Five Eyes governments, India, and Japan make new call for encryption backdoors

Another Five Eyes meeting, another call for encryption backdoors in modern tech.
Written by Catalin Cimpanu, Contributor

Five Eyes cyber panel at CYBERUK 19

Image: ZDNet/CBSi

Members of the intelligence-sharing alliance Five Eyes, along with government representatives for Japan and India, have published a statement over the weekend calling on tech companies to come up with a solution for law enforcement to access end-to-end encrypted communications.

The statement is the alliance's latest effort to get tech companies to agree to encryption backdoors.

The Five Eyes alliance, comprised of the US, the UK, Canada, Australia, and New Zealand, have made similar calls to tech giants in 2018 and 2019, respectively.

Just like before, government officials claim tech companies have put themselves in a corner by incorporating end-to-end encryption (E2EE) into their products.

If properly implemented, E2EE lets users have secure conversations — may them be chat, audio, or video — without sharing the encryption key with the tech companies.

Representatives from the seven governments argue that the way E2EE encryption is currently supported on today's major tech platforms prohibits law enforcement from investigating crime rings, but also the tech platforms themselves from enforcing their own terms of service.

Signatories argue that "particular implementations of encryption technology" are currently posing challenges to law enforcement investigations, as the tech platforms themselves can't access some communications and provide needed data to investigators.

This, in turn, allows a safe haven for criminal activity and puts the safety of "highly vulnerable members of our societies like sexually exploited children" in danger, officials argued.

"We call on technology companies to work with governments to take the following steps, focused on reasonable, technically feasible solutions," the seven governments said in a press release.

  • "Embed the safety of the public in system designs, thereby enabling companies to act against illegal content and activity effectively with no reduction to safety, and facilitating the investigation and prosecution of offences and safeguarding the vulnerable;
  • "Enable law enforcement access to content in a readable and usable format where an authorisation is lawfully issued, is necessary and proportionate, and is subject to strong safeguards and oversight; and
  • "Engage in consultation with governments and other stakeholders to facilitate legal access in a way that is substantive and genuinely influences design decisions."

Officials said they are committed to working with tech companies on developing a solution that allows users to continue using secure, encrypted communications, but also allows law enforcement and tech companies to crack down on criminal activity.

The seven governments called for encryption backdoors not only in encrypted instant messaging applications, but also for "device encryption, custom encrypted applications, and encryption across integrated platforms."

In December 2018, Australia was the first major democratic country to introduce an encryption-busting law.

Similar efforts have also taken place in the US and Europe, but were less successful, primarily due to opposition from either tech companies, non-profits, or the general public.

However, pressure has been mounting in recent years as western governments seek to reach intelligence-gathering parity with China.

HackerOne's top 20 public bug bounty programs

Editorial standards