ICO Disagrees With Government-Backed Encryption Campaign
UK data protection watchdog, the ICO, says encryption provides protections for children, after government-backed campaign against it
The UK’s Information Commissioner Office (ICO) has forcefully waded into the debate surrounding end-to-end encryption (E2EE) and child abuse.
Last week the government backed the ‘NoPlaceToHide’ advertising campaign with public funds. The campaign alleges that delaying the deployment of end-to-end encryption on certain social media apps will prevent child abusers from hiding online.
It wants the implementation of E2EE to be delayed until social media platforms make a public commitment they will only implement end-to-end encryption when they have the technology to ensure children’s safety won’t be put in jeopardy as a result.
ICO response
WhatsApp, Signal and Telegram already use end-to-end encryption, and Meta (Facebook) is also planning to roll it out on Facebook Messenger.
But for years now the UK government (and other governments) have threatened to take action against encryption in general.
But the ICO disagrees with the government and the NoPlaceToHide campaign, and has publicly stated that end-to-end encryption actually “strengthens children’s online safety by not allowing criminals and abusers to send them harmful content or access their pictures or location.”
“The discussion on end-to-end encryption use is too unbalanced to make a wise and informed choice,” noted Stephen Bonner, ICO’s Executive Director for Innovation and Technology. “There is too much focus on the costs without also weighing up the significant benefits.”
“E2EE serves an important role both in safeguarding our privacy and online safety,” said Bonner “It strengthens children’s online safety by not allowing criminals and abusers to send them harmful content or access their pictures or location.”
“It is also crucial for businesses, enabling them to share information securely and fosters consumer confidence in digital services,” said Bonner.
“E2EE is seen by some to hinder the clamp down on child abusers because it leaves law enforcers blind to harmful content,” Bonner noted. “But having access to encrypted content is not the only way to catch abusers. Law enforcers have other methods such as listening to reports of those targeted, infiltrating the groups planning these offences, using evidence from convicted abusers and their systems to identify other offenders.”
“We are also seeing a range of other techniques and innovations available that can be used without accessing content to help stop abuse or catch those trying to harm,” said Bonner. “As an example, platforms are listening to teenagers’ reports and limiting search results for anyone attempting unwanted contact.”
“Government should continue to put the effort into maximising law enforcement and innovative techniques, such as the Safety Tech Challenge,” said Bonner. “Until we look properly at the consequences, it is hard to see any case for reconsidering the use of E2EE – delaying its use leaves everyone at risk, including children.”
“We look forward to being a key participant in this crucial discussion,” Bonner concluded.
Encryption campaigns
Governments around the world have responded to continued pressure from law enforcement and child safety campaigners, who for years have railed against technology companies for permitting the encryption of potentially valuable data belonging to criminals and/or terrorists.
The Children’s Commission for England has previously warned in a report that end-to-end encryption is threatening children’s safety online.
The central thrust of that report’s argument, is that plans by social media firms to increase the use of encrypted messages, would make it impossible for platforms to monitor content (which is kinda of the whole point about encryption).
In 2018 the UK’s National Crime Agency (NCA) listed encryption as one of the technologies making criminals’ jobs easier, as it makes it more difficult for law enforcement organisations to “collect intelligence and evidence”.
Therefore governments around the world have repeatedly pressured the tech industry to create so called backdoors to encryption systems.
In August 2018 for example the US government pressured Facebook to break its Messenger app, so law enforcement could listen to a suspect’s voice conversations in a criminal probe.
And in late 2019, the United States, UK, and Australian governments signed an open letter to Facebook alleging encryption helps child abuse, and demanded an encryption ‘backdoor’
CEO Mark Zuckerberg at the time stoutly defended his decision to encrypt the company’s messaging services.
That said, in August 2021 Facebook was reportedly recruiting artificial intelligence researchers in order to learn how to analyse the content of encrypted messages without having to decrypt them – so called ‘homomorphic encryption’.
Needless to say, the tech industry by and large, has resisted this pressure to weaken encryption or create any form of backdoor access.
