What’s up with WhatsApp?


Some government agencies are having issues with the encryption of WhatsApp. (Flickr/Microsiervos)

Harris Helberg

In December of 2015, the mass shooting in San Bernardino, California sparked conversations about the priority of security and privacy versus the United States government’s access to personal devices. In this case, the government was asking Apple to create a backdoor to unlock the shooter’s iPhone to reveal messages and content sent and received. Apple declined, citing security concerns. This led to a giant legal battle between Apple and the United States government, eventually leading to the government finding “another way” to hack the shooter’s iPhone without Apple’s help. This was a monumental win for Apple and the average Apple user in the United States.

Now, the United Kingdom is having a similar situation on their hands. Khalid Masood, a British national who was responsible for the London attack, is believed to have used WhatsApp minutes before the attack took place. Britain’s intelligence service attempted to crack WhatsApp and access the messages that could coincide with the attack, however, they were not successful.

According to Sky News, Home Secretary Amber Rudd said that it was “completely unacceptable” that security services were unable to crack the encrypted service. The home secretary also argued that Britain’s intelligence services must have “the ability to get into situations like encrypted WhatsApp.”

The Facebook-owned app offers end-to-end encryption (E2EE) which is a mode of communication that allows only users to read messages sent between each other. This means that this system prevents “eavesdropping” from internet providers, third parties, and even the provider of the service. The messages are not saved in any type of database.

Amber Rudd sees this as an issue. She told Sky News that “You can’t have a situation where you have terrorists talking to each other – where this terrorist sent a WhatsApp message – and it can’t be accessed.” Privacy advocates claim that creating a backdoor for legal authorities would also mean that others who are highly capable of hacking would be able to gain access to users’ private conversations.

This is obviously problematic in terms of individual use: instead of the conversation being focused on how the United Kingdom could better prepare for and prevent attacks like the one that just took place, the subtext of these suggestions are that the blame is to be put on WhatsApp.

The real question is, could lives have been saved in London last week if end-to-end encryption had been banned?”

— Brian Paddick

More than a billion people use WhatsApp. That’s around 13% of the world’s population. Amnesty International, a non-governmental human rights organization, has said that “… we must resist the impulse to chase seemingly ‘easy’ solutions whose impacts are likely illusory and whose downsides are immense. Weakening encryption on WhatsApp and others services only weakens security for all of us, rather than enhancing it.” 

Brian Paddick, a home affairs spokesman for the opposition Liberal Democrats and former deputy assistant commissioner in the London Metropolitan Police, said that “The real question is, could lives have been saved in London last week if end-to-end encryption had been banned? All the evidence suggests that the answer is no.”

WhatsApp has also issued a statement on this issue: “WhatsApp does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor.”  This may look like another court case in the name of privacy.

UPDATED 11/22/17 for clarity and capitalization. Image also updated.