Britain Reopens Privacy Debate After Attack, Presses Tech Firms

Westminster attacker Khalid Masood used encrypted messaging via WhatsApp which investigators cannot read.
|
Open Image Modal
An encryption message is seen on the WhatsApp application on an iPhone in Manchester, Britain March 27, 2017.
REUTERS/Phil Noble

British officials have demanded tech firms do much more to give police access to smartphone communications following last week's Westminster attack, just months after new laws gave security services broader powers.

However, they have yet to spell out clearly whether the government wants them to weaken encrypted services such as WhatsApp or are simply asking for ways to gain access to phones in their possession to recover suspects' communications.

British media have reported that shortly before launching the attack last Wednesday, Khalid Masood used encrypted messaging via WhatsApp which investigators cannot read.

Police have been trying to determine whether Masood - who killed four people including a policeman near parliament in London before being shot dead - acted alone.

Neil Basu, a top counter-terrorism policeman, said his communications on the day of the attack are the main line of inquiry and said he had a clear interest in jihadist armed struggle.

A spokesman for Prime Minister Theresa May said on Monday she wanted tech firms such as Facebook, Apple and Google to find ways to give security services access to messages on phones, but was leaving it up to companies to sort out how.

British officials plan to meet U.S. tech executives on Thursday to insist they do more to crack down on extremist content on websites such as Google's YouTube, following a revolt over the issue by major advertisers, including British government agencies. (http://reut.rs/2nnzv98)

They also plan to press Silicon Valley leaders to help monitor communications by potential attackers.

"If there are circumstances where law enforcement agencies need to be able to access the contents, they should be able to do so. How that is achieved, I think, is a matter for the talks later in the week," May's spokesman said.

The criticisms are the latest moves by European countries to rein in U.S. tech giants, pressing them do more to stop hate speech and extremist activities online. Germany is planning a new law calling for social networks like Facebook and Twitter to remove hate speech quickly or face fines of up to 50 million euros ($54 million). (http://reut.rs/2nnpPv6)

POLITICS, OR SOMETHING NEW?

The government has so far stopped short of seeking fresh laws that would make tech firms create back doors to privacy protections enabled by encryption.

Instead, the Investigatory Powers Act, which came into force in November, forced tech firms to help law enforcement agencies bypass encryption, when possible, and keep records of sites their customers visit, updating decades-old surveillance laws.

On Sunday Home Secretary (interior minister) Amber Rudd called for the tech companies to give security services access to encrypted messaging systems, then later qualified her stronger statements, saying she supported user privacy.

"We need to make sure that organizations like WhatsApp - and there are plenty of others like that - don't provide a secret place for terrorists to communicate with each other," Rudd first told BBC TV.

Later, when speaking to Sky News, she appeared to pull back on calling on tech firms to undermine encryption protections and focused instead on demanding lawful access to phones.

"You can have a system whereby they can build it so we can have access to it when it is absolutely necessary," Rudd said. "But I want to draw a very clear distinction here – I support end-to-end encryption as part of cyber security, for families, for banking, for businesses," she said.

A Home Office spokeswoman reinforced Rudd's comments on Monday, saying it is "irresponsible to give terrorists a way to plot online which cannot be intercepted by the police".

A spokeswoman for WhatsApp, a unit of Silicon Valley social media giant Facebook, said the company was horrified by the attack and cooperating with law enforcement agencies in their inquiries. WhatsApp introduced end-to-end encryptions by default a year ago this month for its 1.2 billion users worldwide, joining other services such as Signal and Apple's iMessage.

Facebook is likely to comply with a subpoena for data on what numbers Masood called, and when, using WhatsApp, based on how it has responded in prior cases. Alternately, police may demand help in unlocking his phone, which raises thornier issues, depending on what device he was using.

Britain could also press Facebook and other internet services to provide a way to monitor or record encrypted conversations - akin to wiretapping traditional voice calls - which would move the debate into uncharted legal territory.

One former top British military official said forcing tech companies to weaken encryption would simply make the problem mutate and lead extremists to find other ways to communicate.

"There is a lot of politics at play here," Major General Jonathan Shaw, who was in charge of cyber security at the Ministry of Defence, told BBC Radio 4 on Monday.

"What they (the government) are trying to do is use this moment to nudge the debate more in their line," said Shaw, who retired from the army in 2012 as assistant chief of the defense staff.