The United Kingdom has legislated an effective ban on end-to-end encryption, giving the government a mandate to access backdoors in any technology they deem necessary.
Passed under Section 217 of the Investigatory Powers Bill, the provision provides the Secretary of State with the power to issue a “technical capability notice” to telecommunications operators, establishing a series of obligations:
“(1) The Secretary of State may give a relevant operator a notice (a “technical
capability notice”) —
imposing on the relevant operator any applicable obligations specified in the notice, and
requiring the person to take all the steps specified in the notice for the purpose of complying with those obligations.”
One of these obligations, found under (4)(c), pertains to the removal of “electronic protection” when requested:
“(c) obligations relating to the removal by a relevant operator of electronic protection applied by or on behalf of that operator to any communications or data;”
This means that, when requested by a telecommunications company, encryptions must be removed to provide government agents with access to any communication desired.
This indicates an obligation to maintain the ability to allow backdoor access for law enforcement into encrypted devices and services, effectively ending the legal use of end-to-end encryption.
A one-two punch in the UK government’s new spying powers
This effective encryption backdoor mandate comes packaged as part of the Investigatory Powers Bill, which also allows for unprecedented surveillance on citizens of the United Kingdom. All customer internet activity must be logged by tech companies, such as Internet services providers, for one year and is to be provided to law enforcement agencies upon request, with no judicial oversight.
What this means is that any company in the UK with access to a citizens’ communications and data is now required by law to make that data available to law enforcement agencies whenever deemed necessary, and no company may create technology that impedes the collection of that data. In short, there is no longer a right to privacy from the government.
Governments are closing in on encryption
One by one, world governments are moving towards implementing measures similar to those adopted by the UK against encryption. The U.S. election of Donald Trump, who has traditionally adopted an anti-encryption stance and has appointed a similarly hostile attorney general, compared to Hillary Clinton, whose encryption stance indicated some cooperation with tech companies, may mean that the United States will soon follow in the UK’s footsteps. France and Germany have pressured the EU to ban end-to-end encryption, meaning that all of Europe may be united in mandating backdoors for law enforcement.
Many tech companies still retain their resolve to push for the right to encryption. Apple’s CEO Tim Cook recently praised encryption, saying that it keeps the public safe. Whether you support privacy or not, the tools against current encrypted technologies are on the rise, as an Israeli surveillance firm now claims it can break WhatsApp’s encryption from a suitcase-sized device. Such emergent threats underscore the need to pursue new and advanced encryption technologies that surpass the security of what present technologies are able to provide.