Social media encryption: Could its removal prevent terrorism?

In the wake of last week’s devastating attack on Westminster bridge, measures have been discussed on how best to prevent future incidents, with social media coming under scrutiny.

Home Secretary Amber Rudd has called upon the likes of Twitter, Facebook and WordPress, and even smaller social platforms such as Telegram, to clamp down on threatening posts and conversations. However, many of these channels, including Telegram and WhatsApp, protect conversations with end-to-end encryption, meaning messages can’t be accessed. Reportedly, Khalid Masood, the Briton behind last week’s fatal attacks, had been active on WhatsApp just moments before he struck, leading government officials to question whether the incident could have been prevented had the tech company or intelligence bodies intervened in some way.

Aside from private conversations however, terrorist organisations have widely used platforms such as WordPress and Facebook to publicly incite hate and propaganda. For instance, the gunman behind last year’s Orlando massacre had set up several Facebook accounts to share hateful posts, as well as to aid searches relating to Islam. ISIS has allegedly often used Facebook and Twitter to recruit and spread propaganda too, while the series of terror attacks in Paris in 2015 were also reportedly planned via the likes of WhatsApp and Telegram. Aside from a call for reduced encryption, the use of hate videos, public tweets, and even live-video have been heeded by the government as content which should be removed, with organisational bodies now deliberating new measures to force online platforms to eradicate these more quickly.

However, are social media sites really to blame? After all, full-scale monitoring is likely impossible especially with encryption measures in place, which are there to protect us, the user. Without encryption for instance, the privacy of the general public would likely be compromised- something that could certainly result if private messages are allowed to be infiltrated by intelligence agencies. Facebook Messenger and Snapchat for instance, only apply encryption to messages in transit, while other platforms store decryption keys for later access if necessary. Currently, WhatsApp enables end-to-end encryption for all users, protecting calls, messages, photos, videos, voice messages and group chats. According to the messaging app, this means the content is solely visible to the user’s recipients with no one else able to access it, including the likes of hackers, cybercriminals, government bodies, and even WhatsApp itself. Messages are also immediately deleted from WhatsApp’s servers as soon as they’ve been delivered. Viber and Telegram are also two other messaging platforms which offer complete end-to-end encryption.

Apple CEO Tim Cook himself admitted that weakening or removing encryption could threaten cybersecurity- if messages can be accessed for the purposes of investigation and prevention, this means they’ll also be made available to hackers and cybercriminals, likely resulting in widespread data misuse and more. Therefore Rudd’s proposal is seemingly unfeasible- is it possible for end-to-end encryption to be removed or reduced in some incidences, and furthermore, how would intelligence agencies determine who to investigate by legal means? Added to this, widespread decryption, (which seems like the only possible route), would perhaps simply lead terrorists to find other platforms where their conversations are protected- whether through the dark web or other protected servers.

What measures do you think need to be taken to foil future attacks? Do you think limiting dark social sharing will help, and do you think intelligence bodies have a right to access potentially threatening messages if they so choose? We’d love to hear your thoughts, so please tweet to us @PracticeDigital and share your comments on our Facebook page.