UK official wants police access to WhatsApp messages

Credit to Author: John Ribeiro| Date: Mon, 27 Mar 2017 03:26:00 -0700

A senior U.K. official is asking that law enforcement be given access to encrypted messages on WhatsApp and similar services, a demand that is likely to fuel an ongoing debate over whether companies should create backdoors into their encryption technologies for investigators.

Khalid Masood, the terrorist who killed four people outside Parliament on Wednesday, had sent a message on WhatsApp shortly before the attack, according to reports.

“We need to make sure that organizations like WhatsApp, and there are plenty of others like that, don’t provide a secret place for terrorists to communicate with each other,” Home Secretary Amber Rudd said on BBC One’s Andrew Marr Show on Sunday.

“It used to be that people would steam open envelopes or just listen in on phones when they wanted to find out what people were doing, legally, through warranty,” she said. “But on this situation, we need to make sure that our intelligence services have the ability to get into situations like encrypted WhatsApp.”

Rudd told Sky News that end-to-end encryption has its place, but it is not incompatible with providing a system for law enforcement agencies to have access to information with a warrant, if absolutely necessary.

The official is meeting with internet companies on Thursday to set up an industry board to also address the issue of the take down of terrorist content and propaganda on their platforms. The efforts by tech companies have been inadequate, despite an initiative announced last year, Rudd said.

WhatsApp, which was acquired by Facebook in 2014, encrypts end-to-end messages, voice and video calls between a sender and receiver that use WhatsApp client software released after March 31, 2016, using the Signal Protocol designed by Open Whisper Systems.

“This end-to-end encryption protocol is designed to prevent third parties and WhatsApp from having plaintext access to messages or calls. What’s more, even if encryption keys from a user’s device are ever physically compromised, they cannot be used to go back in time to decrypt previously transmitted messages,” according to the messaging platform.

Rudd’s demand for government access to encrypted messages on services like WhatsApp is an echo of a dispute in the U.S. last year between Apple and the FBI, which had asked for assistance from the company to unlock an iPhone used by Syed Rizwan Farook, one of the terrorists involved in an attack in December, 2015 in in San Bernardino, California.

“If I was talking to [Apple CEO] Tim Cook, I would say to him this is something completely different,” Rudd said.

“We’re not saying ‘open up,’ we don’t want to ‘go into the cloud,’ we don’t want to do all sorts of things like that,” she added. “But we do want them to recognize that they have a responsibility to engage with government, to engage with law enforcement agencies when there is a terrorist situation.”

The government would do it all through “carefully thought-through, legally covered arrangements,” she said, while not ruling out other action to force companies to cooperate.

WhatsApp said in an emailed statement it was “horrified” by the attack in London and is cooperating with law enforcement as they continue their investigations.

“Compelling companies to put backdoors into encrypted services would make millions of ordinary people less secure online,” said Jim Killock, executive director of Open Rights Group, in a statement. “We all rely on encryption to protect our ability to communicate, shop and bank safely.”

The privacy and free speech advocacy group said it is right that technology companies should help the police and intelligence agencies with investigations into specific crimes or terrorist activity, where possible. “This help should be requested through warrants and the process should be properly regulated and monitored,” it added.

http://www.computerworld.com/category/security/index.rss