End-to-end encryption: ICO says delaying use of technology ‘leaves everyone at risk – including children’
As government launches comms campaign claiming security function will enable child abusers, data-protection watchdog claims debate is ‘unbalanced’
As the government launches a comms campaign suggesting that end-to-end encryption (E2EE) will enable child abusers, the UK’s data-protection watchdog has claimed that failing to implement the security technology “leaves everyone at risk – including children”.
Government ministers have long voiced strong opposition to E2EE; the newly launched ‘No Place to Hide’ campaign – funded by the government and managed by advertising firm M&C Saatchi – calls on social networks to “confirm they will not implement end-to-end encryption until they have the technology in place to ensure children will not be put at greater risk as a result”.
Following the launch of the comms initiative, Stephen Bonner, executive director for innovation and technology at the Information Commissioner’s Office, claimed that “the discussion on end-to-end encryption use is too unbalanced to make a wise and informed choice”.
“There is too much focus on the costs without also weighing up the significant benefits,” he said. “E2EE serves an important role both in safeguarding our privacy and online safety. It strengthens children's online safety by not allowing criminals and abusers to send them harmful content or access their pictures or location. It is also crucial for businesses, enabling them to share information securely and fosters consumer confidence in digital services.”
End-to-end encryption is currently used by a number of major messaging platforms, including Facebook-owned WhatsApp. The No Place to Hide campaign claims that, if plans go ahead to extend E2EE to include Facebook and Instagram messaging services, “14 million reports of suspected child sexual abuse online could be lost each year”. This estimate was provided by US non-profit organisation the National Center for Missing and Exploited Children.
Bonner added: “E2EE is seen by some to hinder the clamp down on child abusers because it leaves law enforcers blind to harmful content. But having access to encrypted content is not the only way to catch abusers. Law enforcers have other methods such as listening to reports of those targeted, infiltrating the groups planning these offences, using evidence from convicted abusers and their systems to identify other offenders.”
The ICO tech chief encouraged the government to direct its efforts towards “maximising law enforcement and innovative techniques”.
He concluded that “until we look properly at the consequences, it is hard to see any case for reconsidering the use of E2EE – delaying its use leaves everyone at risk, including children”.
Documents obtained by Rolling Stone earlier this month revealed that proposals put forward by M&C Saatchi for the No Place to Hide campaign included some dramatic public stunts intended to cause “unease” among passers-by.
Although the campaign was conceived and funded by the Home Office, its website contains no imagery or reference to the government or any department beyond a small note at the bottom of the page stating: “The campaign is funded by the UK Government and has been developed by a steering group of child safety organisations with support from M&C Saatchi. The steering group has not been paid to take part.”
Three charities – Barnardo’s, The Lucy Faithfull Foundation, and The Marie Collins Foundation – and a cybersecurity company, SafeToNet, are listed as the campaign’s supporting organisations.
Head of data watchdog urges public bodies to ensure ‘vigilance’ after revealing that successful phishing attacks represent an increasing number of cyber incidents
Regulator finds that collection of online images was not fair, transparent or lawful
Potential of data economy – and importance of protecting information – highlighted by study
Steve Barclay urges greater reporting of attacks