show image

Should Amber Rudd be calling for less security in banking as well?

There’s a journalistic rule that says you should try not to write a headline to which the answer is either “yes” or “no”. The above breaks the rule because the immediate reaction is that the answer is a very clear “no”, and yet in some ways the home secretary, Amber Rudd, is asking precisely that.

On Sunday she was on television demanding that there should be better security against terrorists, not just in Westminster but elsewhere. Nobody who is reasonable is likely to disagree; five dead is five too many, and the same is true of all the injured people. Asking that social media sites should be accountable for their contents and remove hate content is a clear argument, and Rudd made it. She also asked that encrypted messaging services like WhatsApp should allow for some sort of back door so that the intelligence services could read the messages.

Knee-jerk security

It’s easy to empathise with this reaction. If someone is brutally murdered in your back garden and you know that people have been killed in similar ways with the help of social media, of course you want something done to prevent such a thing in future.

Unencrypting secure messages may be one way forward, although it would require a substantial re-tooling of the apps in question. The way it works is like any code; it applies a key at one end and re-applies it at the other, so nothing in the middle makes sense. The only way to change this would be to replace the technology with something else entirely and make end-to-end encryption unavailable to the public.

People who understand the technology are not inclined to promise that which can’t be delivered. Antony Walker, Deputy CEO of techUK, pointed out that social media and other organisations already work with the authorities within the bounds of the law. “Encryption technologies are a fundamental tool for ensuring the UK remains cyber secure. End-to-end encryption is the best defence we have available to keep the data and services we all rely on safe from misuse,” he said. “From storing data on the cloud to online banking to identity verification, end-to-end encryption is essential for preventing data being accessed illegally in ways that can harm consumers, business and our national security.”

So let’s just understand that; the same sort of end to end encryption described above applies to banks, businesses and other entities on which we depend. The knee-jerk reaction to an atrocity like that in Westminster last week may well be to demand the whole lot be shut down, but would it work?

A car and a knife

As I type, I am within three minutes of everything I need to carry out a similar attack to that which happened in Westminster last week. I have plenty of knives in the kitchen (and have every intention of turning one against an onion later); it is lethal if used with malign intent, and so is my car if I drive it at someone. There is no evidence to suggest Khalid Masood colluded with anyone else in his attack, so he had no more than I do – and so do all my neighbours and, I’d guess, the vast majority of New Statesman Tech readers.

The initial reaction, the demands to shut the networks down or de-encrypt, even if such things were possible, would not have prevented the events of last Thursday. Anger and a demand for action is understandable and from the ordinary citizen it’s right. However, when the person speaking is the home secretary, we might hope for a more considered and better-informed response.