Officials are calling on Facebook not to use encryption in its messaging services that does not provide authorities a way to see what is being sent.
The request was made in a letter signed by US Attorney General William Barr, British home secretary Priti Patel and Australian minister for home affairs Peter Dutton.
“We are writing to request that Facebook does not proceed with its plan to implement end-to-end encryption across its messaging services… without including a means for lawful access to the content of communications to protect our citizens,” said a copy of the letter obtained by AFP and dated October 4.
The letter called on Facebook and other companies to make sure messaging systems were not so well-encrypted that law enforcement couldn’t see “content in a readable and usable format” if such needs arose.
The request, addressed to Facebook chief Mark Zuckerberg, raises anew the conflict between technology firms intent on protecting user privacy by scrambling messages with encryption, and government agencies contending that doing so would let wrongdoers hide their schemes.
The leading social network already encrypts WhatsApp messages from end-to-end — meaning only the sender and recipient can read the message, which is saved in encrypted form — and is working to extend the technology to other apps in its family, including Messenger.
End-to-end encryption protects the messages of over a billion people every day, according to a Facebook.
“It is increasingly used across the communications industry and in many other important sectors of the economy,” Facebook said in response to an AFP query.
“We strongly oppose government attempts to build backdoors because they would undermine the privacy and security of people everywhere.”
The nonprofit Center for Democracy and Technology (CDT), based in Washington, contended that governments signing the letter were using scare tactics to weaken the security of global communications and build in surveillance.
“Strong encryption and end-to-end security are bedrock technologies that keep information safe online,” said CDT senior technologist Hannah Quay-de la Vallee.
“These technologies protect billions of communications every day, from the sensitive correspondence of victims of domestic violence to businesses’ financial records to our private medical information.”
Facebook early this year said it was trying to get its messaging apps to be friends, allowing encrypted missives be exchanged no matter which of its services are used.
The California-based social network is behind free, stand-alone smartphone apps Instagram, Messenger and WhatsApp.
Each service is popular, but users have to be in the same application to exchange messages.
The joint letter to Facebook, paired with a freshly signed “CLOUD” data sharing agreement between Britain and the US, should set off “red flags” for citizens in both countries who care about governments monitoring and sharing their communications, the CDT argued.
The CLOUD Act Agreement will allow British and US law enforcement agencies, with appropriate authorization, to demand electronic data regarding serious crimes directly from tech companies based in the other country, according to a Department of Justice statement.
The agreement will allow “more efficient and effective access to data needed for quick-moving investigations,” Barr said in the statement.
“Only by addressing the problem of timely access to electronic evidence of crime committed in one country that is stored in another, can we hope to keep pace with twenty-first century threats,” he added.
The CDT said it would scrutinize details of the agreement, particularly for any requirements regarding building backdoors into communications systems.
“Creating a law that would mandate weaker and less secure technology is like mandating crumbling sidewalks to prevent criminals from escaping,” said Quay-de la Vallee.
“It’s ridiculous, it won’t work, and it puts us all at far greater risk of serious injury.”
Facebook interpreted the CLOUD Act to allow technology companies to enable users to have private online conversations and be required to provide available information to valid legal requests — not build backdoors into encrypted systems.