After the terror attacks last Wednesday in the Capital City of London, the UK government is fighting for more access to the social media accounts used by the assailants involved.
Khalid Masood is known to have been online on Whatsapp only 3 minutes before he carried out the attacks on Westminster, although due to the encryption on the current version of Whatsapp, police are finding it difficult to track messages sent between Masood and others who were potentially involved.
Again Silicon Valley is finding itself in the middle of a conversation about national security versus privacy.
Built-in security vulnerabilities threaten all
The UK Home Secretary, Amber Rudd, told the media that chat apps must not “provide a secret place” for terrorists to communicate and that officers equipped with warrants, should be able to “get into situations like encrypted WhatsApp”.
However, the IT community is wary of calls for built-in vulnerabilities, or so-called, backdoors, as these can ultimately be exploited by anyone, and damage a firm, or application’s reputation.
Security consultant Troy Hunt said, “the encryption debate always rages after a terror incident, regardless of how effective backdoors would have been.”
“Even if, say, the UK was to ban encryption or mandate weaknesses be built into WhatsApp and iMessage, those with nefarious intent would simply obtain encryption products from other sources.
“These responses are kneejerk reactions by those who have little understanding of the efficacy and implications of what they’re actually proposing.”
Holistic approach: tech firms and governments working together
Alexander Michael, Director of Consulting, Digital Transformation, Frost & Sullivan commented: “Even when law enforcement agencies obtain communication data, they may not be able to understand it. There is a real risk that insufficiently trained police officers would draw the wrong conclusions, because it is difficult to interpret communication data outside its operational context.
“Therefore, a holistic approach is necessary, rather than hastily prepared single pieces of legislation. If more policy work were done upfront, regulators would avoid mandating regulations that cannot be applied, and vendors and operators could thus make better informed technical decisions. Above all, an internal approach is necessary, probably through the United Nations.”
Facebook has introduced privacy protocol
It was only recently Facebook and Instagram introduced a privacy protocol whereby the information users are putting on social media stays private and neither the government nor police can access any data.
It is the focus of much discussion on the streets of WhatsApp’s hometown of Mountain View in Silicon Valley. Today the company, bought by Facebook for US$19 billion (£15 billion) in 2014, would surely propose the same protocol as their sister company Facebook. This would mean information would be kept to the same private protocol as Facebook proposed for itself and Instagram.
Edited from sources by Ella Donaldson