Any news about encrypted application laws is appealing to us and may be to you. One of the latest moves that could have affected users were the planned EU proposals to make companies offering encrypted applications like WhatsApp and Telegram give up data on terror suspects.
At present, data that is locked under end-to-end encryption cannot be accessed even by governments, who have a lot of money to spend on such things. Even we at Cylix cannot read your encrypted data on our applications.
Many questions have been raised by data encryption. While your sensitive, personal and business information are kept safe by encryption, so is that of people who use applications for carrying out nefarious deeds. So, should governments and law enforcement agencies be able to access data stored by people who are suspected terrorists?
It’s not an answer as simple as you may think.
The Risk of Weakening Encrypted Application Data Security
End-to-end encryption in apps like Telegram, Signal and WhatsApp prevents governments and anyone else from looking at your messages. Only you, who are sending the message, and the recipient of your messages will be able to read its contents. No one can intercept your messages while they are sent, not even the companies that make these apps.
Why is this important? Without protection, your data can become vulnerable to hackers, cyber-criminals and rogue states. Cyber-attacks are on the rise, and it is a relief for most people to know that there are apps they can turn to, to safely send sensitive messages. The EU has proposed and tries to guarantee that encrypted application creators cannot install ‘backdoors’ that would weaken the security of your messages, and enable spies to read them. In other words, EU does not want to store messages passed through encrypted applications, to refer to if the need arises.
But if government spies can read them for the nation’s security, soon it will become easier for hackers to read your messages and compromise your business information security. More and more people today are using encrypted applications for business communications. While with Cylix your data is encrypted locally, so you don’t have to worry about people reading them in transit, we must think about the future of personal communications. Is it justified to compromise personal data security of law abiding citizens? Should governments leave encrypted applications alone?
The case for allowing governments to access your information may draw its justifications from the recent attacks on Westminster in the UK. Adrian Ajao, the man who killed four people near Westminster in 2017, sent a WhatsApp message just before going off on his killing spree in the Parliament buildings. But law enforcement could not read these texts until they apprehended the recipient weeks later.
Is there an easy solution?
There isn’t an easy solution for dealing with lone wolves, small groups or international organizations who attempt to commit terrorist acts. But you either have encryption and end-to-end encryption, or you don’t. Dealing with online extremist messages on social media is one challenge which can be more or less addressed through collaboration. But encryption is a different cookie. It is one of the pillars of the global financial system and subsequently for the world economy, for the safety of personal and health information, for the security of journalists world wide and much more.
The EU has turned down the MPs urgings to install backdoors. Critics say that even if governments are allowed to save encrypted traffic to look at if the need arises, so much data may make it difficult for intelligence analysts to track the criminal they are looking for in time.
For now, those living in the EU won’t have to worry about people spying on their messages – unless their phones are bugged. What is your opinion on encrypted application security? Do you have ideas on how both sides of the issue can be resolved?