he boss of WhatsApp, the most popular messaging platform in the UK, says that it will not remove end-to-end encryption from the app to comply with requirements set out in the UK government's online safety bill.
What's the argument about? Well, let me make it very simple to understand.
Governments don't like end-to-end encrypted messaging. They would like to be able to read people's encrypted messages. Which I can understand, because criminals do use encrypted messaging when doing evil things. Being able to see what the criminals were saying would undoubtedly be helpful to law enforcement agencies.
But, unfortunately (or perhaps fortunately), it's not just criminals who use encrypted messaging to keep their communications secure and private.
Billions of messages, sent every day by law-abiding individuals, companies, and - yes - even governments, rely upon encryption.
If the UK government's proposed bill became law it would weaken the security of millions of people, and jeopardise their privacy. And it wouldn't just be a problem for Brits. It would be a problem for the rest of the world too.
For one thing, WhatsApp has previously said that it would refuse to lower security for any government, saying:
"If we had to lower security for the world, to accommodate the requirement in one country, that would be very foolish for us to accept, making our product less desirable to 98% of our users because of the requirements from 2%."
But also, as Meredith Whittaker, president of WhatsApp-rival Signal explained this week while calling on the UK to reconsider the bill, it could "create a template that would certainly be copied by authoritarian governments."
WhatsApp's CEO Will Cathcart is clearly in agreement, retweeting Signal's stance.
In a follow-up tweet, Signal's Whittaker said "We will do everything we can to ensure people in the UK and elsewhere have access to Signal and real private messaging. But we will not break e2e or our privacy promises to the people who rely on us."
The truth is that any weakening of encrypted messaging apps plays into the hands of cybercriminals and state-sponsored hackers.
Governments need to stop scaring their citizens into believing that encryption is a bad thing. It's not. Encryption is a good thing.
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsNovember 14, 2024
September 06, 2024