A massive group of forty-seven companies comprising Apple, Google, Microsoft, and WhatsApp have explicitly slammed a federal offer. The Government Communications Headquarters (GCHQ), asked the companies to spy on encrypted messages. Thus the GCHQ looks to offer an encryption bypass that could crack privacy and security in apps. According to an open letter, published on Lawfare, the companies claim the proposal would harm security, put trust at risk in encrypted messaging services. Besides, the eavesdropping would eventually threaten civilians right to confidentiality and free aspect. The organisation is requesting undercover access for apps like Messages, WhatsApp, Facebook, FaceTime etc.
Two of the UK’s highest cybersecurity officials revealed the particulars of the proposal through an essay last year in November. It included the technical director of National Cyber Security, Britain, Ian Levy, and GCHQ’s head of cryptanalysis Crispin Robinson. Both of the officials bestowed an approach that would prohibit breaching encryption. In response, the group of forty-seven companies have sent an open letter on 22nd May. They have collectively requested the U.K. cybersecurity agency to drop its aims for an alleged ghost protocol.
The agency thinks it could access communications, encrypted end-to-end, without compromising the privacy, trust, and safety of customers. But the companies state the GCHQ’s ghost protocol imposes a significant risk to digital security. If they apply the protocol, it will impair the authentication process through which user has the assurance that they are communicating with the correct person. It will also trigger unintended pain points. Most importantly, the protocol will increase the risk that hackers could easily abuse or misuse those communication systems. On the other hand, tech giants like Apple have notified the security forces that they cannot offer access to their applications. Also, it is impossible to eavesdrop because those apps and services use end-to-end encryption technology. In short, the tech giants cannot peek into the user’s mobile as are unaware of the encryption key.