Terror attacks in recent times have become the strongest rallying point for governments around the world to snoop on their citizens. The individual privacy has been compromised in the guise of enhancing security and government agencies are now able to access private communications from popular services like WhatsApp, Skype and Gmail. A serious security question now is: Can end-to-end encrypted messaging services be intercepted and, if possible, what are the circumstances that warrant such intrusion?
If one is to go by common understanding, an end-to-end encryption service means nobody except the end receiver can read the message sent by the sender via the communication channel. And, even the firms which offer such service cannot read it. Now, if WhatsApp is not aware of your secrets, it means even the FBI, GHCQ or some other intelligent agencies are also in the dark.
As technology is becoming more privacy-friendly and hard to crack, the governments are more anxious to read into what goes within the communication channels. In 1994, the United States passed a law called CALEA to give authorities the permission to wiretap communications of businesses and to probe crime suspects. Now, the FBI is demanding to apply the same rule to online services. Recent reports said that the National Security Agency is working hard to crack VPNs and the encryption protocols that are used by popular chat services like Skype. After the attack on Charlie Hebdo office in Paris, British Prime Minister David Cameron is calling for a ban on encryption of chat messages as part of the country’s anti-terror law with regards to the Internet.
End of online privacy?
The biggest concern over the crackdown on encryption services is that it would seriously violate Internet freedom. A crackdown on encryption will lead to elimination of any possibility of a foolproof cyber security system. Any attempt for security downgrade to basic encryption level at this juncture is unlikely to succeed, nor is a safe approach.
Businesses that implemented end-to-end encryption system have invested heavily for making security their biggest assets. End-to-end encryption system involves extra computation for both clients to negotiate keys and also to actually encrypt or decrypt, which then translates to slower response accompanied by lower battery performance on mobiles devices, among other issues.
Authorities across the world are now suggesting the use of backdoors in encrypted software for reading communications of journalists, dissidents, whistleblowers and activists. However, if such software ends up in the wrong hands, it could be dangerous to users’ privacy and security.
Therefore, banning encryption technology altogether is impossible, at least from the user point of view. As most of the messaging mobile apps are not developed in the United Kingdom, they are out of the government’s jurisdiction. And, in the absence of a global law for data privacy, companies are unlikely to give up their investment in security system for their users. If Cameron’s proposed legislation becomes a reality, messaging services like WhatsApp, Telegram and iMessage would be required to come up with major changes in their services for them to do business in the United Kingdom.
Eventually, under extreme pressure, some of the world’s most popular digital services and products could stop offering their services to users in the UK. Acknowledging the complex chain of commercial interests involved in communication technology, it would be safe to conclude that online messaging services or chat services should remain private, at least for now.