UK Legislators Are Using Encrypted Messaging Services To Possibly Dodge Records Requests
Sure, we all love secure communications. And government officials shouldn't be afraid of using encrypted communication options. But they need to remember their obligations to the public. Security can often be converted to obscurity. And yet, government officials migrate towards encrypted messaging options, but not for security reasons. Instead, they choose the same options they decry in public. Encryption is for criminals they claim, even as they avail themselves of the "criminal" option to "protect" themselves from the public they serve.
Lawmakers continue to demand "lawful access" to encrypted/fleeting communications. And they do this while utilizing the same services. Whatever it takes to keep the general public from viewing the sausage-making process. It's not just a US thing. Our counterparts in the UK are just as hypocritical, as the BBC reports.
Ministers could be banned from using self-destructing messages on Whatsapp or Signal for official business if a legal challenge is successful.
Transparency campaigners have sent a letter to the government, arguing that politicians and staff could avoid accountability by using these features.
Members of both the Cabinet and Shadow Cabinet use Whatsapp and Signal.
Whatsapp and Signal both utilize end-to-end encryption. More relevant to this discussion is both apps allow for automatic deletion of messages. The UK government needs to say more than this when it's utilizing apps with built-in self-destruct options.
The Cabinet Office said records of official communications are "retained in line with guidance".
We're apparently just supposed to believe the government is retaining messages delivered via services that have baked in options for periodic, automatic deletion of communications.
This isn't to say government officials shouldn't avail themselves of encrypted communication options. They definitely should. Encryption is a valuable frontline defense against malicious hackers. But policies should be written to specifically address this in order to ensure the most important stakeholders in governance -- the members of the public paying their salaries -- can still access official communications.
If the government can't sort this out itself, maybe the courts will have to. There's a lawsuit threat dangling over the UK government if it can't provide an adequate response to public interest groups that suspect lawmakers' moves to encrypted services aren't so much about security as they are about opacity. Campaign law group Foxglove has already filed a lawsuit demanding to know whether the government is utilizing this for security reasons or for the other reason, which would be to separate the public from information the public should have.
As was stated earlier: encryption is great. It secures communications. What it shouldn't do is provide a handy excuse for government employees to ditch their obligations to the public. By all means, keep malicious actors out. But let the public in.