rights Act of 1998. This includes the right to private correspondence, and there is no reason to think that online correspondence is any different to any other type of communication with regards to our rights.
The Home Secretary, the person responsible for British citizenship issues and for MI5 and MI6, is effectively saying that she finds it unacceptable for a company to provide a product that allows the citizens to exercise a basic human right. This is absolutely outrageous. If people (probably including herself) understood what this actually means and what is at stake there would be no need to have a debate about this.
This kind of idea belongs to totalitarian regimes. Not allowing private conversations is what organisms like Stasi did.
Terrorist attacks are a risk to our security but allowing the government (any government!) to listen to our conversations is a risk to the very existence of our civilization, because it undermines one of basic freedoms that are the foundation of it. If we allow them to take this right from us, which one will be the next one we lose?
3. If we allow it, the terrorist have already won a battle
Aren’t we supposed not to give in to terrorism? To make them realise their attacks are useless, to let them know they won’t achieve anything with violence? Don’t we want to show the terrorist that we are strong and they won’t win?
Well, what message do you think we will be sending if we give up one of our basic freedoms because we fear them? If we allow that, they have won something already, they have made us lose something. It will mean that their attacks were useful in subjugating us, that we are willing to give up our own freedoms in response to their terror strategy. Don’t you think that will encourage them to keep attacking? That would transform terrorism into the most effective tactic ever: in exchange for a few crazy or fanatical and suicidal people, millions of citizens will cede and give up their freedoms out of fear.
Terrorist leaders think they will gain something with their attacks. Prove them wrong.
4. Terrorists don’t need modern texting apps to operate
Some of you might be thinking that’s all very nice and interesting but actually you care more about the safety of your family than about this kind of abstract ideas of freedom. I understand that. Fear is a powerful thing, and more so when you think about your loved ones being hurt.
However, do you really think giving the security service access to WhatsApp conversations will make us safer? As I explained in point 1, terrorist will just use some other app. It is as easy as that. Even more, let’s assume things get really far and smartphones are outlawed. Do you think that will stop anyone who wants to make harm?
Terrorism is way older than WhatsApp, than smartphones, than cellphones… They didn’t need WhatsApp’s private chats on the September 11, March 11 or July 7 attacks. IRA and ETA performed lots of successful attacks for decades here in Europe without any of that. Even if we could somehow prevent terrorists from using cryptography (which we certainly can’t), that woudn’t stop them attacking. That is just wishful thinking of the worst kind.
We need to remove their motivation and willingness to attack. Removing a random technology from the equation won’t solve anything.
5. Criminalising cryptography will only help the criminals
These kind of ideas coming from people in a position of power and responsibility make cryptography look like some criminal tool, something that’s helping terrorists kill innocent people. In fact, cryptography is making us safer and it’s the foundation of online security. It not only allows us to have private conversations, it allows us to buy online safely, it protects our sensitive data from criminals, protects us from identity theft, improves banking security (even if you don’t use online banking), allows the security forces to communicate securely, etc.
As a society, we need to have a balanced view of it and not criminalise its use or study. That will only harm our safety in the long run, and won’t stop the terrorist from using it. Doesn’t the Home Secretary realise that cryptography is not only preventing the security forces to spy on terrorists, but it is also preventing terrorist to spy on the security forces? Even if we could magically make all the cryptography technology disappear tomorrow, what do you think would be a bigger risk, police not being able to read every single text message of potential attackers, or the attackers being able to spy on the secret services, police and military communications?
Criminalising the study, use and advancement of cryptographic technology will only make us more vulnerable, ignorant and fearful in the long run.
6. Closing thoughts
This is probably the most important topic I’ve ever written about. Setting a legal precedent like what Amber Rudd is suggesting would be a blow to the foundations of the free world and its core values. It would be, at best, a minor annoyance for the terrorists. At worst, it would make them stronger in the long term. It would definitely make us weaker.
I do believe that most people that agree with the Home Secretary, or the media that don’t challenge those ideas, do so in good faith. I don’t think they understand the implications or even the technology itself. It is nonetheless irresponsible. I hope in the end common sense and reason will prevail but I believe we all have to speak up and educate our fellow citizens and ultimately our politicians if it is needed.
Please defend your freedoms. Don’t let terrorism and fear win.