Tuesday 5 April 2016

Facebook’s WhatsApp Messaging Service Bolsters Encryption Amid Law Enforcement Scrutiny

Even though the FBI has figured out a work-around that — for now — allows the agency to bypass an iPhone’s encryption, the debate still continues about which is more important: privacy for all consumers, or ready-but-limited access for law enforcement? Today, Facebook-owned messaging service WhatsApp made it clear which side of that argument it comes down on.

Since being flagged as one of many messaging services with encryption and privacy policies that were less-than-ideal, WhatsApp has been moving toward a system where the only people that could read, see, or hear what’s being communicated between users are the users themselves. And today, the company announced that it has completed deployment of end-to-end encryption.

“From now on when you and your contacts use the latest version of the app, every call you make, and every message, photo, video, file, and voice message you send, is end-to-end encrypted by default, including group chats,” writes WhatsApp in a blog post published this morning.

“The idea is simple,” continues the company, “when you send a message, the only person who can read it is the person or group chat that you send that message to. No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us. End-to-end encryption helps make communication via WhatsApp private – sort of like a face-to-face conversation.”

The “not even us” part is important, as many messaging and video chat services are not encrypted to the point where the service provider is unable to access the content.

On the one hand, it means that users can feel more secure about the odds of anyone eavesdropping on your conversation. On the other hand, it frustrates law enforcement officers who have relied on being able — with a warrant or court order — to listen in on chats between suspected criminals.

If not even WhatsApp can crack the encryption on these conversations, then the company can’t just readily allow the FBI or any other agency to have access. It would likely require a court ordering WhatsApp to either weaken its encryption or figure out a work-around — and then we’re back in the same place where we were with the Apple vs. FBI legal battle.

In fact, a recent news report claimed that WhatsApp has been fighting wiretap requests, arguing that the conversations can’t be decrypted.

The Justice Department has yet to make a big public showing about the WhatsApp issue. Some privacy advocates believe it’s because the government is waiting for a case — like the Apple one, which involved an iPhone belonging to a known terrorist and killer who slaughtered 14 people at a holiday party — that would make the DOJ’s demand for weaker encryption look the most reasonable.

“While we recognize the important work of law enforcement in keeping people safe, efforts to weaken encryption risk exposing people’s information to abuse from cybercriminals, hackers, and rogue states,” reads the WhatsApp blog post.

WhatsApp co-founder Jan Koum notes that the decision to fully encrypt chats isn’t just business for him.

“I grew up in the USSR during communist rule and the fact that people couldn’t speak freely is one of the reasons my family moved to the United States,” he explains.


by Chris Morran via Consumerist

No comments:

Post a Comment