Interpol to support the breaking of end-to-end encryption

Law enforcement agency argues the technology frustrates the investigative process

International police body Interpol has joined the growing list of law enforcement agencies that back the idea of breaking encrypted communications, echoing concerns that the technology protects criminals.

Interpol is expected to argue later today that encryption frustrates criminal investigations and protects child sexual predators, and that tech companies should be doing more to allow law enforcement into encrypted channels, according to sources briefed on the matter speaking to Reuters.

"Service providers, application developers and device manufacturers are developing and deploying products and services with encryption which effectively conceals sexual exploitation of children occurring on their platforms," a draft of the resolution seen by Reuters said.

"Tech companies should include mechanisms in the design of their encrypted products and services whereby governments, acting with appropriate legal authority, can obtain access to data in a readable and useable format."

The announcement will carry no legal weight but is expected to add mounting pressure for technology companies such as Apple and Facebook to open up their end-to-end communication apps to law enforcement.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The debate around whether encryption should be broken is a hugely divisive one and is often seen as a conflict between the need to fight crime and upholding a human right to privacy.

Australia famously became the first country ever to introduce a 'backdoor law' in 2018. Federal government figures and law enforcement in Australia can legally approach technology companies and demand access to a suspected criminal's encrypted communications or risk hefty fines.

The law has been criticised for being rushed through on the final day of the parliament and ignoring cyber security experts' warnings that it would not be possible to securely create a vulnerability in one target's device for surveillance purposes – the argument being that if a backdoor exists at all, this can be exploited.

The UK's Investigatory Powers Act 2016 (IPA) touches on the matter of encrypted communications but doesn't make the same allowances as the Australian law.

The IPA requires communication service providers to be active participants in data interception but the extent to which it has been used so far is unclear and how easy it would be for Apple to intercept messages sent securely in its encrypted iMessage app, for example.

Advertisement - Article continues below

Implementing a law that facilitates a 'ghost' in an encrypted channel isn't a case of making the channel less secure, argued GCHQ officials, Ian Levy and Crispin Robinson, in a joint essay.

Levy and Robinson said it would be "relatively easy" to add an extra participant into an end-to-end encrypted chat. It wouldn't be a case of introducing a security vulnerability, instead, it would be more like adding another end to the two-way encrypted channel.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Visit/policy-legislation/general-data-protection-regulation-gdpr/354577/data-protection-fines-hit-ps100m
General Data Protection Regulation (GDPR)

Data protection fines hit £100m during first 18 months of GDPR

20 Jan 2020