Backdoor? What backdoor?
Sometimes being popular gives you the power to do what’s right.
WhatsApp, the widely used messaging app, is about to find out how much leverage one billion users gets you.
The Mountain View-based company is facing scrutiny after it was revealed that the accused Westminster Bridge attacker used the service to send a message shortly before killing four people and injuring scores of others in London on March 22.
The message was encrypted and the authorities are not happy about being unable to read it. And so what’s a law-abiding company to do? Build a backdoor allowing government officials, and potentially nefarious actors, a future way in?
WhatsApp, which was bought by Facebook in 2014, is not having it.
WhatsApp co-founders Brian Acton and Jan Koum announced in April of 2016 the implementation of full end-to-end encryption by default, and it’s this vital security feature that’s put the company in the crosshairs of UK Home Secretary Amber Rudd. That’s because all WhatsApp messages are encrypted — meaning the company can’t provide the contents of the London attacker’s message to British officials.
But it’s not like WhatsApp doesn’t want to help.
“We are horrified at the attack carried out in London and are cooperating with law enforcement as they continue their investigations,” a WhatsApp spokesperson wrote to Mashable.
For Rudd, it appears this cooperation isn’t good enough.
"We need to make sure that organizations like WhatsApp, and there are plenty of others like that, don’t provide a secret place for terrorists to communicate with each other," Rudd told the BBC.
Image: RICK FINDLER/REX/SHUTTERSTOCK
The day after the attack.
But the nefarious "secret place" described by Rudd is really just a simple thing called privacy — the privacy of WhatsApp’s billion or so non-terrorist users to communicate with friends, loved ones, colleagues or whomever without snooping eyes peering in.
Those eyes could just as easily belong to cyber criminals as to government officials, a big concern for activists around the world protesting against oppressive regimes.
Thankfully, Acton understands what’s at stake.
"WhatsApp does not give governments a ‘backdoor’ into its systems," he wrote two months ago in a Reddit post linked to Mashable by a WhatsApp spokesperson. "WhatsApp would fight any government request to create a backdoor."
But what is Acton to do if British officials tell him to play ball or get out? Mashable asked a Whatsapp spokesperson if the company would consider building a Britain-specific backdoored version of the app, and we were simply referred to the above statement.
Talk of creating a "golden key" for governments to break encryption was all the rage back when the FBI was pressuring Apple to unlock an iPhone following the San Bernardino attack. One problem with that idea, which the Wikileaks Vault 7 data dump seems to prove, is that the government can’t keep its hacking tools secure.
Essentially, any so-called golden key would likely be copied over and over again — giving anyone with the cash or connections the ability to render encryption worthless.
Which brings us back to UK Home Secretary Rudd. The New York Times reports that British officials are set to press tech executives at a March 30 meeting about future government cooperation, and with her recent "secret place" comments setting the stage we can bet that encryption will be the topic du jour.
Just like Rudd, WhatsApps has made its stance on the matter clear. For the sake of the company’s billion-plus users’ privacy and security, we hope that Acton doesn’t back down.