On Sunday, Amber Rudd, the UK Home Secretary, sat on the couch of veteran political broadcast journalist Andrew Marr, and said the following: “We need to make sure that organizations like WhatsApp – and there are plenty of others like that – don’t provide a secret place for terrorists to communicate with each other.”
She added, “It used to be the case that people would steam open envelopes, or listen in on phones, when they wanted to find out what people were doing – legally, through warrantry. We need to make sure that our intelligence services have the ability to get into situations like encrypted WhatsApp.”
Predictably, this has been about as well-received as a turd in a swimming pool. The angry tweeting masses have interpreted Rudd’s remarks to mean that she wishes the UK government would force WhatsApp to cripple its encryption.
Obviously, this is a non-starter.
Encryption isn’t just about ensuring messages cannot be read by a third-party. It also provides assurance that the message hasn’t been tampered with in transit, and that both the senders and receivers are who they say they are.
There’s no way to introduce a backdoor, while also guaranteeing this with an absolute degree of certainty. It just isn’t possible.
Furthermore, given that most social networking sites and messaging apps use open encryption standards, any weakening of these algorithms must logically apply elsewhere, like e-commerce sites and online banking.
Would you be willing to manage your finances over the internet, or send your debit card details over the wires, if you knew that the safety of them could not be guaranteed?
But more troublingly, if a major Western democracy was able to force a popular social networking site to introduce an encryption backdoor, it would set a dangerous precedent.
Other countries would inevitably follow that nation’s lead. Not all of them would be liberal democracies, with a commitment to freedom and human rights.
There’s also no evidence that weakening the encryption on the most popular messaging app would make it easier to fight terrorism. It follows that terrorists would simply move to other, anonymized platforms.
When Twitter took a hard-line against IS-sympathizing accounts, these users just moved to the decentralized Diaspora service.
So, what can be done? Fortunately, there’s a roadmap in this regard.
In 2015, Pakistan’s government tried to force BlackBerry to allow it access to its email and messaging services. What happened next was a showdown between a regional powerhouse, and a struggling Canadian smartphone manufacturer.
Spoiler: BlackBerry won.
It won by demonstrating an absolute commitment to its values. BlackBerry made it clear that it would rather withdraw entirely from the Pakistani market than undermine the security and privacy of their customers.
Two months later, the Pakistani government backed down, and withdrew their request.
I see no reason why this model can’t work elsewhere. And if the UK government wants to try and weaken WhatsApp’s encryption, then Facebook should just say goodbye to blighty.
It’s a small market – especially when compared to the United States, India, and the wider European Union. The loss wouldn’t be too great, and it would send a powerful message of defiance elsewhere.