The Gov’t Wants To Outlaw Encrypted Messaging In iMessage, WhatsApp, Signal, Wickr, Telegram…

The government really, really wants to be able to access your private conversations

Image Credits: matejmo / Royalty-free.

If you ever use the encrypted messaging options on programs like iMessage, WhatsApp, Signal, Wickr, Telegram, or any other service, your time to discuss things privately over the phone may be running out.

The US government doesn’t like for anything to get in the way of their ability to spy on investigate even the most mundane of conversations.

Instead of seeing privacy as a right, they see it as suspicious. Your devices are already being searched at quadruple the previous rate in airports. And the attack on free speech is now going as far as our private messages to our friends and family.

Because the only reason we’d want privacy is that we’re criminals

This was the topic of a National Security meeting last week.

The encryption challenge, which the government calls “going dark,” was the focus of a National Security Council meeting Wednesday morning that included the No. 2 officials from several key agencies, according to three people familiar with the matter.

Senior officials debated whether to ask Congress to effectively outlaw end-to-end encryption, which scrambles data so that only its sender and recipient can read it, these people told POLITICO. Tech companies like Apple, Google and Facebook have increasingly built end-to-end encryption into their products and software in recent years — billing it as a privacy and security feature but frustrating authorities investigating terrorism, drug trafficking and child pornography. (source)

So, which government agencies are hot to make encrypted messages illegal?

The DOJ and the FBI argue that catching criminals and terrorists should be the top priority, even if watered-down encryption creates hacking risks. The Commerce and State Departments disagree, pointing to the economic, security and diplomatic consequences of mandating encryption “backdoors.”

DHS is internally divided. The Cybersecurity and Infrastructure Security Agency knows the importance of encrypting sensitive data, especially in critical infrastructure operations, but ICE and the Secret Service regularly run into encryption roadblocks during their investigations. (source)

It looks like the simpler answer is the few who understand there are reasonable, non-criminal uses.

There are plenty of legitimate reasons we might want to encrypt our conversations.

Of course, we know there are dozens of reasons we might want to use the encryption function on our favorite messaging apps. For example, when I was recently traveling in Europe, I needed to give my daughter credit card information to pay a bill for me. I used the encryption function on Telegram to send it because who wants that out there floating around?

Indeed, there are many legitimate reasons to use end-to-end encryption.

A ban on end-to-end-encryption would make it easier for law enforcement and intelligence agents to access suspects’ data. But such a measure would also make it easier for hackers and spies to steal Americans’ private data, by creating loopholes in encryption that are designed for the government but accessible to anyone who reverse-engineers them. Watering down encryption would also endanger people who rely on scrambled communications to hide from stalkers and abusive ex-spouses. (source)

And…you know… maybe what you’re talking about is nobody else’s business.

And, of course, there’s the fact the unpopular speech is at great risk right now.

It would be difficult to overstate the importance of free speech, and anyone who has been paying attention knows that the Gods of the Internet have been doing their best to stifle it. They’ve purged many dissenting voices over the past year and that witch hunt shows no sign of slowing down soon, particularly with the next presidential election coming up.

China is a perfect example of why we need to be able to access encryption. Joel Wallenstrom, the CEO of uber-secure messaging platform Wickr, spoke to Zac Doffman of Forbes.

In his view, “lines in the sand” and “folded arms” on the part of governments need to be avoided, with China, North Korea and Iran “not the countries we want to emulate as far as technology is concerned.”

The example of WeChat in China is especially relevant, where the authorities monitor message traffic on a fairly open basis, with immediate sanctions for misbehavior.

As the 30th anniversary of Tiananmen Square approached, it was reported that WeChat users found “keywords or pictures related to the event have been almost instantaneously deleted, with their posters sometimes summarily blocked. On the days of the anniversary itself, users were not even able to change their avatars.”

And there were many similar stories from the recent public protests in Hong Kong. (source)

We’ve all heard stories about social media shadow banning certain activists or articles. Imagine if they could also shadow ban your private conversations.

Governments have suggested a “ghost protocol” and tech companies have declined.

The government really, really wants to be able to access your private conversations and have suggested that tech companies create a sneaky little back door to do so if encryption isn’t outright banned.

Earlier this month, a coalition of technology companies, privacy experts and human rights groups published an open response to a discussion document from U.K. spy agency GCHQ that suggested the idea of a ghost protocol to enable “an extra end” in end-to-end encrypted messaging, allowing governments (when required) to listen in.

The response from the likes of Apple, Microsoft, Google and WhatsApp was blunt: “It would undermine the authentication process… introduce potential unintentional vulnerabilities, increase risks that communications systems could be abused or misused… It will not matter that conversations are protected by encryption. Communications will not be secure.”

“The ghost protocol idea has been proven over and over to be unsustainable,” Wallenstrom told me. “Deciding who gets access to this kind of [intercept] technology means we’re in the business of determining who’s good and who’s bad.” He also pointed out that removing privacy protections opens up content so the platforms themselves can “go snooping through user data.” (source)

The Center for Strategic International Studies has a 50-page report on the downside of banishing end-to-end encryption for everyday users.  They point out that China and Russia already “use a wide range of techniques to ensure they maintain access to data and communications.”  But according to their report, this would have little to no effect on terrorists, who distrust Western encryption anyway and rely on burner phones, couriers, and codes when they want to evade surveillance.
From the report:

This reminds me of that quote by Cardinal Richelieu, who said in the 1600s, “If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.”

If you don’t have anything to hide…

Really, I think this is just another attack on personal privacy which will lead to a crackdown on dissenting opinions. But ignorant, fearful people will say “If you don’t have anything to hide, you don’t have anything to worry about.”
We always have something to worry about from those who wish to limit privacy. Always.