Facebook has dug its heels in once more in the companies standoff with US Attorney General William Barr over its plans to encrypt all messages being sent on their platform.
Barr has long been a critic of end-to-end encryption and has been prominent among a number of senior US government officials in calling for Facebook to abandon its plans to encrypt messages being sent and received on its Messenger app in the same way that WhatsApp messages currently are.
The plans are part of Facebook’s new privacy pivot and while their plans have been greeted with understandable scepticism within the cyber-security community, to their credit they have stuck to their guns over the issue of end-to-end encryption.
They have now written to Barr to inform him once more that they have no intention of stepping back from the policy.
Facebook refuses to stop encryption rollout
The letter was dated December 9th but only made public yesterday. It was signed by Will Cathcart and Stan Chudnovsky, the Facebook executives in charge of both Messenger and WhatsApp.
They state that the main effect of not introducing end-to-end encryption would be to make their users less safe.
“People’s private messages would be less secure and the real winners would be anyone seeking to take advantage of that weakened security,” they wrote. “That is not something we are prepared to do.”
“The ‘backdoor’ access you are demanding for law enforcement would be a gift to criminals, hackers and repressive regimes, creating a way for them to enter our systems and leaving every person on our platforms more vulnerable to real-life harm.”
There is nothing new in their comments. This is the same argument that cyber-security experts have been making to law enforcement bodies and governments around the world for years. It seems these simple points still need to be restated though.
Sadly, it seems that Barr still doesn’t understand. At an event this week, he once again argued that companies like Facebook were using encryption to sell a technology that kept criminals safe from government surveillance.
“Do we want to live in a society like that?” he asked. “I don’t think we do.”
Most people would prefer that their online privacy was protected from government snooping though. Barr still seems to think that hardened criminals will continue to use messenger services after their encryption has been compromised rather than moving to other dark-web services that are even harder for law enforcement agencies to track.
The prospect of regulation
It is encouraging to see Facebook continuing to stand up for end-to-end encryption. But their letter doesn’t seem to have moved us any closer to resolving this debate.
Indeed, lawmakers in the US this week threatened Facebook and Apple with the prospect of regulation if they didn’t start to cooperate over encryption.
Representatives of both companies were appearing before the Senate Judiciary Committee where Republican and Democrat Senators offered a rare show of unity in attacking them over the role they claim encryption has played in protecting child abusers and mass shooters.
Firebrand Committee Chair, Senator Lindsay Graham, used the session to threaten Apple and Facebook with regulation if they didn’t play ball.
“You’re going to find a way to do this or we’re going to go do it for you,” he said. “We’re not going to live in a world where a bunch of child abusers have a safe haven to practice their craft. Period. End of discussion.”
The same level of unity was not on display between Apple and Facebook with the representatives of both companies hinting that the Committee should focus its efforts on the other.
Why encryption matters
That’s a shame because if the political elite in the US is becoming more united at the prospect of attacking encryption, those who actually understand its importance need to be working together to make the case for it.
This new Facebook letter actually makes the arguments quite clearly and succinctly. One area that it fails to adequately explain is the consequences of forcing the introduction of encryption backdoors.
There is the fact that so many vital online services like banking and retail depend on encryption to function properly. But then there is what will happen to those who are using encryption for nefarious purposes.
As things stand, companies like Facebook are actually quite cooperative and if law enforcement agencies have enough evidence, they will hand over what information they can.
If encryption is undermined, this information will be lost as cybercriminals sink further into the dark web to evade capture.
Encryption cannot be uninvented. Encrypted messenger services will always exist as will VPNs.
The onus needs to be on law enforcement bodies to improve their investigations to deal with the issue of encryption. Seeking to break encryption will only make the world less safe.