Politics

Amber Rudd has got it backwards—encryption is key to defending our civil liberties

End-to-end encryption allows journalists to speak to sources, and lawyers to their vulnerable clients. We mustn't let a climate of fear impinge on our right to speak privately

August 03, 2017
Amber Rudd's approach to encryption ignores how many people use it for innocent means. Photo: PA/Prospect composite
Amber Rudd's approach to encryption ignores how many people use it for innocent means. Photo: PA/Prospect composite

Since the gruesome attacks in Westminster and Manchester, end-to-end encryption has become something of a buzzword for the beleaguered government. In a recent article for The Daily Telegraph, Home Secretary Amber Rudd has returned to the fray in the most apocalyptic of terms: “The enemy online is fast. They are ruthless. They prey on the vulnerable and disenfranchised. They use the very best of innovation for the most evil of ends.” This measure, like all other digital surveillance measures, is a matter of “national security.” In the seemingly never-ending war of “us” versus an increasingly amorphous “them”, civil liberties promise to be the first casualty.

In a confused and confusing piece, Rudd dismisses a blanket ban on encrypted messaging, instead proposing “specific, targeted” surveillance. Despite her claims to the contrary, such measures would require a backdoor, a hole in the encryption software which government and tech companies—not to mention hackers—would be able to exploit. Renate Simpson, Chief Executive of civil liberties group Big Brother Watch, has characterised Rudd’s remarks as “at best naïve, at worst dangerous.”

End-to-end encryption isn’t a pick-and-choose software: encryption is total or it is insecure. As Bruce Schneier, cybersecurity expert and Fellow at Harvard’s Berkman Center for Internet and Society, has argued: “If a backdoor exists, then anyone can exploit it.” The security of end-to-end encryption relies on its near-total impenetrability from sender to recipient: even the tech companies who built Whatsapp, Telegram, Signal and other encrypted services do not have access to information sent using their networks.

“Real people,” Rudd argues, don’t need encryption: “Who uses WhatsApp because it is end-to-end encrypted, rather than because it is an incredibly user-friendly and cheap way of staying in touch with friends and family?” The answer, her less-than-subtle subtext mutters, is terrorists.

Secure communication matters

But there are other answers, too, ones which see the world through a less paranoiac lens. End-to-end encryption is vital for lawyers protecting vulnerable clients; whistle-blowers exposing mass corruption and misconduct; refugees fleeing state persecution; human rights activists fighting oppressive regimes; and journalists, like myself, who rely on secure communication with invaluable but highly precarious sources whose lives would be in jeopardy if caught. Worldwide, some 348 journalists were detained at the end of 2016, according to Reporters Without Borders. The specious charges on which many of them are held? “National security.”

But one doesn’t need a professional reason to demand encryption. Political objections should suffice: civil liberties are worth little if the government can infringe upon them at will, and liberty must not be subject to ostensibly benevolent government oversight. As the US election showed more clearly than perhaps any other, even the most superficially secure liberal democracies can fall prey to cancerous authoritarianism. Legislative change requires not simply that you trust this government with your personal data, but all future governments for as long as the law remains on the statue book.

An ongoing crackdown

Attacks on end-to-end encryption are perhaps unsurprising. Undermining encryption is but one new tool in a range of measures implemented since 2015. Without the brakes applied by the Liberal Democrats during the Coalition years, the Conservative government has led the charge on surveillance at breakneck pace. The notorious Snooper’s Charter, formally known as the Investigatory Powers Act, gained royal assent in 2016, and offered a sweeping array of new powers: targeted hacking in the UK, bulk hacking abroad, and the requirement that internet providers log all browsing history for 12 months. Even reading this article, your digital footprint is being saved for potential future surveillance.

The government’s latest attack on privacy puts the UK in dubious company: Saudi Arabia, Turkey, Russia, China and Egypt all impose stringent bans on certain forms of encrypted communication and surveillance-resistant technology, and all use the cloak of national security for anti-democratic ends.

With every new act of terror, extremists nudge governments into more and more repressive stances. “National security” has been deployed as justification for a normalisation of extra-judicial practices. 9/11 gave rise to The Patriot Act, legislation so sweeping, indiscriminate and illiberal that lawmakers explicitly wrote in a clause limiting its viability to a five-year timespan. Under Obama’s tenure that clause was removed. Exceptional measures become the new normal.

Our climate of fear

The rise of emergency politics, in which a climate of fear sanctions extraordinary extensions of government power, shows no sign of abating. Under the conditions of emergency, extra-judicial practices, increased surveillance, and pervasive clampdowns on liberties we take for granted become acceptable conduct.

Undermining encryption may well prevent specific terrorist plots on UK soil, but the opportunities it creates for hackers, foreign governments, and future regimes who might well be less benevolent than we can foresee must not be ignored. Rudd’s intentions may be good, but myopic digital policy comes at a cost—one we should be prepared to pay.