Home secretary, here's some help with encryption

Amber Rudd believes she doesn't need to know how encryption works to regulate it


Amber Rudd doesn't believe she needs to know how encryption works in order to regulate it, which is probably why she foolishly wants so-called backdoors installed to break the digital protection.

The home secretary made the comments at a fringe event at the Conservative Party conference last night, saying the tech industry was patronising and sneering though it's difficult not to do so faced with comments like hers.

Asked by a member of the audience if she understood encryption, she reportedly replied: "I don't need to understand how encryption works to understand how it's helping - end-to-end encryption - the criminals."

Rudd has claimed security services need access to messaging services with end-to-end encryption, with critics pointing out that would effectively ruin the efficacy of the protections and amount to a "backdoor" into such systems.

Advertisement - Article continues below
Advertisement - Article continues below

Rudd has also repeatedly pointed the finger at encrypted services such as WhatsApp following terror attacks, despite the messaging tool rarely being implicated in any such violent incidents. It was reportedly used by the Westminster Bridge attacker, though investigators had no trouble retrieving his final messages before the attack.

In her reply at the fringe conference event, Rudd suggested her and other legislators were "laughed at" for failing to understand the basics of the technology which is indeed true, as Rudd was roundly mocked after misspeaking and saying "hashtags" and not "hashing".

"It's so easy to be patronised in this business," she told attendees of the event. "We will do our best to understand it. We will take advice from other people but I do feel that there is a sea of criticism for any of us who try and legislate in new areas, who will automatically be sneered at and laughed at for not getting it right."

After a critic at the event Michael Beckerman, CEO of the Internet Association tried to explain that encryption can't be unpicked without being broken, she replied: "I am not suggesting you give us the code I understand the principle of end-to-end encryption, it can't be unwrapped What I am saying is the companies who are developing that should work with us."

Rudd suggested tech firms don't like to help until "after an event has taken place".

As Rudd is clearly looking for help understanding encryption, without the techy details which is understandable as the hashing and keys are admittedly confusing jargon here's some basic help, delivered without a sneer.

Advertisement - Article continues below

Rudd, consider an encrypted message like a home: we all lock the front and back door to prevent someone getting in at either end, and it'd be foolish to leave a window open. You're not asking for an always open window, merely one with a lock and the key handed to security services. The problem is that lock can  and will  be picked or the key lost.

Simple explanations aside, Rudd has previously said she doesn't believe that "real people" actually care about end-to-end encryption, so it's no wonder she can't be bothered sitting down for two hours to read up on the subject.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020