» ISP News » 

EU and UK ISPs Oppose Moves to Ban End-to-End Encryption

Monday, October 7th, 2019 (2:09 pm) - Score 3,082

A demand for Facebook and other companies to delay or cease plans for implementing end-to-end encryption across their internet messaging services, which was made by the UK, USA and Australian governments, has today prompted the European ISP Association (EuroISPA) to “oppose” any weakening of encryption.

Encryption is of course used all over the place, for everything from securing your credit card transactions to keeping your messages private, as well as for cryptographic protocols such as Transport Layer Security (TLS) and Hypertext Transfer Protocol Secure (HTTPS).

Encryption is thus an essential tool, the last line of defence against criminals intent upon gaining unlawful access to our personal data, and one that works best when the decryption keys are kept hidden, sometimes even from the service owner so as to both avoid any chance of employee abuse (i.e. the bigger the company, the bigger the risk of leaks); as well as to obstruct hackers.

On the flip side governments have long been concerned that such technology can be used to conceal conversations between criminals and terrorists, which makes it harder for the police and spies to catch them. Finding a balance on this front is difficult because encryption is, at its most basic, just clever math and there’s absolutely nothing that anybody could do to stop people making their own encryption (this is common).

Nevertheless on Friday 4th October 2019 the three aforementioned governments issued a somewhat controversial response to Facebook’s “Privacy First” proposals, which were published in March 2019 and included a plan to adopt end-to-end encryption on their messaging service (much like most of their rivals have done).

Extract from the Open Letter

We support strong encryption, which is used by billions of people every day for services such as banking, commerce, and communications. We also respect promises made by technology companies to protect users’ data. Law abiding citizens have a legitimate expectation that their privacy will be protected.

However, as your March blog post recognized, we must ensure that technology companies protect their users and others affected by their users’ online activities. Security enhancements to the virtual world should not make us more vulnerable in the physical world.

We must find a way to balance the need to secure data with public safety and the need for law enforcement to access the information they need to safeguard the public, investigate crimes, and prevent future criminal activity. Not doing so hinders our law enforcement agencies’ ability to stop criminals and abusers in their tracks.

Companies should not deliberately design their systems to preclude any form of access to content, even for preventing or investigating the most serious crimes. This puts our citizens and societies at risk by severely eroding a company’s ability to detect and respond to illegal content and activity, such as child sexual exploitation and abuse, terrorism, and foreign adversaries’ attempts to undermine democratic values and institutions, preventing the prosecution of offenders and safeguarding of victims. It also impedes law enforcement’s ability to investigate these and other serious crimes.

Risks to public safety from Facebook’s proposals are exacerbated in the context of a single platform that would combine inaccessible messaging services with open profiles, providing unique routes for prospective offenders to identify and groom our children.

The letter proceeded to “call on” Facebook and others not to implement end-to-end encryption and set out how they’d only be satisfied with an encryption system that the social media giant could decrypt, upon request from law enforcement (i.e. the master keys would be controlled by Facebook officials rather than hidden from all in an end-to-end setup).

As security experts so often warn, you can’t allow one state or group to have special access and then expect that not to be abused by others (e.g. hackers or less democratic countries). On this point the Government are perhaps guilty of not being very worldly, since weakening the encryption supplied by British firms will do little to stop its use by criminals or terrorists.

Encryption is not Apple, Facebook or Twitter. As mentioned earlier, encryption is a method that anybody can setup and use. A clever terrorist probably has better ways to keep in touch with their fellow nut-jobs than to post a private message on Twitter or Facebook (they’ve been known to create their own apps – even a novice can do it), although the latter has previously acted as a useful promotional platform for such groups.

Maximilian Schubert, President of EuroISPA, said:

“EuroISPA’s members continuously work with law enforcement towards making the online sphere a safer space for businesses as well as individuals. At the same time, EuroISPA firmly supports strong encryption, as it plays a fundamental role in ensuring cybersecurity and users’ privacy”.

Meanwhile it could be argued that the security services already have a wealth of data at their disposal but what they lack is the manpower to monitor suspects in the off-line world. We recall one police force saying that it’s possible for up to 60 officers to be involved with the monitoring of just a 1 individual and when you have thousands of potential targets.. that’s a problem.

Equally we can’t always assume that we will be governed by a truly democratic system that protects our freedoms and privacy. Giving a future anti-democratic government such control over what we can access and how we communicate would thus seem to be unwise.

In any case, whichever side of the fence you reside, defining end-to-end encryption in law will be tricky without breaking things on a much wider scale. At the same time Criminals, who by their definition don’t have even the slightest interest in following the law, will almost certainly switch to using another service that still deploys end-to-end encryption (or make their own); there’s no shortage of choices.

Leave a Comment
9 Responses
  1. Avatar FibreBob says:

    Clever math? Are we in America now?

    1. Avatar Joe says:

      (hehe) I thought the same but Mark may have been in US head mode considerings the sources 🙂

  2. Avatar Spurple says:

    We need end to end encryption to guarantee the foundations of our free and democratic societies. No matter how compelling the security reasons cited for such a large scale sacrifice of the right to privacy, it is not worth it for the potential for abuse and the immense totalitarian power it would grant a bad government.

    Advances in computing will mean a total elimination of any private communication if we can’t have encryption.

    1. Avatar Timeless says:

      isnt that the point though? lve always seen these ideas from the government less about security and more about control of information.

  3. Avatar anon says:

    Why don’t they just make clever math illegal?

    1. Avatar Mike says:

      Under Corbyn 2+2 will equal 5 or gulag.

  4. Avatar Lewis says:

    Are we turning into China?

    1. Avatar JP says:

      No, China are turning into us, they’re just more overt about things

Comments are closed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Hyperoptic £22.00
    Avg. Speed 50Mbps, Unlimited
    Gift: None
  • Onestream £22.49 (*29.99)
    Avg. Speed 45Mbps, Unlimited
    Gift: None
  • xln telecom £22.74 (*47.94)
    Avg. Speed 66Mbps, Unlimited
    Gift: None
  • Plusnet £22.99 (*35.98)
    Avg. Speed 36Mbps, Unlimited
    Gift: £60 Reward Card
  • NOW TV £23.00 (*40.00)
    Avg. Speed 36Mbps, Unlimited
    Gift: Dine Club Membership
Prices inc. Line Rental | View All
The Top 20 Category Tags
  1. BT (2770)
  2. FTTP (2760)
  3. FTTC (1785)
  4. Building Digital UK (1743)
  5. Politics (1667)
  6. Openreach (1624)
  7. Business (1435)
  8. FTTH (1341)
  9. Statistics (1241)
  10. Mobile Broadband (1228)
  11. Fibre Optic (1066)
  12. 4G (1059)
  13. Wireless Internet (1021)
  14. Ofcom Regulation (1015)
  15. Virgin Media (1006)
  16. EE (698)
  17. Sky Broadband (669)
  18. Vodafone (669)
  19. TalkTalk (663)
  20. 5G (519)
Helpful ISP Guides and Tips

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact