UK Home Secretary Amber Rudd has said intelligence services need to have access to encrypted messaging services, specifically WhatsApp, following the recent attack in Westminster. Her statement comes after reports that Khalid Masood, the man behind the incident, had connected to WhatsApp in the minutes before it took place. During an appearance on BBC One’s Andrew Marr Show, Rudd said the inability of intelligence services to access services such as WhatsApp “is completely unacceptable; there should be no place for terrorists to hide”.
“It used to be that people would steam open envelopes or just listen in on phones when they wanted to find out what people were doing, legally, through warranty. But on this situation we need to make sure that our intelligence services have the ability to get into situations like encrypted WhatsApp”, Rudd said. While reports have emerged that Masood connected to WhatsApp before the attack, the security system the app uses prevents agencies knowing what, if anything, was sent or received.
WhatsApp, which is owned by Facebook, uses end-to-end encryption to protect conversations, rendering them accessible only to participants. Messages are even inaccessible to the company itself. WhatsApp representatives have previously stated that privacy is a key feature of the app. In the past, its adherence to security has seen it temporally blocked in Brazil for refusing court requests.
Khalid Masood connected to WhatsApp before the Westminster attack, but the app prevents agencies from knowing was sent or received
The situation shares a number of similarities with Apple’s refusal to develop a backdoor to the iPhone that belonged to San Bernardino shooter Syed Farook. Apple refused to build an accessible custom operating system, with the FBI taking the company to court in an attempt to force it to do so. The case was dropped when the FBI announced it had found its own way into the iPhone, but did not disclose what that was.
Aside from the right to privacy, the challenge with encryption is that when workarounds are built into a system, a new door is opened for hackers. While Facebook and Apple may be able to build an encrypted system that is accessible on request, it would only be a matter of time before non-government agencies discovered the same exploit.