Messaging service providers such as WhatsApp and Apple are offering militants ‘a place to hide’, says home secretary
Home secretary Amber Rudd has called it “completely unacceptable” that police are unable to access the encrypted WhatsApp messages of the man who killed four people in Westminster on Wednesday.
Attacker Khalid Masood, 52, is understood to have sent a message using WhatsApp two minutes before beginning the assault.
But because the software uses end-to-end encryption, messages are inaccessible to all third parties, including Facebook-owned WhatsApp itself.
“It is completely unacceptable, there should be no place for terrorists to hide,” Rudd told the BBC’s Andrew Marr Show on Sunday. “We need to make sure that organisations like WhatsApp, and there are plenty of others like that, don’t provide a secret place for terrorists to communicate with each other.”
Rudd is to meet with technology companies on Thursday on the issue, as well as with the takedown of extremist content.
She said the government wants “carefully thought-through, legally covered arrangements” technology companies could use to supply access to communications when required by investigators.
But providing that access is companies’ responsibility first of all, she said.
“We do want them to recognise that they have a responsibility to engage with government, to engage with law enforcement agencies when there is a terrorist situation,” she said. “The best people who understand the technology to stop it going up in the first place are them.”
She said she would request the IT industry set up a board to address the issue.
“On this situation we need to make sure that our intelligence services have the ability to get into situations like encrypted WhatsApp,” she said.
Labour leader Jeremy Corbyn said the government has “huge powers of investigation already” and said there must be a balance between the “need to know” and the “right to privacy”.
The government has in the past said technology companies such as WhatsApp and Apple should be obliged to provide investigators with access to communications if necessary.
Such a measure could mean making providing a “back door” that would allow companies to decrypt messages when asked to do so, something companies say would weaken security for all users.
Users could then simply begin using other applications without back-doors made by providers based overseas, industry experts have pointed out.
“Compelling companies to put backdoors into encrypted services would make millions of ordinary people less secure online,” said Open Rights Group executive director Jim Killock in a statement. “We all rely on encryption to protect our ability to communicate, shop and bank safely.”
Investigators often rely on hacking firms whose software exploits security flaws to provide access to secure communications. The FBI last year used such software to access a locked iPhone in an investigation after Apple refused to help unlock the device.
WhatsApp said it was “horrified” by the attack and was cooperating with law enforcement.
Do you know all about security in 2017? Try our quiz!