Say YES to encryption and NO to politicians!

With WhatsApp’s announcement that the app will now use end-to-end encryption it has divided people in groups of for and against; which is a shame as I believe that this is positive news that has been overshadowed by negative and misguided comments in the media. Included in those against is the UK’s Home Secretary, Amber Rudd. Amber Rudd believes that ‘real’ people don’t need end-to-end encryption and that encryption ‘is severely limiting agencies’ ability to stop terrorist attacks.’

I want to explain what end-to-end encryption is, why I believe that it’s use in WhatsApp is a good one and why I believe that Amber Rudd and the others against it are wrong!

End-to-end encryption is a system that allows only those communicating with each other to read messages. This means that your internet provider, telecom provider and WhatsApp cannot read your messages. Yes, even WhatsApp cannot read your messages…in theory! I will delve into that later on.

Why do some people think that WhatsApp using end-to-end encryption is a bad thing? One reason is that the authorities cannot read messages of a suspected criminal. I imagine that some of you are think, well that’s a good reason – but it’s not. This sort of view, which Amber Rudd has taken, is in my mind a flawed one. Let’s imagine that Amber Rudd convinces WhatsApp to reverse their decision and remove end-to-end encryption. The authorities would now be able to ask WhatsApp to give them messages of suspected criminals. So far so good. That, however is not the end of the story and where that flaw comes in! Everyone that is not a suspected criminal could potentially have their messages read by anyone that has the means or authority to. The reason I don’t agree with that system is not because of what people are up to but because of our rights to privacy. I have nothing to hide but I don’t think that anyone other than those communicating with each other should be able to see the conversation. I want every criminal stopped but removing end-to-end encryption to possibly catch some that use WhatsApp while eroding our privacy seems like a disproportionate method. Surely a sensible solution should maintain our right to privacy while taking aim at suspects. Also, once you remove encryption you have opened yourself up to the criminals, they can now try and snoop on your messages! Yes, removing encryption could empower those that you are trying to stop!

Remember I said that in theory WhatsApp cannot read your messages? Well in practice if they wanted to, they probably could. There has been a rumour spread that WhatsApp has a backdoor, which would be one way of doing it but in this case, it’s not true. The Guardian newspaper claimed that WhatsApp had a backdoor (and then altered their article because of people who understand technology better corrected them) and WhatsApp have denied the existence of any backdoor. Both the Guardian newspaper and Amber Rudd demonstrated a lack of understanding of technology. There is a way but it would be wrong to call it a backdoor. Besides, a backdoor would be a bad thing as criminals may try and use it!

WhatsApp uses Signal Protection, where each client is identified by a pair of keys composed of a public key and private key. The public key is advertised publicly through a server and the private key on the device. An encrypted channel is established using this pair. One possible way that WhatsApp could try and read messages is by performing a ‘man in the middle’ attack.

To summarise, I would like politicians to not try and influence technology companies, especially when they don’t completely understand what they are talking about and the implications of what they say. In my view encryption is a tool for good, it protects the ‘everyday’ citizen. I think that WhatsApp should be commended for using end-to-end encryption, when did security become the enemy?