The UK’s effort to turn public opinion against encryption is continuing to draw backlash.
It’s no secret that the 5 eyes spy agencies have been trying to get world governments to declare war on encryption. In recent years, the US has been the focus of anti-encryption efforts. Examples of this includes EARN IT and multiple other bills.
Of course, the anti-encryption movement has long been an international one. Canada, of course, was one country that was actively pushing the anti-encryption agenda. Most famously, however, was Australia which actually carried through their ban on encryption.
In the Australian example, there was no shortage of organizations trying to explain to the government what a terrible idea it is to break encryption. Unfortunately, like anti-vaxxers and the Borg, the Australian government couldn’t be bargained or reasoned with. No amount of research, logic, or explanation was going to get them to stop this disastrous move. What followed after the legislation’s passage was an innovation and investment exodus. The damage just mushroomed from there as multinational corporations blacklisted the country. It also sparked an international incident with New Zealand rethinking their relationship with Australia.
Civil and digital rights organizations have long pushed back on government trying to break encryption. An example of this is Citizen Lab pointing out that Canada’s efforts to break encryption in Canada was “irresponsible“.
To be clear, banning effective encryption would have enormous detrimental impacts on the Internet as a whole. Encryption is used every day to securely pass personal information back and forth. For instance, when you use online banking, chances are, your bank uses HTTPS encryption. This can be seen via the little padlock next to your URL when you go to said bank. Websites that use databases (which is an enormous number these days) sometimes utilize encryption so that users can safely log in and log out knowing that its going to be tough to access that data. Buying and selling online very frequently utilizes encryption of some form or another.
Without encryption, e-commerce, from a practical standpoint, simply wouldn’t be possible. Secure communications simply wouldn’t exist. What’s more is that without encryption, chances are, the most you’re going to get out of the Internet are simple static HTML pages. Privacy would not be possible as a whole.
Yet, to this day, governments have been pushing the myth that only bad guys use encryption. It’s a play on the fallacy that if you have done nothing wrong, then you have nothing to hide. These ideas completely misunderstands the nature of encryption today and why it is so important.
Recently, the UK government has been pushing a new ad campaign aimed at turning the public against encryption. Many have called the campaign a propaganda campaign. From Rolling Stone magazine:
The Home Office has hired the M&C Saatchi advertising agency — a spin-off of Saatchi and Saatchi, which made the “Labour Isn’t Working” election posters, among the most famous in UK political history — to plan the campaign, using public funds.
According to documents reviewed by Rolling Stone, one the activities considered as part of the publicity offensive is a striking stunt — placing an adult and child (both actors) in a glass box, with the adult looking “knowingly” at the child as the glass fades to black. Multiple sources confirmed the campaign was due to start this month, with privacy groups already planning a counter-campaign.
“We have engaged M&C Saatchi to bring together the many organisations who share our concerns about the impact end-to-end encryption would have on our ability to keep children safe,” a Home Office spokesperson said in a statement.
Successive Home Secretaries of different political parties have taken strong anti-encryption stances, claiming the technology — which is essential for online privacy and security — will diminish the effectiveness of UK bulk surveillance capabilities, make fighting organized crime more difficult, and hamper the ability to stop terror attacks. The American FBI has made similar arguments in recent years — claims which have been widely debunked by technologists and civil libertarians on both sides of the Atlantic.
The new campaign, however, is entirely focused on the argument that improved encryption would hamper efforts to tackle child exploitation online. A presentation attributed to M&C Saatchi notes that “some messaging platforms, including WhatsApp” already use end-to-end encryption, but want to oppose its extension.
Riana Pfefferkorn of Techdirt was, for obvious reasons, not impressed with the campaign:
To be sure, the glass room is, as it seems, an unsubtle allegory meant to gain public support for banning encryption, which allows people to have private spaces in the virtual world. E2EE protects children’s and adults’ communications alike, and by focusing on adult/child interactions, this stunt hides the fact that removing E2EE for children’s conversations necessarily means removing it for adults’ conversations too. So on one level, it’s normalizing the idea that adults aren’t entitled to have private conversations online.
But the campaign’s more insidious message is literally hiding in plain sight. By portraying the transparent room as desirable and the opaque room as a sinister deviation from the norm, the government is peddling the idea that it is suspect for people to have our own private spaces in the physical world.
The goal of this propaganda campaign is to turn the UK public’s opinion against their own privacy, not just in their electronic conversations, but even in the home, where the right to privacy is strongest and most ancient. Were the Home Office to say that overtly, many people would immediately reject it as outrageous, and rightly so. But through this campaign, the UK government can get its citizens to come up with that idea all on their own. The hook for this hard-to-swallow notion is the more readily-accepted premise that children should have less privacy and be under more surveillance than adults. But if it’s adults who harm children, then the conclusion follows naturally: adults had better be watched as well. Even inside their own homes.
This isn’t a new idea; it’s a longstanding fantasy of the British government, given voice over the centuries by authors from Bentham to Orwell. Heck, general warrants were one of the causes of the American Revolution against the British government. But the new twist of hiring an ad agency to sell people their own subjugation, using their own tax money, is just insulting. Here’s hoping the Home Office’s anti-privacy ulterior motive will be like that glass box: people will see right through it.
The Electronic Frontier Foundation (EFF) was also not impressed and is noting that the campaign is falling flat:
Fortunately, the Home Office’s ham-handed campaign falls flat. It’s been met with scorn and derision on social media, but that’s not all. Today, the UK government’s own Information Commissioner’s Office, an agency charged with protecting data privacy, pointed to encryption’s “important role both in safeguarding our privacy and online safety” and dismissed the campaign. “Until we look properly at the consequences, it is hard to see any case for reconsidering the use of E2EE – delaying its use leaves everyone at risk, including children.”
This is just the latest iteration of a long effort by U.S. and U.K. law enforcement agencies to force private companies to scan all user messages sent online. Each iteration of the effort—from the anti-encryption EARN IT Act of 2020, to the pressure campaign NCMEC ran against Apple iMessage last year—has faced overwhelming public opposition.
Each year, more people understand that end-to-end encryption is vital to having a safe and private life online. Without strong encryption, we won’t have true privacy in the digital world. That would mean messages—including those sent by children—will be vulnerable to abuse by criminals, hostile governments, and domestic abusers. Without the ability to have a private conversation, we can’t have a sphere for real free speech, and democracy will be under threat.
We’ve been telling Facebook to push forward with its plans to expand encryption for years now, and we hope they finish the job soon. When it comes to encryption and privacy, people get why it’s important. In the short run, we expect the U.K. government’s anti-encryption campaign to fade away. In the long run, we hope the lawmakers and law enforcement leaders on both sides of the Atlantic who keep blasting encryption in the name of “protecting children” change their tune—or are compelled to do so by a public that demands real privacy and security.
In all, the UK government reportedly spent £534,000 for this campaign.
As others have pointed out, this push has numerous cultural roots within the UK. As we pointed out, this campaign to ban encryption around the world has been going on for years. While the push against encryption has been happening for decades now, the recent push has been more or less an off and on things since the late 2010’s. With spy agencies wanting to have access to every communication and every transaction online, the likelihood that these efforts die out completely is actually very unlikely.
Perhaps the good news is that after the Australia government went full insane and banned encryption, the movement gradually tapered down to a debate that occasionally bubbles to the surface. Other efforts to damage the Internet such as attacks on network neutrality, the related issue of “online harms”, and link taxes have been much more on the forefront these days. It’s more likely that, eventually, the anti-encryption effort will once again rise from the dead and try to wreak further havoc on the Internet. Hopefully, that time isn’t soon as advocates for a better Internet have enough to worry about for the time being.
Drew Wilson on Twitter: @icecube85 and Facebook.
