This year Whatsapp decided to use end-to-end encryption for all whatsapp messages in following of their concurrent Telegram. This to protect the privacy of all users and ensure the users that their private messages keep private.
This week Rob Bertholee, the CEO of the AIVD (Dutch national security agency) spoke out in an interview that the AIVD wants the power to crack the encryption of Whatsapp. According to the AIVD the increasing use of information-encryption leads to problems regarding to the prevention of terrorism. The ideal situation for the AIVD would be to have an oversight of the whole criminal network, provided by their phone network history.
But of course this raises again the security versus privacy discussion. How much privacy is your safety worth? Should the AIVD have insights in everyone’s personal messages to protect the country?
History doesn’t prove that spying is the right solution. Before Whatsapp decided to encrypt their messages, people made use of PGP (Pretty Good Privacy) telephones. The government got the rights to crack these and since then they use them as prove in court for criminal cases. This should make the process more easy, but has so far disappointing results. A lot of criminals use aliases to stay anonymous and if they handled secure, the messages weren’t retraceble.
I would like to plead that privacy is not dead (yet) and that analyizing personal messages isn’t the right solution to protect citizens. Privacy is crucial for self-identity and autonomy. (Focault, 1977) (Wolf, R. D., & Heyman, R. ;2015).
“Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others” (Westin, 1968).
Also if the AIVD gets access to the messages, it is not sure how they’ll analyze the messages. Which false-positive ratio would be acceptable? And for what extend of time can they store the information? Another raising question is how they can ensure the security. Once there is a crack, the security of the messages is much harder to maintain.
What do you think? Would you let the AIVD read your messages? Does privacy still excist and if so, where do we draw the line?
http://nos.nl/artikel/2132835-aivd-plan-om-versleuteling-whatsapp-te-omzeilen-veel-te-gevaarlijk.html
Wolf, R. D., & Heyman, R. (2015). Privacy and Social Media. The International Encyclopedia of Digital Communication and Society.
Foucault, M. (1977). Discipline and punish: The birth of the prison. Vintage.
Westin, A. F. (1968). Privacy and freedom. Washington and Lee Law Review,25(1), 166.
Hi Fenna,
Thank you for this interesting blogpost, I believe it is really important to have a public debate on this relevant topic. I have two thoughts about your post. Firstly, I really agree on you, analyzing private messages is not the right solution to protect citizens. I believe we should really care about our privacy, more than we now do. If you wan’t to chat safely, there are alternatives for Whatsapp, take a look at the app Signal. Secondly, criminals will also find these new applications and ways of communication. Security services will always be one step behind, that’s why I believe it won’t be succesfull on the long term.
https://theintercept.com/2016/06/22/battle-of-the-secure-messaging-apps-how-signal-beats-whatsapp/
Dear Fenna, thank you for your post. I agree with you and Leon that analyzing private messages is not the right solution to protect citizens. However, since people are often careless with their privacy, this makes it easier for governments to just read message / listing to phone calls. While I agree with Leon that there are alternatives to Whatsapp, often people do not look into those and just prefer using what they already know, as it is easy and all their friends/family have it too. Secondly, I believe criminals do not use whatsapp, but rather other means of messaging and contacting each other, as they actually do care about their privacy. Thus, even if AIVD gets access to our whatsapp messages, how likely is that a criminal will still use Whatsapp? I am sure they read the news and are very aware of what the government has access too. Hence, I believe in this case, our privacy should come first, as I do not think giving AIVD access to our Whatsapp will increase our security.
You should watch this video:
https://www.youtube.com/watch?v=VPBH1eW28mo
It’s by GCP Grey and explains why digital “locks” shouldn’t have “master keys”.
Hey Sverre, thank you for your suggested video! I heard about it, also a very good reason indeed!
There’s also the very strong negative opinion of the leading tech firms on this matter: when the iPhone of the San Bernardino shooter was found locked earlier this year, the FBI demanded that Apple provides a) the key to decrypt the phone and b) considers building a backdoor into their products.
The tech community at large flat-out refused to acknowledge that these were valid requests, citing exactly these rights to privacy in data communications.
And so it went that the FBI most likely contracted the work out to private security agencies.
That raises the question: if the tech giants can refuse to acknowledge the FBI’s demand, what is, realistically, what the AIVD hopes to achieve? Jury is still out!
Hi Fenna! Thanks for your post. I think this dilemma is quite a difficult one – on the one hand, the government wants access to our messages in order to protect us from criminals. But, this comes at the expense of our privacy and them knowing our everyday life. A good example can be seen in the case where Microsoft was not forced to turn over emails stored in Ireland to the American government regarding a drug investigation. The privacy of individuals was respected, but at the same time, this win made a ‘legal loophole to be exploited by fraudsters, hackers and drug traffickers.’ I think this arises an important question, where do we make the trade off between respecting privacy and permitting unlawful behavior?
– https://www.bloomberg.com/view/articles/2015-09-08/of-course-the-government-wants-to-read-your-texts
– http://www.irishtimes.com/business/technology/microsoft-wins-appeal-over-access-to-irish-emails-1.2722027