UK and US plead with Mark Zuckerberg to bin encryption plans

Home secretary pens open letter to the Facebook chief as the nations strike historic data-access agreement


The UK government has written to Facebook CEO Mark Zuckerberg to warn the social media giant against implementing end-to-end encryption in all its messaging services.

In an open letter, signed by the home secretary Priti Patel, has set out the UK's opposition to Facebook's plan to implement end-to-end encryption across its suite of messaging services. Its fellow signatories include US Attorney General William Barr, US secretary of homeland security Kevin McAleenan, and Australian minister for home affairs Peter Dutton.

The nations have collectively asked for Facebook and other social media companies to enable law enforcement agencies to obtain 'lawful access' to content in a readable and usable format. Their demands also list embedding the 'safety of the public' in system designs in order for companies to monitor illegal content more effectively and make prosecutions easier to carry out.

"Security enhancements to the virtual world should not make us more vulnerable in the physical world," the letter said.

Advertisement - Article continues below
Advertisement - Article continues below

"We must find a way to balance the need to secure data with public safety and the need for law enforcement to access the information they need to safeguard the public, investigate crimes, and prevent future criminal activity.

"Not doing so hinders our law enforcement agencies' ability to stop criminals and abusers in their tracks."

The signatories claimed that companies should not deliberately design their systems with technologies like end-to-end encryption in mind, as this precludes any form of access to content, even for investigating serious crime.

Patel and her counterparts also suggested the use of encryption for messaging services erodes a company's ability to detect and respond to illegal activity, from child sexual exploitation to terrorism.

Signatories acknowledged that Facebook carries out "significant work" to remove illegal content. For instance, the letter referenced the fact that in 2018 Facebook made 16.8 million reports to the US National Center for Missing & Exploited Children. This represented 90% of the total reports that year.

"Risks to public safety from Facebook's proposals are exacerbated in the context of a single platform that would combine inaccessible messaging services with open profiles, providing unique routes for prospective offenders to identify and groom our children," the letter continued.

Advertisement - Article continues below

"Facebook currently undertakes significant work to identify and tackle the most serious illegal content and activity.

"Our understanding is that much of this activity, which is critical to protecting children and fighting terrorism, will no longer be possible if Facebook implements its proposals as planned."

The letter's publication coincides with a historic data access agreement struck between the UK and US to allow law enforcement agencies to obtain data and information from service providers. Under the bilateral agreement, law enforcement agencies can directly ask tech companies either side of the Atlantic to access user data, rather than by having to go through governments.

Current arrangements see requests from law enforcement agencies submitted and approved by governments through the Mutual Legal Assistance (MLA) mechanism, which can take between six months and two years to process. The bilateral agreement would see this reduced to a matter of weeks, the UK government claims.

Advertisement - Article continues below

The UK has also "obtained assurances" that evidence obtained through this mechanism wouldn't be used in cases where the prosecution was seeking the death penalty, in line with its opposition, the government added.

The timing of the letter's publication is significant in light of the data-sharing agreement. WhatsApp has traditionally proved a thorn in the side of law enforcement, given the difficulty accessing the contents of messages sent between individuals through the service. The letter represents renewed efforts to overcome this barrier to law enforcement posed by encryption.

Advertisement - Article continues below

Executive Director of the Open Rights Group (ORG) Jim Killock has railed against suggestions that UK and US politicians are seeking alternatives to encryption, such as 'fingerprinting' files which can trace 'encrypted' content back to users.

"It is disturbing that Priti Patel alongside US politicians appear to wish to bully specific companies into stopping plans to allow users to encrypt their private communications," he said. "If politicians want companies to take action, they should be prepared to legislate.

"Encryption is used for many legitimate reasons, from banking through to keeping personal communications private from corporations."

He added it's "very worrying" that some politicians are suggesting that encryption systems should be used to examine files and communications before sending them, to examine these against already-banned communications.

"This could rapidly be deployed against whistleblowers, journalists and campaigners. Building global capabilities that can be used to suppress legitimate free expression is very unwise. 

"We should be sceptical about concerns expressed about encryption, and ensure that our fears of the worst kinds of criminals are not used to limit our everyday rights to privacy and free speech."

Advertisement - Article continues below

Patel has joined a string of UK home secretaries, including her predecessors Sajid Javid and Amber Rudd, in campaigning against the use of the technology; particularly in light of Facebook's plans to wrap its disparate social messaging platforms into a unified service.

Javid was previously part of threats issued by the 'five eyes' nations to legislate if tech giants wouldn't voluntarily remove end-to-end encryption. These threats were made in September last year, but no legislation has since been forthcoming.

The bilateral agreement is similar in nature to the EU-US Privacy Shield which allows for cross-border data sharing for commercial purposes.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now



The Story Behind Trump's Tech Tariffs

25 Jan 2020
artificial intelligence (AI)

How Bank of America uses AI to improve customer service and take on competitors

22 Jan 2020
Careers & training

The tech skills you need to succeed in the US

21 Jan 2020
data protection

Box CEO: Most internet users will ditch privacy for online services

3 Jan 2020

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020

Windows 10 and the tools for agile working

20 Jan 2020
public sector

UK gov launches £300,000 SEN EdTech initiative

22 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020