Apple, Google Condemn UK Intelligence Agency’s Proposal to Spy on Encrypted Chats
A coalition of almost 50 companies and organizations have signed an open letter slamming a GCHQ proposal to let authorities spy on encrypted communication services.
The so-called Ghost Proposal, first published late last year, calls for communication app developers to silently add law enforcement agencies to group chats or calls, reads a new report from CNBC. In other words, your app or communication service wouldn’t pop up with a notification to alert you to these unwelcome guests.
The proposal was first mooted by two senior intelligence officials, Ian Levy, the technical director of the UK’s national cybersecurity centre, and Crispin Robinson, head of cryptanalysis (the technical term for codebreaking) at GCHQ, in November 2018.
Now, in an open letter signed by more than 50 companies — including Apple, WhatsApp, and Google — the signees argue that “to achieve this result, their proposal requires two changes to systems that would seriously undermine user security and trust.”
“First, it would require service providers to surreptitiously inject a new public key into a conversation in response to a government demand,” the letter argues. “This would turn a two-way conversation into a group chat where the government is the additional participant, or add a secret government participant to an existing group chat.”
“Second, in order to ensure the government is added to the conversation in secret, GCHQ’s proposal would require messaging apps, service providers, and operating systems to change their software so that it would 1) change the encryption schemes used, and/or 2) mislead users by suppressing the notifications that routinely appear when a new communicant joins a chat,” the letter continues.
In conclusion, the signees of the letter urge GCHQ to abandon the ghost proposal, as well as “avoid any alternate approaches that would similarly threaten digital security and human rights.”
Besides the tech giants listed above, the signees of the open letter include civil society organizations like the Electronic Frontier Foundation and Human Rights Watch, as well as several security experts.
The Open Letter to GCHQ is available here.