The UK governments war on encryption, petitions and more!
Jan 20th 2016
The United Kingdoms prime minister, David Cameron this time last year made a pledge to ban online messaging applications, that offer end-to-end encryption for their users. This includes very common applications used everyday, Snapchat, WhatsApp, iMessage etc.
This pledge caused a large upset around the world, from security researches to every logical human being on the planet understanding that this is ridiculous. Apple CEO Tim Cook gave a strong message about this during his speech at EPIC's Champion of Freedom event in Washington. The war on encryption is not just a fight in the United Kingdom but a war found in governments all over the world.
Strong encryption is used to ensure people or groups you don't trust can't read your messages, steal your passwords or make you think twice about what you may say. The British government wants to take that away from you! They say it's to protect its people but weakening encryption allows other malicious groups to exploit the same weaknesses.
The pledge by David Cameron spawned a petition calling for the "Government to abandon all ideas of trying to ban strong encryption." Something the founders of RaavaVPN immediately signed and shared in the hopes that others would do the same. The petition as it currently stands has reached over 11,000 signatures to date! This petition has recently had an update from the Home Office:
This Government recognises the importance of encryption, which helps keep people's personal data and intellectual property safe from theft by cyber means. It is fundamental to our everyday use of the internet. Without the development of strong encryption allowing the secure transfer of banking details there would be no online commerce. As Baroness Shields made clear in the House of Lords on 27 October 2015, the Government does not require the provision of a back-door key or support arbitrarily weakening the security of internet services.
- Home Office
Clearly as technology evolves at an ever increasing rate, it is only right that we make sure we keep up, to keep our citizens safe. There shouldn’t be a guaranteed safe space for terrorists, criminals and paedophiles to operate beyond the reach of law. The Government is clear we need to find a way to work with industry as technology develops to ensure that, with clear oversight and a robust legal framework, the police and intelligence agencies can, subject to a warrant which can only be issued using a strict authorisation process where it is necessary and proportionate, access the content of communications of terrorists and criminals in order to resolve police investigations and prevent criminal acts.
There are already requirements in law for Communication Service Providers in certain circumstances to remove encryption that they have themselves applied from intercepted communications. This is subject to authorisation by the Secretary of State who must consider the interception of communications to be necessary and proportionate. The Investigatory Powers Bill will not ban or further limit encryption.
The statement is overall very positive, it seems to be a u-turn from the previous pledge to ban encryption. Having said that one particular sentence really stood out to me:
As Baroness Shields made clear in the House of Lords on 27 October 2015, the Government does not require the provision of a back-door key or support arbitrarily weakening the security of internet services.
The reason that this statement stood out to me is because of an article that I recently saw online, regarding the GCHQ's Phone voice encryption which as indicated by the article has a massive security backdoor!
In short, the government is saying that they aren't interested in creating backdoors inside our encryption protocols, while at the same time doing exactly that. The petition is only at over 11,000 signatures at the time of writing I suggest that you go and sign it.