Amber Rudd has called for the police and intelligence agencies to be given access to WhatsApp and other encrypted messaging services to thwart future terror attacks, prompting opposition politicians and civil liberties groups to say her demand was unrealistic and disproportionate.
The home secretary said it was “completely unacceptable” that the government could not read messages protected by end-to-end encryption and said she had summoned leaders of technology companies to a meeting on Thursday 30 March to discuss what to do.
Speaking on the BBC’s Andrew Marr Show on Sunday, Rudd refused to rule out passing new legislation to tackle encrypted messaging if she did not get what she wanted. But she stressed it was her desire to persuade internet and social media companies to cooperate voluntarily with the government on this and also the posting of extremist material online. Rudd added: “It is completely unacceptable. There should be no place for terrorists to hide.
“We need to make sure that organisations like WhatsApp, and there are plenty of others like that, don’t provide a secret place for terrorists to communicate with each other.” She indicated that she hoped to be able to win them over without resorting to legislation. “These people have families, have children as well,” she said. “They should be on our side, and I’m going to try to win that argument.”
Her call came after it emerged that police were investigating reports that Khalid Masood, the British extremist who killed four people outside parliament before he was shot dead, had used WhatsApp a few minutes before he launched his attack on Wednesday. Police have said they believe Masood was essentially a “lone actor”, though counter-terrorism officers continue to search for more details about his background and associations.
It emerged on Sunday that Masood had been on the radar of the intelligence community for potential links to extremism in 2010, after he returned from teaching English in Saudi Arabia. A 30-year-old man was arrested in Birmingham on Sunday on suspicion of preparation of terrorist acts, making him the 12th person to be held over the incident. A 58-year-old man who was arrested in Birmingham on Thursday remained in police custody after his detention was extended under anti-terrorism legislation. All other people arrested in the aftermath of Masood’s attack have been released.
Critics questioned both the need for powers of the kind Rudd seemed to be demanding, and also the practicalities of trying to use UK domestic legislation to curb the activities of global internet companies largely based in the US. Brian Paddick, the Liberal Democrat home affairs spokesman and a former deputy assistant commissioner in the Metropolitan police, said that giving the security services access to encrypted messages would be “neither a proportionate nor an effective response” to the Westminster attack.
“These terrorists want to destroy our freedoms and undermine our democratic society,” he said. “By implementing draconian laws that limit our civil liberties, we would be playing into their hands. “My understanding is there are ways security services could view the content of suspected terrorists’ encrypted messages and establish who they are communicating with.”
Jeremy Corbyn, the Labour leader, said the police and intelligence services already had “huge, huge powers of investigation” and questioned Rudd’s demand. He said he thought the balance in law between the interests of security and privacy was probably about right as it is.
Police and the security services have for some years expressed concerns about the ability of firms to provide messaging services using end-to-end encryption that means texts and emails cannot be accessed in extremis by the service provider, or by the authorities demanding information with a warrant.
But while encryption does make it much harder for the intelligence agencies to read messages, sources said one technique they could use to get around it was equipment interference, or hacking, which can enable spies to read what is on the screen of a phone that has been targeted. The Open Rights Group, which campaigns for internet privacy, said Rudd’s proposal would make communications less secure for everyone online.
Its executive director, Jim Killock, said: “It is right that technology companies should help the police and intelligence agencies with investigations into specific crimes or terrorist activity where possible. This help should be requested through warrants and the process should be properly regulated and monitored.
“However, compelling companies to put back doors into encrypted services would make millions of ordinary people less secure online. We all rely on encryption to protect our ability to communicate, shop and bank safely.” WhatsApp said in a statement that it was “horrified” by the London attack and that it was “cooperating with law enforcement”.
It is understood that Masood’s phone connected to WhatsApp shortly before he launched his attack on Westminster Bridge, but it is not known whether he sent or received a message. At one point in an interview, Rudd appeared to say Masood had sent a message via WhatsApp, but the Home Office later said her words had been misconstrued and that she was only talking in general terms about terrorists sending WhatsApp messages.
Rudd also signalled a renewed determination to stop internet companies publishing extremist material online by declaring that they now had to accept they were “publishing companies”, with the responsibilities that went with that, not just technology firms providing a platform.