The British government is contemplating changes that will compel companies that provide messaging services, such as Apple’s FaceTime and iMessage, that use end-to-end encryption to create ‘backdoors’ that give law enforcement the ability to intercept and read messages. In response, Apple has said it will turn those services off in the UK rather than water down privacy protections.
What’s at stake?
Quite simply, it’s everyone’s right to privacy.
Policing agencies all over the world have been trying to find ways to infiltrate criminal groups that use encrypted communications. Service such as iMessage, Telegram, Signal and others of their ilk use end-to-end encryption. That means messages are inaccessible except to the intended parties from the moment they are created, through their transmission all the way to their intended recipient.
As Apple and others have said before, unless they weaken the protections those systems become vulnerable. While the ‘backdoors’ are intended for law enforcement, they create a weakness that threat actors could exploit.
But if you’ve got nothing to hide…
One of the arguments made by policing agencies is that the innocent need not fear these changes. After all, we can trust the police to not misuse this capability. So, let’s consider this in the Australian context.
The Australian Federal Police (AFP) has suspended the use of surveillance platform Auror after a freedom of information (FOI) request revealed that more than 100 of its staff had used the platform — for more than a year in some cases — without considering privacy or security implications.
The Mandarin
And
178 officers have faced complaints about the misuse of Victoria Police’s sensitive Law Enforcement Assistance Program (LEAP) database in the past five years.
ABC
And
A Queensland tribunal has ruled that the state’s police service breached the privacy of a domestic violence victim, whose details were accessed by a senior constable and leaked to her abusive former partner.
The Guardian
If you live outside Australia, it’s a fair bet you’ll find plenty of local examples. And while the very vast majority of law enforcement officials act scrupulously, there is a small element that don’t. And that’s where the risks just start.
What about our right to privacy?
Australians do not have a legally defined right to privacy. While it may seem to be an obvious right, it is not explicitly defined by law. While there is a privacy law (The Privacy Act 1988) and the Office of The Australian Information Commissioner (OAIC) acknowledges privacy as a “fundamental human right”, the laws cover what happens in the event of someone accessing, storing and sharing your personal data. As the OAIC says “Your right to privacy isn’t absolute“.
What will happen?
If the UK government gets its way, I think Apple is likely to follow through and turn impacted services off in that part of the world. Already, the company has shown it can control how specific functionality works in different regions. When the ECG function was added to the Apple Watch, it could only be accessed in regions where the feature was appropriately approved by health agencies.
Apple has a strong track record of standing up to governments when it comes to privacy protections. When it was being compelled by the FBI to access encrypted data relating to a criminal incident in San Bernardino California, it did not acquiesce to the request. Nor did Apple succumb to legal pressure in many other jurisdictions.
The law change won’t make a real difference to criminals
Finally, changing this law and compelling software companies to create backdoors won’t make any difference. The tools needed to build and encrypted messaging tool are easily accessible to criminals. They will simply hire software developers in friendly countries to create new tools for them.
So, as far as stopping criminals from using encrypted messaging, it won’t stop them. But it will weaken things for everyone else.
Anthony is the founder of Australian Apple News. He is a long-time Apple user and former editor of Australian Macworld. He has contributed to many technology magazines and newspapers as well as appearing regularly on radio and occasionally on TV.