Amber Rudd: “I don’t need to understand how encryption works to understand how it’s helping the criminals”
Groundhog Day is here once again: the home secretary Amber Rudd has stressed that end-to-end encryption is bad news – admittedly a view that puts her at odds with former head of GCHQ, Robert Hannigan, who described it as an “overwhelmingly good thing”.
Rudd’s longstanding view is that end-to-end encryption – which cannot be read by anyone but the sender or the receiver, not even the companies designing the apps – makes messaging apps a haven for terrorists and criminals to plot their acts without risk of reprisal. This is true, of course, but you could say the same thing about vanishing inks, a secret code or a conversation held in private. Additionally, there are enormous issues with the idea of either banning end-to-end encryption (goodbye security) or creating backdoors for the good guys: bad guys can also use doors, and deliberately hobbled security is, by definition, no security at all.
Nonetheless, the Conservative Party conference is underway in Manchester, and speaking at a Spectator fringe event, Rudd was asked directly whether she understood how end-to-end encryption worked. The answer really shouldn’t inspire confidence in anyone, let alone an elected official whose brief includes thinking about it an awful lot.
“It’s so easy to be patronised in this business,” the home secretary replied. “We will do our best to understand it.”
Right. Is that a yes or a no?
“We will take advice from other people, but I do feel that there is a sea of criticism for any of us who try and legislate in new areas, who will automatically be sneered at and laughed at for not getting it right.”
Yes or no, Ms Rudd?
“I don’t need to understand how encryption works to understand how it’s helping – end-to-end encryption – the criminals.”
“I will engage with the security services to find the best way to combat that.”
But here’s the rub, Rudd: if it were a super-simple problem to fix with any of the populist magic bullets you’ve fired out your policy pop gun, somebody would have done it by now. This is a point raised in response by Michael Beckerman, chief executive of the Internet Association, who was also on the panel, who explained that “since it is just math and it has been invented it can’t be uninvented”.
He went on: “So even if every internet company that we represent said ‘okay, we are turning off encryption’, you are just weakening the security for everybody in this room but that math, that technology, still exists for others to use on other platforms.”
“I am not suggesting you give us the code,” Rudd responded, adding: ” I understand the principle of end-to-end encryption – it can’t be unwrapped. That’s what has been developed. What I am saying is the companies who are developing that should work with us.”
Rudd seems to have a very good grasp on the “why” and has strong opinions on the “who”. The “how” remains eye-rollingly illusive eight months after she first floated the idea. Alright, you could ban Facebook, WhatsApp, Twitter, Telegram and Google from operating in the UK (although good luck getting re-elected on that toxic manifesto), but how do you stop terrorists sideloading banned apps? Or using the dark web to chat? Or just planning their attacks outside of the UK? Or using secret codes without phones?
These questions don’t have remotely plausible answers. Which is why this debate keeps coming back time and time again. Still, politically the idea of being tough on crime plays well, so the home secretary likely will gain something from this grandstanding. It just won’t be a coherent government policy on tackling terror. Ho hum.