UK government ministers are planning to enforce new powers that would compel tech companies like WhatsApp and Apple to hand over encrypted messages, according to a report in The Sun.
The report was published less than 24 hours after Salman Abedi blew himself up at the Manchester Arena, killing 22 people in the process.
The UK government reportedly intends to lobby MPs to ensure that new rules — being referred to as Technical Capability Notices — get passed through Parliament soon as the general election is over on June 8.
“We will do this as soon as we can after the election, as long as we get back in,” a government minister reportedly told The Sun. “The level of threat clearly proves there is no more time to waste now.” They added: “The social media companies have been laughing in our faces for too long.”
The Technical Capability Notices would reportedly allow MI5 and the police to demand that tech giants decrypt suspect communications themselves. But it’s not clear how this would work in practice as the “end-to-end encryption” techniques used by the big tech firms make decryption impossible. The Home Secretary and a senior judge would reportedly have to sign off each order.
These new powers are probably linked to a draft Technical Capability Notice which leaked earlier this month. That paper, drawn up by the Home Office, showed how the government wants to give itself extensive spying powers like the ability to decrypt messages, and to force tech firms, ISPs, and mobile providers to hand over content in near real-time. Thanks to a law called the Investigatory Powers Act, the Home Office can do all of this in secret.
Silicon Valley companies take pride in the security of their communication services and firms like Apple seek to win over customers by insisting that their personal and private messages are 100% private. They have long argued that removing layers of encryption would require them to build backdoors into their systems that could then be exploited by hackers.
Apple CEO Tim Cook said in November 2015: “To protect people who use any products, you have to encrypt. You can just look around and see all the data breaches that are going on. These things are becoming more frequent. They can not only result in privacy breaches but also security issues. We believe very strongly in end-to-end encryption and no back doors.”
But terrorist attacks this year, such as the attack on Westminster in March, has given politicians the chance to pressure tech firms to comply with government information access requests.
Privacy campaign groups stressed on Wednesday that removing encryption could have terrible knock-on effects.
“Here we go all over again with demands to scrap encryption,” wrote Big Brother Watch on Twitter. “Encryption must not be defined as a zero-sum game.”
The Home Office reportedly held a four-week long consultation on its new powers that ended last Friday.
All technology companies with over 10,000 users would have to comply with the new rules and adapt their technologies accordingly, according to The Sun.