“Social media companies have been laughing in our faces”
This quote from a UK government official, perhaps more than any other statement, cuts to the core of the tension that exists around the issue of data encryption.
As we have documented here previously, governments, technology companies, enterprises and users have been at loggerheads over encryption for a number of years. Governments, particularly in the US and the UK have called for weaker encryption to aid security services in their efforts to combat terrorism, while businesses and users have largely been appalled by the idea that their data should be made less secure.
This issues remain close to the surface as reports this month reveal that the Conservative party in the UK, should it win the upcoming election, plans to push through measures to allow controversial Technical Capability Notices (TCNs) to force telcos, ISPs and social networks to hand over details of users’ communications – further weakening encryption in the UK.
These reports, and the quote from the unnamed UK official should show once and for all that for the UK and a number of other countries data privacy is seen as an inconvenience – something to be watered down and worked around, rather than something to be defended.
As the Open Rights Group commented: “It is worrying to hear that … the Home Office wants to push ahead with proposals to force companies to weaken the security of their products and services. Our core concern is that using TCNs to force companies to limit or bypass encryption or otherwise weaken the security of their products will put all of us at greater risk.”
There is no doubt, that for businesses operating in the UK this news should be extremely troubling. While the efforts to get ready for GDPR have rightly been prioritised by many businesses, it is clear that threats to encryption should be viewed as an equally important issue.