There is an ongoing discussion in the UK between the government and tech companies regarding the future of end-to-end encryption. Here are my thoughts…
For those not aware of the debate – senior figures in the UK government, including the new Home Secretary, have expressed support for the limiting of encryption.
The argument behind the so-called ban on end-to-end encryption is that the current anonymity measures allow for child pornography and organised terrorism to thrive.
The solution, proposed by government figures, involves compelling tech companies to create a ‘backdoor’ into private communications – exclusively for the police and counter-terrorism officers.
Tech businesses, including Neuways, are concerned by this stance.
Our main concern is that one person’s backdoor is a cyber criminals’ cat flap.
Cyber crime is a lucrative business nowadays, and encryption is one of the key weapons in the cyber security arsenal. And, as is often the case, criminals are always one step ahead of the tech businesses. Watering down encryption is a signal to cyber criminals that the UK is open for exploitation.
Cyber criminals are not simply ‘script kiddies’ anymore, or simple agitators with a talent for leaking secure information – they are organised crime rackets that can bankrupt entire businesses or even ransom entire cities’ personal data.
To assess this objectively, we need to return to why encryption is important and why we use it.
In short, it is designed to prevent individuals from accessing data they have no right to access. Whether it’s day-to-day personal data, governmental, banking, or even healthcare data – any attempt to weaken encryption is a mistake.
The Australian government introduced a similar policy last December. This law compels tech companies, upon request, to create a security vulnerability which can be exploited by investigators for access to an individual’s communications – without their permission or knowledge.
We are yet to see the full extent of what this law means for cyber security in Australia, but the early signs are that tech companies like Microsoft are increasingly reluctant to store data in Australia if they are demanded to create vulnerabilities in their own cyber defences.
Neuways is a big supporter of end-to-end encryption and any attempts to limit or curb the use of encryption must be treated with great scrutiny.
We would, however, support access to personal data on a case-by-case basis that has the full backing of a robust legal process.
Who knows what the future holds for encryption in the UK. One thing is for certain however…
Until concerns over the security of any proposed ‘backdoors’ are sufficiently dealt with then banning or limiting encryption, in any capacity, is going to be a difficult sell, regardless of who is in government.