British Prime Minister David Cameron is reportedly set to ask President Barack Obama to apply pressure to U.S. tech firms that offer fully encrypted communications, to compel them to break the encryption to aid investigations.
Cameron said a few days ago that, if re-elected in May, he will “not allow modern forms of communication to be exempt from the ability, in extremis, with a warrant… to be exempt from being listened to.”
After people drew the logical conclusion that this meant banning communications that use strong, end-to-end encryption, Cameron’s office gave off-the-record briefings claiming he was misunderstood and would not ban encryption or encryption-using internet companies from plying their trade in the U.K., but that he was rather talking about using existing powers and getting communications providers to comply with existing laws.
Nice try. “Getting providers to comply” is in line with what British intelligence chiefs have been calling for – the backdooring of services such as [company]Facebook[/company]’s WhatsApp and devices such as [company]Apple[/company]’s iPhone, to which the companies themselves cannot currently hold the keys. If the companies are forced to do this, it still effectively amounts to banning proper strong encryption, because it would force the companies to abandon or break such technology. (And even if this happens, tools such as PGP that have no underlying company to serve with a warrant will still let people communicate in secret.)
But anyway, this much has been pointed out before — see the earlier crypto wars — and no doubt will again. So Cameron is in Washington on what was meant to be an electioneering “pose with Obama” trip, before its nature was altered by last week’s Paris attacks. According to reports in the Guardian and Wall Street Journal, Cameron wants Obama to “more publicly criticize” Facebook and the like for rendering court orders pointless.
The U.S. Department of Justice also wants backdoors, and it’s trying to use an 18th-century federal law called the All Writs Act to compel Apple to aid criminal investigations involving encrypted iPhones. At the same time, though, Obama is under pressure from the other side. Companies such as Facebook are furious that Edward Snowden’s revelations of NSA surveillance have damaged the image of U.S. tech firms in the eyes of the world and weakened internet security in general – hence the fact that WhatsApp now offers end-to-end encryption to users of its Android app.
According to the WSJ, in addition to urging Obama to pick sides, Cameron also wants companies such as Facebook to “proactively monitor their users to spot budding national security threats.”
The U.K. is already demanding that these companies store and offer up records of users’ communications metadata – a mass surveillance program covering who contacted whom and when, as opposed to the contents of communications that Cameron now wants for targeted investigations. This became part of British law (albeit only until the end of 2016) thanks to the “emergency” Data Retention and Investigatory Powers Act (DRIPA) that was rushed through in July 2014.
The Counter-Terrorism and Security Bill, which is currently going through the legislative process in Parliament, would also compel online communication service providers such as Facebook to keep data showing who used which IP address and at which point in time, so that the U.K. authorities can more accurately identify people who break the law online.