Officials push Facebook for way to peek at encrypted messages
SAN FRANCISCO, United States — Officials are calling on Facebook not to use encryption in its messaging services that does not provide authorities a way to see what is being sent.
The request was made in a letter signed by US Attorney General William Barr, British home secretary Priti Patel and Australian minister for home affairs Peter Dutton.
Article continues after this advertisement“We are writing to request that Facebook does not proceed with its plan to implement end-to-end encryption across its messaging services… without including a means for lawful access to the content of communications to protect our citizens,” said a copy of the letter obtained by AFP and dated October 4.
The letter called on Facebook and other companies to make sure messaging systems were not so well-encrypted that law enforcement couldn’t see “content in a readable and usable format” when needed.
The request, addressed to Facebook chief Mark Zuckerberg, raises anew the conflict between technology firms intent on protecting user privacy by scrambling messages with encryption, and government agencies contending that doing so would let wrongdoers hide their schemes.
Article continues after this advertisementThe leading social network already encrypts WhatsApp messages from end-to-end — meaning only the sender and recipient can read the message, which is saved in encrypted form — and is working to extend the technology to other apps in its family, including Messenger.
End-to-end encryption protects the messages of over a billion people every day, according to Facebook.
“It is increasingly used across the communications industry and in many other important sectors of the economy,” Facebook said in response to an AFP query.
“We strongly oppose government attempts to build backdoors because they would undermine the privacy and security of people everywhere.”
During a live-streamed question session with employees, Zuckerberg said the company recognized the challenge in balancing privacy with fighting crimes such as child exploitation and terrorism, and was working with authorities to get it right.
“Having the availability to look at the content is a useful signal, and when you lose that you are fighting that battle with at least a hand tied behind your back and you hope there is a lot of good stuff you can do with your other hand,” Zuckerberg said.
He felt the scale was still tipped toward encryption, which can help protect journalists, political protesters, and others.
Privacy has been a sore point for Facebook, and users have been clamoring for encryption of messages, according to Zuckerberg.
Clues such as patterns of behavior and connections between accounts can be used as signals of illicit behavior even if data in messages can’t be seen, he noted.
Scare tactics?
The nonprofit Center for Democracy and Technology (CDT), based in Washington, contended that governments signing the letter were using scare tactics to weaken security of global communications and build in surveillance.
“Strong encryption and end-to-end security are bedrock technologies that keep information safe online,” said CDT senior technologist Hannah Quay-de la Vallee.
“These technologies protect billions of communications every day, from the sensitive correspondence of victims of domestic violence to businesses’ financial records to our private medical information.”
Facebook early this year said it was trying to get its messaging apps to be friends, allowing encrypted missives be exchanged no matter which of its services are used.
The California-based social network is behind free, stand-alone smartphone apps Instagram, Messenger and WhatsApp.
Each service is popular, but users have to be in the same application to exchange messages.
CLOUD Act
The joint letter to Facebook, paired with a freshly signed “CLOUD” data sharing agreement between Britain and the US, should set off “red flags” for citizens in both countries who care about governments monitoring and sharing their communications, the CDT argued.
The CLOUD Act Agreement will allow British and US law enforcement agencies to demand electronic data regarding serious crimes directly from tech companies based in the other country, according to a Department of Justice statement.
The agreement will allow “more efficient and effective access to data needed for quick-moving investigations,” Barr said in the statement.
“Only by addressing the problem of timely access to electronic evidence of crime committed in one country that is stored in another, can we hope to keep pace with twenty-first century threats,” he added.
Facebook interpreted the CLOUD Act to allow technology companies to enable users to have private online conversations and be required to provide available information to valid legal requests — not build backdoors into encrypted systems.
“Creating a law that would mandate weaker and less secure technology is like mandating crumbling sidewalks to prevent criminals from escaping,” said Quay-de la Vallee.
“It’s ridiculous, it won’t work, and it puts us all at far greater risk of serious injury.” /muf