UK's Snooper's Charter Includes Mandatory Backdoors For Encryption

from the crypto-wars-move-overseas dept

Companies such as Apple, Google and others will no longer be able to offer encryption so advanced that even they cannot decipher it when asked to, the Daily Telegraph can disclose.



Measures in the Investigatory Powers Bill will place in law a requirement on tech firms and service providers to be able to provide unencrypted communications to the police or spy agencies if requested through a warrant.

A Home Office spokesman said: “The Government is clear we need to find a way to work with industry as technology develops to ensure that, with clear oversight and a robust legal framework, the police and intelligence agencies can access the content of communications of terrorists and criminals in order to resolve police investigations and prevent criminal acts. “That means ensuring that companies themselves can access the content of communications on their networks when presented with a warrant, as many of them already do for their own business purposes, for example to target advertising. These companies’ reputations rest on their ability to protect their users’ data.”

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Remember earlier this week when we mocked the silly reports claiming that the UK government had "backed down" on its demands for a Snooper's Charter. As we noted at the time, it did not appear they were backing down at all, but pulling out a bogus publicity campaign where they decided to "ditch" some absolutely crazy ideas that never really would have been included in the first place, but still leaving in plenty of terrible ideas.And, now we know that includes-- a stupid and dangerous policy that will directly put UK citizens at risk. While, thankfully, those pushing for crypto backdoors in the US have realized that it's a politically untenable idea , the UK's new "Investigatory Powers Bill" has gone in the other direction, and will mandate encryption backdoors and ban any encryption offerings where there is no backdoor for law enforcement.UK Prime Minister David Cameron and Home Secretary Theresa May will undoubtedly make a big show of this over the next few months, claiming that they need this to keep the public safe, but that's a load of hogwash. Backdooring encryption. It puts everyone at serious risk. It's a technically dangerous solution by technically clueless people. If there are backdoors in encryption you are opening up a massive attack vector for those with malicious intent -- and that doesn't even get into the question of authorities abusing such powers. This has been explained over and over again, and it appears that Cameron's government simply decided toand go with a "but they have to!" approach.If you recognize the long history of governments using surveillance powers for nefarious reasons this should worry you. But even if you 100% trust the government, this should worry you, because what they're asking for, on a technological basis, is to make your information significantly less safe and much more open to hackers and online criminals.This belief that law enforcement needs this information to do its job is hogwash. For all of history prior to this, people have had methods of communicating entirely in secret, and since the dawn of civilization it was still possible to track down criminals and conspirators through traditional detective work. This belief that the content of these communications is absolutely necessary would seem to suggest that UK law enforcement is currently. I'd like to believe that's not true.The big tech companies may now face a pretty big fight in the UK. Over the last few years, they've increasingly ramped up their efforts to provide moreprivacy solutions that can actually protect your information. The UK wants to send things back to the stone age, and that's dangerous. Hopefully, companies like Apple -- which has made a big show of pushing non-backdoored-encryption -- take a stand here and refuse to give in. And, other tech companies that haven't been quite as vocal, including Google, Facebook, Microsoft and Twitter need to speak out against this, potentially to the point of threatening to pull out of the UK if the government doesn't adjust its policy. Without such a strong threat, it seems unlikely the UK government will recognize just how much danger they're putting the public in with this proposal.

Filed Under: backdoors, david cameron, encryption, going dark, snooper's charter, theresa may, uk

Companies: apple, facebook, google