In response to a November 2018 proposal by the GCHQ in the UK to listen in on encrypted chats, top tech companies such as Google, WhatsApp, Microsoft and Apple have signed an open letter condemning the idea. The GCHQ proposal, which has since been labeled purely “hypothetical,” contemplated a way for law enforcement officials to get around the end-to-end encryption found on popular messaging apps such as WhatsApp. However, tech companies, civic organizations such as Human Rights Watch and privacy advocates view the proposal on encrypted chats as a threat to both security and personal privacy.
Details of the GCHQ proposal on encrypted chats
The authors of the GCHQ proposal on encrypted chats were two high-ranking British intelligence officials – Ian Levy, technical director of the UK’s National Cyber Security Centre, and Crispin Robinson of the GCHQ. Their goal in publishing the hypothetical proposal was to elicit greater public debate about ways that security and intelligence officials might gain access to encrypted conversations. It was intended as a starting point for additional conversations on the topic. Currently, for example, law enforcement officials are unable to listen in on the encrypted chats when terrorists or other criminals use WhatsApp. So the goal of the GCHQ was to consider various ways that intelligence officials might get access to the chats without breaking the encryption of the overall system.
The compromise solution, according to Levy and Robinson, is something they refer to as a “ghost protocol.” The idea is to insert the government as a silent conversation partner on certain conversations, pursuant to several important principles. The goal, of course, is not to spy on every citizen, but rather, to give intelligence services the same types of tools that they have when eavesdropping on telephone calls. This would give them a way to engage with interested parties. The ghost protocol would preserve end-to-end encryption, but would simply insert an extra “end” that would be open to intelligence officials. One controversial part of the proposal, though, would require messaging services to “hide” the fact that government officials were listening in on the call.
Reasons to condemn the GCHQ proposal on encrypted chats
According to the 47 signatories of the open letter, there are three key reasons to be wary of the GCHQ proposal on encrypted chats. First and most importantly, any attempt to insert the government or law enforcement officials into an end-to-end encrypted communications system might undermine the overall security of such a system. The government is looking for a “back door” into the system – but it is just as likely that a hacker or cyber criminal would attempt to use this security back door as a legitimate law enforcement official.
Secondly, such a move would threaten the public’s trust in encrypted messaging services. One big reason why people use services such as WhatsApp is for the peace of mind that they receive, knowing that every conversation is completely protected and shielded from prying eyes. End-to-end encryption implies that even the messaging platforms themselves cannot read or store the messages of users. But if intelligence officials or government operatives are secretly being added to a two-way conversation, then the new assumption would need to be that every group chat or call is public rather than private. And once that happens, who would really want to use a service like WhatsApp?
And, thirdly, the GCHQ proposal on encrypted chats could endanger privacy and free expression. That’s one big reason why the signatories to the open letter included the likes of Human Rights Watch, Reporters Without Borders, Privacy International and the EFF. If users of messaging services know that there is a chance that an unknown “ghost” participant was listening in on every conversation, that might lead to a real chilling effect on public debate. For example, if two political dissidents use an encrypted messaging service to discuss reasons why they do not like a particular regime, isn’t it possible that the government might have a desire to listen in on some of their conversations?
Key principles about encrypted communications
While the 47 signatories of the open letter soundly condemned the GCHQ proposal on encrypted chats, calling for British intelligence organizations to abandon the idea entirely, they did give the GCHQ credit for coming up with general principles that would govern why, how and when government officials would be able to listen in on encrypted chats and what type of access to data they would receive. For example, the first major principle for law enforcement participants is that, “Privacy and security protections are critical to public confidence.” This is something that everyone can agree on – any efforts by law enforcement should not harm the overall privacy and security of such a system.
Another key principle is that, “Transparency is essential.” If the government were added in secret, without the knowledge of conversation participants, this would seem to be a breach of that principle. Tech companies would be forced into the awkward role of misleading users by suppressing notifications about who is participating on any conversation. While the proposal was always intended as a starting point for discussion, it’s clear that the first thoughts on exceptional access for law enforcement came with some major flaws.
So how do you catch the terrorists?
The big question, of course, is what to do about “mass-scale, commodity end-to-end encrypted services.” It is increasingly clear that the big tech giants are very wary about opening up any back doors to these services. Doing so would lead to potential security issues. They are also wary about breaking encryption entirely, which would make the services not nearly as attractive to users. But what can law enforcement officials do if they aren’t allowed to create ghost protocols, or some other workaround? In nations such as Russia or China, the answer is simple: ban the services entirely if they refuse to give a back door to intelligence officials or break encryption.
Going forward, the question of how to grant “exceptional access” to some agencies, officials or organizations is unlikely to go away. Requests for thoughts on the topic will continue. When services like WhatsApp were relatively unknown, they did not pose a major threat to security officials. Now, however, when encrypted messages are used by tens of millions of people, they are becoming as ubiquitous as telephone communications. The creation of certain principles as a starting point for debate is a nice first step as a way to reach the best solutions. But the overall risk to security and privacy is so great that it is easy to see why the GCHQ proposal met with such rapid and widespread condemnation. Letting governments spy on their citizens is a precedent that is ripe for misuse and abuse.