You’ve probably seen the encryption notice in the little yellow box on a Whatsapp chat.
“Messages are end-to-end encrypted. No one outside of this chat, not even Whatsapp, can read or listen to them.”
This level of encryption and privacy has never been available to the average citizen before now. It was traditionally the tool of government spies and big banks, but now every global citizen with a smartphone is starting to get privacy and encryption by default in all of their daily communications tools.
On the whole this is a positive development, but it won’t be without its drawbacks and costs. Compared to unencrypted channels like email, text-message and phone calls, modern end-to-end encrypted tools give everyone the same level of privacy – whether their actions are good or evil.
Encrypted messages help activists organise against authoritarian regimes, help journalists and whistleblowers communicate and stops employees in big companies reading our messages, or the companies themselves selling or leaking our message data. Equally, however, it renders invisible the communications of criminals, terrorists and traffickers, to name just a few.
So you can understand why law enforcement agencies are constantly seeking ways to weaken encryption, to legislate that it must only be 99% impenetrable, with the 1% reserved for their access. As Karlin Lillington reports in the Irish Times, “Garda Commissioner Drew Harris has increasingly been floating an argument for back doors. Noting the growing use of encrypted phones by gangs, he said a few times over this year that gardaí need (and expect) legislation that will supply a mysterious “electronic key” to break encrypted devices.”
This effort is, unfortunately, completely misguided. There is no possible way to make end-to-end encryption breakable by one group and not by others. If my government can access my messages, so can foreign governments. If it’s possible for law enforcement to access it, it will inevitably be accessed by criminals.
It is against this backdrop that the European Council of Minister publish a draft resolution calling for a a balance between the security encryption provides to individuals and the wider public security it removes. Many tech and privacy advocates have reacted very negatively to the resolution, seeing this as a call to find ways to break encryption (in a specific and limited way) which could ultimately make us all less safe.
I’m less pessimistic. I was surprised that this is the first resolution from any western Government I’ve seen that doesn’t call for some kind of back-door. The tenor of the resolution seems to recognise that they don’t actually know what to do and are suggesting that groups from industry, academia, law enforcement and industry should be assembled to explore it.
There’s a few interesting approaches that don’t involve breaking encryption, which should definitely be supported and explored. If someone sends you a message containing something illegal, for example, it may have been encrypted in transit from them to you, but now that you have it there’s no reason you can’t share it with authorities. Tools can be made available to make that reporting process easier and more secure.
On the other hand, my optimism could be misplaced. The resolution calls for “technical solutions for gaining access to encrypted data,” which could be the start of a discussion that ends with proposals for breaking encryption, in which case the proposals should be resisted.
Either way, as encrypted messaging becomes the de-facto option for most of the worlds population over the coming years, expect this debate to become a prominent and recurring one.
📰 News
Trump’s next move. Assuming the US courts hold strong and Joe Biden becomes president in January, what does Trump do next? Ezra Klein makes a compelling case that the next step is an “autocracy-in-exile”. No defeat and retreat. 10s of millions of Americans believe the election was stolen from him and them, so we should expect that he will build a media ecosystem to keep this alternative-reality alive. In the ongoing saga of Trump and Trumpism the challenge for social media companies is that they don’t become the place where this reality is created, and for traditional media companies that they cover it without enhancing it. Link.
Spice Bag By Drone. On a lighter note, Irish drone delivery company Manna are launching a trial of delivery by drone in Oranmore, Galway. Order something (small) from Tesco, Just Eat or Camille Thai and it’ll be dropped in your garden minutes later. Link.
Nutrition labels. Apple will be displaying privacy “nutrition labels” on all apps in their app store from next month. These are simplified, standardised notices on what data an app collects and how it uses it. Link.
Move slow, don’t break things. After Twitter changing the way re-tweets work and Whatsapp limiting the number of times a message can be forwarded, Facebook has now announced another feature attempting to add friction and slow the pace of misinformation spreading. The people who run Facebook groups (which are “in probation”) will have to manually approve each new post. Link.
The New York Times is now earning more from digital revenue than print. A significant milestone. Link.
💡 Interesting Links
The Pope is praying for AI to be kind. It’s funny, but he’s not wrong Link.
Whatsapp are launching a disappearing text feature. You can send a message to someone and it’ll delete off their phone after a set amount of time. Could have saved a local politician some recent bother. Link.
Surveillance. Another good reason not to build a city-wide factial recognition system. In Moscow you can pay hackers $200, give them someone’s picture and they’ll give you their movements over the previous month. Link.