April 8, 2016    5 minute read

Whatsapp’s Security Breakthrough

   April 8, 2016    5 minute read

Whatsapp’s Security Breakthrough

You may have seen ‘end-to-end encryption’ pop up on your WhatsApp recently. However, you may not have realised that what you were witnessing was a groundbreaking victory for free speech and communications. The technological breakthrough of human rights have been hailed by the likes of Amnesty International, security professionals, journalists, and everyday communications users around the world. Except that, it is not such a celebratory moment for the likes of politicians and law-enforcers.

What does encryption entail, and why the big deal?

Encryption means that WhatsApp has eliminated potential eavesdroppers by ensuring that any form of communication through its platform cannot be intercepted.

Of course, tech giants like Apple have also implemented similar security measures. However, with such a wide base of products, such measures are seriously flawed. While iPhones have established end-to-end encryption on iMessage, this encryption can be completely undermined and necessarily negated by the iCloud service. Moreover, iMessaging only applies for iPhones communicating with other iPhones. About 700 million iPhones have been sold to date, and this is without knowing how many are still in use. WhatsApp can be utilised on almost any phone, and, at this very moment, 1 billion people use their service. 

What makes it even more shocking, is that all of this was done by a tiny group of no more than fifteen individuals sat at Californian WhatsApp headquarters – fifteen engineers determined to deliver an effective mass security measure for over a billion users around the world.

Whatsapp’s public key encryption system

Whatsapp’s public key encryption system

 

Over the past few years, companies like WhatsApp have been pressured to create backdoors in their security schemes for the access of governments, law and intelligence agencies. There are two major concerns about this. Firstly, companies would be making the conscious decision for security and safety rights of their customers to be blatantly infringed upon. Secondly, complying with such demands would set a dangerous legal precedent. Opening the back door is opening the door for abuse, where personal data may well become subject to the whims of Governments, hackers, cybercriminals, rogue states… you name it.

Growing concerns over security

Ever since Snowden let the sly government-surveillance cat out of the bag, the fiery debate over security and privacy in our digital age raged on.

What has intensified reaction towards WhatsApp’s move is the recent momentum around the issue of encryption. It happened in the wake of Apple CEO, Tim Cook, publishing his open letter that steadfastly refused an FBI court order demanding to unlock a phone that belonged to a shooter of the San Bernardino attack. Meanwhile, in the UK, the Government has been pushing a bill that requires for WhatsApp and iMessage to break their security when national spies deem it “practicable.” While this bill had to be redrafted to include tighter restriction after being faced by criticism from parliament members and the public, its central security-breaching tenet still holds. These concerns demonstrate an apparent clash between the individual sovereignty and the national sovereignty.

Facebook – who owns WhatsApp – has revealed that the number of government requests for their content to be taken down has surged, as have requests for basic details like IP addresses and account content to be provided. Facebook has assured the public that they do not provide direct access to people’s data. And yet, based on a think tank’s recent assessment of user agreement policies, the World’s biggest tech companies fail miserably on providing users with basic disclosure about privacy and censorship. These tech giants include US-based Facebook, Google, and Microsoft; along with leading companies from Europe, China and South Korea.

Graph showing companies’ percentage grades on privacy, freedom of expression and commitment to this values. Red highlights scores lower than 50%. No company scored an aggregate grade higher than 65%.

The graph produced by New America Foundation thinktank, showing companies’ percentage grades on privacy, freedom of expression and commitment to this values. Red highlights scores lower than 50%. No company scored an aggregate grade higher than 65%.

 

An unsolvable paradox?

The situation seems counterintuitive: Extra security in products provides for a ‘safer world’, in the words of Acton, founder of WhatsApp. On the other hand, public safety costs are said to be at stake. WhatsApp’s move has reportedly been condemned by an FBI attorney as threatening the works of law enforcement.

Defenders of encryption may well claim that security guarantees bring a greater amount of good to a greater number of people. The utilitarian argument could be turned on its head by Federal Government – for example, such inconsequential trivialities like a peace of mind would be at the expense of preventing mass injuries and fatalities conducted by large-scale terror attacks.

Perhaps more concrete arguments that have been put forward are that by merely adding a backdoor or removing encryption, you wouldn’t put a plug on the bad guys, particularly given the fact that encryption tools are freely available to the public today. They’d just go elsewhere. This snowball effect could go even further, opening up important questions posed by Adam Schiff of the House Intelligence Committee: “If we require our companies to build in a door, do we need to let China through the door? Or do we have to create doors for them when these services are used in their countries?” There is also the concern that authoritarian countries may be able to abuse it for non-law enforcement purposes, such as to stifle dissent.

The very delicate controversy surrounding WhatsApp’s move is exemplified in the protracted silence held by FBI, the Justice Department and Facebook on the issue.

The future of personal communication is on the line, and it looks to be a long and bloody battle between individual and national interests.

Get articles like this straight to your inbox each morning with our Breakfast Briefing. Sign up by clicking here!

Log in with your details

or    

Forgot your details?

Create Account

Send this to a friend