UK and US plead with Mark Zuckerberg to bin encryption plans

Home secretary pens open letter to the Facebook chief as the nations strike historic data-access agreement


The UK government has written to Facebook CEO Mark Zuckerberg to warn the social media giant against implementing end-to-end encryption in all its messaging services.

In an open letter, signed by the home secretary Priti Patel, has set out the UK's opposition to Facebook's plan to implement end-to-end encryption across its suite of messaging services. Its fellow signatories include US Attorney General William Barr, US secretary of homeland security Kevin McAleenan, and Australian minister for home affairs Peter Dutton.

Advertisement - Article continues below

The nations have collectively asked for Facebook and other social media companies to enable law enforcement agencies to obtain 'lawful access' to content in a readable and usable format. Their demands also list embedding the 'safety of the public' in system designs in order for companies to monitor illegal content more effectively and make prosecutions easier to carry out.

"Security enhancements to the virtual world should not make us more vulnerable in the physical world," the letter said.

"We must find a way to balance the need to secure data with public safety and the need for law enforcement to access the information they need to safeguard the public, investigate crimes, and prevent future criminal activity.

"Not doing so hinders our law enforcement agencies' ability to stop criminals and abusers in their tracks."

Advertisement - Article continues below

The signatories claimed that companies should not deliberately design their systems with technologies like end-to-end encryption in mind, as this precludes any form of access to content, even for investigating serious crime.

Advertisement - Article continues below

Patel and her counterparts also suggested the use of encryption for messaging services erodes a company's ability to detect and respond to illegal activity, from child sexual exploitation to terrorism.

Signatories acknowledged that Facebook carries out "significant work" to remove illegal content. For instance, the letter referenced the fact that in 2018 Facebook made 16.8 million reports to the US National Center for Missing & Exploited Children. This represented 90% of the total reports that year.

"Risks to public safety from Facebook's proposals are exacerbated in the context of a single platform that would combine inaccessible messaging services with open profiles, providing unique routes for prospective offenders to identify and groom our children," the letter continued.

"Facebook currently undertakes significant work to identify and tackle the most serious illegal content and activity.

"Our understanding is that much of this activity, which is critical to protecting children and fighting terrorism, will no longer be possible if Facebook implements its proposals as planned."

Advertisement - Article continues below

The letter's publication coincides with a historic data access agreement struck between the UK and US to allow law enforcement agencies to obtain data and information from service providers. Under the bilateral agreement, law enforcement agencies can directly ask tech companies either side of the Atlantic to access user data, rather than by having to go through governments.

Current arrangements see requests from law enforcement agencies submitted and approved by governments through the Mutual Legal Assistance (MLA) mechanism, which can take between six months and two years to process. The bilateral agreement would see this reduced to a matter of weeks, the UK government claims.

The UK has also "obtained assurances" that evidence obtained through this mechanism wouldn't be used in cases where the prosecution was seeking the death penalty, in line with its opposition, the government added.

Advertisement - Article continues below

The timing of the letter's publication is significant in light of the data-sharing agreement. WhatsApp has traditionally proved a thorn in the side of law enforcement, given the difficulty accessing the contents of messages sent between individuals through the service. The letter represents renewed efforts to overcome this barrier to law enforcement posed by encryption.

Advertisement - Article continues below

Executive Director of the Open Rights Group (ORG) Jim Killock has railed against suggestions that UK and US politicians are seeking alternatives to encryption, such as 'fingerprinting' files which can trace 'encrypted' content back to users.

"It is disturbing that Priti Patel alongside US politicians appear to wish to bully specific companies into stopping plans to allow users to encrypt their private communications," he said. "If politicians want companies to take action, they should be prepared to legislate.

"Encryption is used for many legitimate reasons, from banking through to keeping personal communications private from corporations."

He added it's "very worrying" that some politicians are suggesting that encryption systems should be used to examine files and communications before sending them, to examine these against already-banned communications.

"This could rapidly be deployed against whistleblowers, journalists and campaigners. Building global capabilities that can be used to suppress legitimate free expression is very unwise. 

Advertisement - Article continues below

"We should be sceptical about concerns expressed about encryption, and ensure that our fears of the worst kinds of criminals are not used to limit our everyday rights to privacy and free speech."

Patel has joined a string of UK home secretaries, including her predecessors Sajid Javid and Amber Rudd, in campaigning against the use of the technology; particularly in light of Facebook's plans to wrap its disparate social messaging platforms into a unified service.

Javid was previously part of threats issued by the 'five eyes' nations to legislate if tech giants wouldn't voluntarily remove end-to-end encryption. These threats were made in September last year, but no legislation has since been forthcoming.

The bilateral agreement is similar in nature to the EU-US Privacy Shield which allows for cross-border data sharing for commercial purposes.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now


Network & Internet

What is the California Consumer Privacy Act (CCPA)?

1 Jul 2020

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020

How to find RAM speed, size and type

24 Jun 2020
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020