IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Five Eyes nations demand encryption 'backdoors' by-design

Tech companies are being urged to implement encryption-bypassing systems into their services by default

Encrypted services developed by tech companies, such as messaging services, should be designed with ‘safety’ embedded into the software by default, in essence defying the principles of end-to-end encryption. 

Vendors should retain the ability to act against illegal content, with law enforcement also able to access content in a readable format where authorisation is lawfully issued, according to a statement released by the Five Eyes nations.

Companies should also engage in consultation with governments and other stakeholders to allow legal access to content in a way that’s substantive and genuinely influences design decisions, representatives from the five nations have demanded. 

“While encryption is vital and privacy and cyber security must be protected, that should not come at the expense of wholly precluding law enforcement, and the tech industry itself, from being able to act against the most serious illegal content and activity online,” the statement said.

“We reiterate that data protection, respect for privacy and the importance of encryption as technology changes and global Internet standards are developed remain at the forefront of each state’s legal framework. 

“However, we challenge the assertion that public safety cannot be protected without compromising privacy or cyber security.  We strongly believe that approaches protecting each of these important values are possible and strive to work with industry to collaborate on mutually agreeable solutions.”

The governments of the UK, US, Australia, New Zealand and Canada have long-opposed the principles of end-to-end encryption, particularly on messaging platforms such as WhatsApp.

This is because this level of protection means it’s almost impossible to intercept messages, so communications between two individuals on an encrypted messaging platform will remain unreadable by law enforcement should they have an interest in doing so.

In September 2018, for example, tech giants were handed an ‘ultimatum’ whereby they were told to begin implementing backdoors in encrypted products, or their parliaments will begin legislating for this to be a legal requirement.

Last July, meanwhile, Five Eyes released a statement concluding that tech companies should include mechanisms in the design of their encrypted products and services that allows governments to legally access data within. This is in order to allow law enforcement to gather evidence so they can take action against illegal activity, and illegal content.

The Five Eyes statement, co-signed by representatives from India and Japan, has gone yet one step further and called for a set of formal procedures to be implemented across the industry that will render undermining end-to-end encryption the norm.

The statement adds that lacking any means to bypass end-to-end encryption undermines a company’s own ability to identify and respond to violations of their terms of services. By precluding the ability of law enforcement agencies to access content in limited circumstances, there is also the prospect for severe risk to be posed to the public.

The developers of these systems would argue, however, that privacy is one of the main reasons users choose their product in the first place, and that a backdoor can be accessed by anybody with the know-how, not just the authorities.

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Recommended

2022 IBM's Security X-Force cloud threat landscape report
Whitepaper

2022 IBM's Security X-Force cloud threat landscape report

22 Nov 2022
2022 Magic quadrant for Security Information and Event Management (SIEM)
Whitepaper

2022 Magic quadrant for Security Information and Event Management (SIEM)

22 Nov 2022
Seven realities facing SMBs as they enter a future of increased cyber threats
Whitepaper

Seven realities facing SMBs as they enter a future of increased cyber threats

21 Nov 2022
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

14 Nov 2022

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

14 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation
cyber crime

Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation

25 Nov 2022