A proposal by the UK intelligence agency GCHQ, which alleges that a group of 47 companies have been eavesdropping on encrypted messages, has been criticized strongly by Apple, Google, Microsoft and WhatsApp. The four companies were among the 47 which face the allegations made by the proposal. An open letter has been published on Lawfar, in which the companies have clearly stated that this would undermine security, threaten trust in messaging services that have encryption and endanger citizen’s right to privacy and freedom of expression.
It is worth mentioning that the proposal from GCHQ was published in November last year in a series of essays, and at this point in time, it does not reflect any legislative agenda from the agency. The essay has arguments of two British intelligence officials that law enforcement should be present as a ghost participant in every encrypted chat on these platforms.
This basically means that no matter which messaging service you use; intelligence agencies would be CC’d in on encrypted messages. According to the authors of the proposal, the solution that they have offered is just as invasive as the practices that are being followed currently around eavesdropping on unencrypted telephone conversations.
We should point out that the approach that has been suggested would eliminate the need of back doors to be added to encryption protocols.
However, the technology companies that we mentioned earlier do not agree with this and have said that this solution would “seriously undermine user security and trust.” Furthermore, they have added that for doing this, messaging apps would need to change the way they use encryption and they would also have to mislead users by hiding notifications about who all are present in the chat.
The open letter says, “we write to express our shared concerns that this particular proposal poses serious threats to cybersecurity and fundamental human rights including privacy and free expression.”
It further added, “the ghost proposal would create digital security risks by undermining authentication systems, by introducing potential unintentional vulnerabilities, and by creating new risks of abuse or misuse of systems.”
When the open letter was published, the proposal’s original author Ian Levy from Cyber Security Centre said that the proposal was only hypothetical in nature and it was meant to be a ” starting point for discussion.” In a statement to CNBC, he also added, “We will continue to engage with interested parties and look forward to having an open discussion to reach the best solutions possible.”
For the latest gadget and tech news, and gadget reviews, follow us on Twitter, Facebook and Instagram. For newest tech & gadget videos subscribe to our YouTube Channel. You can also stay up to date using the Gadget Bridge Android App.
