This article was published on August 1, 2017

The UK home secretary is wrong: ‘real people’ need end-to-end encryption


The UK home secretary is wrong: ‘real people’ need end-to-end encryption

Today, Amber Rudd, the UK’s home secretary and MP for Hastings and Rye, published an op-ed in the Daily Telegraph newspaper that argued ‘real people’ don’t require end-to-end encryption, and terrorists are the only benefactors of the feature in WhatsApp.

Rudd acknowledges that encryption is a fundamental part of the current technological landscape, and without it, many things we take for granted would simply be inviable, saying:

Encryption plays a fundamental role in protecting us all online. It is key to growing the digital economy, and delivering public services online.

She also notes that the government isn’t against encryption per se:

To be very clear – Government supports strong encryption and has no intention of banning end-to-end encryption.

But here’s where her argument goes off the rails, as she makes the case that ‘real people’ don’t actually want secure communications. They’re only concerned about functionality.

I know some will argue that it’s impossible to have both [encryption and access to data] – that if a system is end-to-end encrypted then it’s impossible ever to access the communication. That might be true in theory. But the reality is different. Real people often prefer ease of use and a multitude of features to perfect, unbreakable security.

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Oh dear.

Firstly, let’s bring up the ultra-condescending ‘real people’ bit, which implies that anyone with an interest in privacy and security is some kind of curtain-twitching paranoiac. This has gone down about as well as a sloppy, diarrhetic deuce in a swimming pool.

Let’s point out the obvious: there are a lot of awful, repressive, authoritarian regimes that use surveillance as tool to control their citizens. These people are real, and they need end-to-end encryption to communicate safely.

Rudd mentions that she’s not trying to ask technology companies to ‘break encryption or create so called “back doors”.’ She just wants communications to be accessible on a central server, which can be then obtained by a court order.

That sounds reasonable, if you assume that technology companies will only work with liberal democracies with a strong human rights track record.

But as we saw last month, with Apple’s embarrassing acquiescence to China by removing VPN software from the App Store, this isn’t always the case.

And what about ‘real people’ in Rudd’s own country? As someone with a pulse, and resident in the UK, I’d like to think I more than fit the bill to answer this question.

I rely on end-to-end encryption to do my job. As a reporter, I often have to speak to sources who wish to remain anonymous, or could find themselves in hot water (either legally, or with their employers) should their identities become known.

My Twitter DMs are open, and my email is easily found online. That said, it’s not uncommon for someone to get in touch, only to ask for my phone number, so they can message me via the encrypted Signal chat application.

And then there’s the fact that people use messaging apps to do things that are, well, private. I wonder how many raunchy pictures are sent across WhatsApp every day? I imagine it’s a lot. I wonder how many people send their bank details through the network, in order to chase up bills, pay rent, or get reimbursed for rounds in the pub?

Again, I imagine it’s a lot.

Then we have to address the idiotic statement that Brits are more interested in ease-of-use and extra features than they are in privacy and security, as if it’s an either-or scenario.

It’s not. WhatsApp has end-to-end encryption. I don’t think anyone could argue that it’s short of bells-and-whistles. It’s got video and voice calls and emoji. The whole shebang. The same is also true of Signal and iMessage.

Rudd concluded her article by saying that any future strategy relies on “mature conversations between the tech companies and Government.” Let’s hope that those mature conversations involve people in Government who actually know what they’re talking about – and not politicians looking to score cheap points by scaring people.

Get the TNW newsletter

Get the most important tech news in your inbox each week.