The incessant debate on the issue of encryption has continued this weekend on both sides of the Atlantic, with the US Attorney-General adding his voice to the clamour for access, while a senior Facebook executive has warned that encryption is here to stay.
Jeff Sessions, the US Attorney-General, was speaking at an event in New York just two days after the latest terrorist attack on US soil, which saw Uzbek born Sayfullo Saipov kill eight people and injure eleven more after driving his truck onto a bike path in Manhatten.
US Government has encryption in its sights
That incident happened close to the Attorney-General’s office in the city and after expressing his condolences, Sessions outlined his three-point plan to tackle terrorism. And needless to say, one of those points was to secure access to encrypted communications.
In his speech, Sessions became the latest senior political figure to attack tech companies, saying that they “refuse to cooperate with law enforcement or even to comply with court orders.”
He went on to cite an incident which took place in Texas back in 2015 when two Islamic gunmen opened fire on an exhibition which contained images of the Prophet Mohamed.
According to Session, the US intelligence agencies were aware of more than 100 encrypted messages which the two attackers had sent to another person overseas. “What we don’t know, however, is what he said – because those messages are encrypted,” he added.
He stressed that the US Government were committed to improving their access to electronic communications and pledged to continue to “aggressively surveill non-citizen terrorists overseas.”
Capitalising on tragedy
His words come hot on the heels of comments his deputy, Rod Rosenstein, made last month when he accused encryption of creating “law-free zones” and introduced the term “responsible encryption” as a more palatable way of describing encryption with an inbuilt backdoor, or vulnerability.
Sessions is also not the first senior political figure to try and use the deaths of innocent people in a terrorist atrocity to push their political agenda on encryption despite a lack of any evidence to tie the issue to the offence.
This is something that UK Home Secretary Amber Rudd has been guilty of on multiple occasions this year, not least in the wake of the dreadful terrorist bombings in London and Manchester.
Encryption not going to end says Facebook counter-terror head
However, across the Atlantic this weekend, there has been a more reasoned interjection into the debate from a senior Facebook executive.
Brian Fishman is the Lead Policy Manager in Counterterrorism at Facebook and is responsible for the team of 150 or so employees tasked with removing extremist content from the social media platform. He was speaking at the Wired Live event in London and when asked about the UK Government’s desire to undermine encryption, didn’t pull his punches.
He was categoric in his statement that encryption is going nowhere and nothing Governments around the world do will change this. “The technology exists. It’s not going to be put back. We need to think about how we can be responsible with it, but end-to-end encryption is not going to end.”
Fishman went on argue that the focus of Government’s should be to work with “tech companies with companies that want to be responsible in what we can provide – if we can provide – some bits of information.”
The alternative is that encryption ends up being the realm of hundreds of independent apps that make a point of not cooperating. This argument mirrors the one made repeatedly by other tech company experts, who claim that Governments and intelligence agencies still get given significant amounts of useful data in terrorist and serious criminal cases.
Fishman’s stance is, of course, absolutely right. Regardless of what Jess Sessions and Amber Rudd might want to happen, encryption technology is here to stay. If companies like Facebook are forced to compromise it, anyone who truly values it will just move their business elsewhere.
It is time that Governments around the world accepted the existence of encrypted communications and security tools like VPNs and adapted their intelligence techniques accordingly, rather than trying to uninvent the wheel.