Within an open letter to global tech companies, the governments of seven countries demanded a paradoxical request: to put a stop to end-to-end encryption while upholding user privacy.
The pleas, emerging from the UK, the U.S., New Zealand, Canada, India, Japan, and Australia, came in an apparent effort to crack down on child sexual exploitation, violent crime, and terrorist propaganda and attack planning.
“We owe it to all of our citizens, especially our children, to ensure their safety by continuing to unmask sexual predators and terrorists operating online,” the U.K.’s home secretary, Priti Patel, affirmed in a statement. "It is essential that tech companies do not turn a blind eye to this problem and hamper their, as well as law enforcement’s, ability to tackle these sickening criminal acts," she added.
A Catch-22
While admitting that encryption is paramount in protecting personal data and cybersecurity - and even applauding the tech for aiding dissidents and journalists within authoritative regimes - the joint statement claims that end-to-end encryption in particular poses "significant challenges."
Instead, the governments call for an alternative to the kinds of encryption that law enforcement cannot break - even going as far as to suggest a backdoor for legal access. This isn't just confined to tech websites either; the joint statement highlights device encryption as well as custom encrypted applications.
For cryptographer and cypherpunk Dr. Adam Back, end-to-end encryption isn't something that can be undone or subverted. The CEO of Blockstream told the BTC Times:
Encryption backdoors were rejected 20 years ago during the encryption battles, now we have end2end secure apps, there is no way the encryption genie can be re-bottled in a democracy, society just won't wear it.
However, the governments tread warily, adding the proviso that access shouldn't reduce privacy or security. And that entry should be allowed only where authorization is "lawful" and subject to the utmost safeguards and oversights.
The problem is, no such system really exists.
An encryption protocol that opens the door to one will feasibly enable access to all and become a target for sophisticated hacking attacks, ultimately degrading privacy and endangering the safety of users - opposite of what the governments supposedly aim to preserve. But that isn't stopping the European Union.
In June, following a webinar on preventing and combating child sexual abuse, several technical "solutions" for contending end-to-end encryption were offered. However, to no great surprise, the means of gaining "lawful access" invariably tendered invasive client side-scanning techniques, in which every file or message is vetted before sending - essentially rendering the basic principles of end-to-end encryption entirely useless.
"It is disproportionate, and also quite tone-deaf in the wake of the illegal mass eavesdropping that Edward Snowden's whistle-blowing exposed. The wiretapping is against the public interest, and were even only recently ruled illegal by courts in the U.S. - the U.S. establishment floating pleas for help with backdoors couldn't be more mistimed or misplaced," Back argued.
Safety Through Surveillance?
Though somewhat bizarre and ill-informed, the government's request isn't without some semblance of justification.
Per the joint statement, in 2018, Facebook Messenger was responsible for nearly 12 million out of the 18.4 million reports of child abuse material worldwide. The governments argue that with end-to-end encryption implemented on platforms such as Facebook, detecting child abuse and compiling these reports would be next to impossible.
Despite the direct callout, it seems Facebook won't be chucking out plans for end-to-end encryption any time soon.
"We've long argued that end-to-end encryption is necessary to protect people's most private information. In all of these countries, people prefer end-to-end encrypted messaging on various apps because it keeps their messages safe from hackers, criminals, and foreign interference,” Facebook said in a statement provided to the BTC Times, adding “Facebook has led the industry in developing new ways to prevent, detect, and respond to abuse while maintaining high security and we will continue to do so."
What will follow the joint letter by the seven governments is unclear. But what is clear as day is that any attempt to enforce weakened end-to-end encryption will be met with vocal objection and a clear message: end-to-end encryption with backdoors defeats the purpose of end-to-end encryption.