Twitter (or, at least, my particular Twitter bubble) has been busy this last 24 hours pouring scorn on the Home Secretary’s apparent admission in the Andrew Marr show on BBC1 (and later, in conversation with Sophy Ridge on Sky News) that she would consider legislating to force communication suppliers, such as WhatsApp, to break their encryption systems so as to permit governments to access messages.
I’m not going to rehash all the reasons why breaking or weakening encryption is wrong. Plenty of people more knowledgeable about it than me have already done that. I’m more interested in how she ended up making such a statement in the first place.
First, some background. The idea of forcing communication suppliers to add “backdoors” into their systems has been floating around for a long time, particularly in policing circles, as it would clearly be beneficial in some cases to be able to get at the content of every electronic message. So this is a proposal that tends to bubble up every time there is a major terrorist or criminal incident.
Such proposals have never actually come to anything, though, partly because they don’t stand up to technical scrutiny but also because they would be firmly resisted by many large and influential corporations – like banks and other financial institutions – as well as other government agencies which themselves rely on encrypted communications.
So, how did it crop up again this time, and why was the Home Secretary so willing to countenance it?
It’s important here to see the whole thing in context. If you haven’t already watched the full interview with Andrew Marr, then do so now on iPlayer before it expires. Because it’s clear that the first person to say something stupid in that exchange wasn’t Amber Rudd, but Marr. He introduced the topic of end to end encryption, made a complete hash of explaining it, and then invited Rudd to agree with him that it is “completely unacceptable” that the government can’t access terrorists’ messages on it.
This is intellectually unsustainable, but political dynamite. Rudd could not, realistically, disagree with him – imagine the tabloid headlines if she had dared to suggest that it is acceptable for criminals to be able to communicate in secret – but neither could she agree without falling straight into the trap that Marr had laid for her.
It was clear from that exchange that Rudd is not only uninformed about how encryption works, but was uncomfortable discussing it. It’s easy to mock her misguided use of terminology, but when she tried to divert the conversation into an area of safer ground, Marr dragged it back. It was, essentially, two people talking about something neither of them really understands, but both agree that it’s a bad thing.
Having fallen headlong into Marr’s elephant trap, though, Rudd couldn’t easily crawl out of it. This was more of an issue later on Sky News, on Ridge on Sunday. Unlike Marr, Sophy Ridge had done her homework, and was able to point out the glaring inconsistency between Rudd’s assertion that she fully backed strong encryption with the threat to legislate against it. But it was too late for Rudd to row back on the statements she had made to Marr, so instead she had to resort to the usual political trick of speaking firmly, keeping a straight face and refusing to acknowledge the contradiction in the hope that viewers would hear what they wanted to hear.
The real question this raises is: why was Rudd so poorly briefed in the first place? Given that it had already been publicised that Adrian Elms had used WhatsApp shortly before murdering four people, why was it not anticipated that the question of accessing it would crop up? Why couldn’t Rudd have defused Marr’s line of questioning by pointing out to him that he didn’t understand how it worked?
I can only speculate here, but it seems to me that this is an issue with the Home Office which goes back a long way – it was clearly visible during Theresa May’s time as Home Secretary, and even before before that under the last Labour administration. The hiving off of Home Office functions into the newly created Ministry of Justice was one attempt to deal with a department that former Home Secretary John Reid once described as “Not fit for purpose”. But this has seemingly resulted in not one, but two dysfunctional ministries.
The particular problem with the Home Office has been a long standing disregard of personal liberty, combined with an ill-concealed contempt for the tech sector. Apart from legislation drafted by the Home Office which combines illiberality with technical infeasibility, this has repeatedly manifested itself in a lack of desire to engage with reasonable and informed criticism. Ministers are left unbriefed, and in danger of looking stupid (as both Rudd, May and their Labour predecessors did, regularly, when talking about Internet-related issues), because there is a perception that the general public, and the tabloid media, doesn’t care about the details. Only nerds care, and nerds don’t matter.
I don’t believe that the government will legislate to force companies to break encryption. There would be too much opposition, both internally and from industry, for that to happen. But we will carry on getting these kites being flown every time there is a terrorist incident, until this anti-tech and anti-freedom factor within the Home Office is rooted out. Ministers could make a start by insisting on being properly briefed in future, and hiring a few SpAds who understand the issue and can offer unbiased advice.
While I’m on the subject (and apologies if this is turning into too much of a long read), consider for a moment why WhatsApp is in the news. As I said at the top of this article, it is known that Adrian Elms used WhatsApp only a few minutes before embarking on his murderous spree. But how do we know that?
Given that WhatsApp is end to end encrypted, and only the sender and recipients of a message can read it – or even know that it is sent – the only way to know this is to have access to either the sender or recipient’s phone.
In this case, media reports say that the police know Elms used WhatsApp because they found a message from him on a phone seized from a known acquaintance in Birmingham. But they don’t know who else he may have communicated with, because his phone is locked and they are unable to access it.
But if they can get that, though, then they have a history of the WhatsApp messages that Elms sent and received. They were not secret to him, and neither are they to anyone who successfully accesses his phone. End to end encryption protects messages from being viewed in transit by third parties; it doesn’t protect them from being viewed on either of the devices they were sent from or to.
In fact, if you read the media reports carefully, the idea that the police are being stymied by lack of access to WhatsApp isn’t coming from the police. They may be happy with that particular misbelief being spread around, because it may help minimise the prospect of accomplices deliberately deleting messages that may be relevant (although, in practice, it does now seem that Elms really was a “lone wolf” and had no accomplices). But the idea that WhatsApp is deliberately hindering the investigation is a suggestion that’s being fed by the media, supported by off the record comments from Home Office insiders (again, not explicitly, but with hints dropped in headlines that aren’t borne out in the text of the article).
The police’s problem is simply that they can’t unlock Elms’s phone. Or, at least, aren’t admitting to being able to, at least not yet. And if they do get into it, there are probably far more interesting things they can discover from it than who he was messaging.
There’s a subtext here that’s worth exploring. Google, Facebook, Twitter and other tech companies are in the firing line at the moment because of their seeming reluctance to remove extremist material. Some of these criticisms are justified, others less so – the tech companies do actually have a good record of addressing explicitly illegal material, as indeed Amber Rudd tried to point out before being interrupted by Andrew Marr; the real issue comes with the stuff that isn’t necessarily illegal but may be offensive or inappropriate. The fact that adverts from well known brands have been appearing on YouTube videos posted by Daesh and their sympathisers has been in the news a lot recently, particularly in the context that these adverts earn money for the videos’ creators.
This is a valid concern, and Google et al could certainly do more to ensure that advertisers have more control over the material that their adverts appear alongside. There are also perfectly legitimate concerns about where the line is drawn regarding offensive, rather than specifically illegal, content.
However, there’s an undercurrent to this which needs to be borne in mind. Google and Facebook, in particular, are very much in the business of attracting advertising expenditure away from the traditional media. The newspapers which complain about Google showing ads on jihadist videos are not neutral; they have skin in the game.
The traditional media also resent the way that search engines and social media have become the gatekeepers to their own content. There is a strong perception in the media that the tech industry is leeching away their traditional source of revenue, and offering nothing in return.
To some extent, that perception is true, although it’s also arguable that it’s not a problem – changes in technology and society’s behaviour always benefits some and not others. Airlines put the ocean liners out of business, steamships spelled the end for the tea clippers and the printing press rendered scribes redundant. The traditional print media can’t really complain if they are now on the downward slope of a hill they were once ascending.
What this means, though, is that there has, for some weeks, been a media campaign in progress against Google, Twitter and Facebook – a campaign driven as much by self-interest as any real public concern. This wasn’t helped by a particularly inept response by Facebook to an investigation by the BBC into sexualised images of children. The Westminster attack has simply played into this narrative, by allowing the media to say “I told you so”. It also gives impetus to their anti-Google and anti-Facebook campaign (and remember that WhatsApp is owned by Facebook).
The traditional print media and broadcast media would love nothing more than to see the tech giants taken down a peg or two. And their reporting reflects that. It is not unbiased. Andrew Marr’s carefully laid trap for the Home Secretary has to be seen in that context, too.
Edited to reflect media reports that the police know about Elms’s WhatsApp use from one of his acquaintances, rather than his own phone.