Five Eyes Responds To Open Letter Demanding Respect For Encryption

written by:

Five Eyes Open Letter Response

A few months ago on the 30th of June 2017, My Private Network and 82 other organisations and individuals signed an open letter demanding that the Five Eyes countries respect encryption and protect the security of citizens. When it comes to security and privacy, we at My Private Network strongly feel that government entities should engage in productive and progressive discussions with civil society to better understand the challenges in regards to human rights and threats to the digital ecosystem.
 

DISCLAIMER: The contents of this article are compiled from Access Now. Kindly visit them for further information.

 
The Five Eyes countries represent some of the most powerful governments in the world. When officials from these countries gather to discuss options to undermine the vital digital security tools like encryption that keep us safe, it has dangerous implications for people all over the world. These officials must live up to their responsibility as global leaders, stepping back from any call to weaken digital security, and instead to commit themselves to recognizing and promoting tools like encryption that keep the internet and our digital future secure.
 
You can view the signed open letter to the Five Eyes countries online and we’ve included the letter’s content below:

To Ministers Responsible for the Five Eyes Security Community,
 
In light of public reports about this week’s meeting between officials from your agencies, the undersigned individuals and organizations write to emphasize the importance of national policies that encourage and facilitate the development and use of strong encryption. We call on you to respect the right to use and develop strong encryption and commit to pursuing any additional dialogue in a transparent forum with meaningful public participation.
 
This week’s Five Eyes meeting (comprised of Ministers from the United States, United Kingdom, New Zealand, Canada, and Australia) discussed “plans to press technology firms to share encrypted data with security agencies” and hopes to achieve “a common position on the extent of … legally imposed obligations on … device-makers and social media companies to co-operate.” In a Joint Communiqué following the meeting, participants committed to exploring shared solutions to the perceived impediment posed by encryption to investigative objectives.
 
While the challenges of modern day security are real, such proposals threaten the integrity and security of general purpose communications tools relied upon by international commerce, the free press, governments, human rights advocates, and individuals around the world.
 
Last year, many of us joined several hundred leading civil society organizations, companies, and prominent individuals calling on world leaders to protect the development of strong cryptography. This protection demands an unequivocal rejection of laws, policies, or other mandates or practices—including secret agreements with companies—that limit access to or undermine encryption and other secure communications tools and technologies.
 
Today, we reiterate that call with renewed urgency. We ask you to protect the security of your citizens, your economies, and your governments by supporting the development and use of secure communications tools and technologies, by rejecting policies that would prevent or undermine the use of strong encryption, and by urging other world leaders to do the same.
 
Attempts to engineer “backdoors” or other deliberate weaknesses into commercially available encryption software, to require that companies preserve the ability to decrypt user data, or to force service providers to design communications tools in ways that allow government interception are both shortsighted and counterproductive. The reality is that there will always be some data sets that are relatively secure from state access. On the other hand, leaders must not lose sight of the fact that even if measures to restrict access to strong encryption are adopted within Five Eyes countries, criminals, terrorists, and malicious government adversaries will simply switch to tools crafted in foreign jurisdictions or accessed through black markets. Meanwhile, innocent individuals will be exposed to needless risk. Law-abiding companies and government agencies will also suffer serious consequences. Ultimately, while legally discouraging encryption might make some useful data available in some instances, it has by no means been established that such steps are necessary or appropriate to achieve modern intelligence objectives.
 
Notably, government entities around the world, including Europol and representatives in the U.S. Congress, have started to recognize the benefits of encryption and the futility of mandates that would undermine it.
 
We urge you, as leaders in the global community, to remember that encryption is a critical tool of general use. It is neither the cause nor the enabler of crime or terrorism. As a technology, encryption does far more good than harm. We therefore ask you to prioritize the safety and security of individuals by working to strengthen the integrity of communications and systems. As an initial step we ask that you continue any engagement on this topic in a multi-stakeholder forum that promotes public participation and affirms the protection of human rights.
 
We look forward to working together toward a more secure future.
 
Sincerely,
83 civil society organizations and eminent individuals

Representatives of three countries from the Five Eyes have now responded to Access Now, CIPPIC, and Internet NZ. As reported by Access Now, here are the summaries of those responses, highlighting important facts and discussing the next steps these countries should take to keep the internet secure:
 

New Zealand’s Response
Signed by Hon. Christopher Finlayson, it acknowledges receipt of the letter and, in its offer for future meetings, underlines the importance of the issue.

 

What did we learn?

Attorney General Finlayson explains that he has asked two top officials — the Director of National Security Policy and the Director of the National Cyber Policy — to meet with the New Zealand-based groups that signed the coalition letter, signifying a continued interest in the issue.
 

What to do next?

With New Zealand’s 2017 elections, the groups listed in the letter have not yet had the opportunity to meet with the cabinet members. Government leaders should now schedule and open up these meetings to additional stakeholders in New Zealand, as well as to international experts. In addition, they should invite other ministers, like the Minister for Trade and the Minister for Science and Innovation, to participate.
 

Canada’s Response
Signed by Hon. Ralph Goodale, it lays out the central issues in the debate over encryption, explaining both that its use has “created significant challenges for law enforcement and national security agencies,” as well as that it is of “fundamental important—for cyber security, for the digital economy, and for the exercise of Canadian’s rights and freedoms online.”

 

What did we learn?

It explains that the Canadian government will continue to analyse encryption and consider steps for government. He also commits to keeping encryption within the priorities of the Five Eyes countries.
 

What to do next?

The Canadian government has yet to commit to a public position on encryption, while clearly continuing to view the issue as a priority and one to be advanced through the Five Eyes partnership. Before formulating its position, Public Safety Canada should reach out to experts on encryption and human rights, such as U.N. Special Rapporteur David Kaye.
 

United Kingdom’s Response
Signed by U.K Home Secretary, Amber Rudd, it contains the most detail of the three letters. The Home Secretary starts by listing the actions the government has taken in acknowledgement of human rights like privacy and freedom of expression. She then writes in recognition of the role encryption plays in the digital economy and follows that by further recognizing that only a “small minority of people” use encryption to obfuscate communications about crime or terrorism. However, her emphasis is clearly on the ability to ensure access to any communication at any time, which is clear from her statement, “if our law enforcement or security and intelligence agencies cannot see what a terrorist or criminal is planning then they cannot stop them.” Despite this, Secretary Rudd insists this is not her goal:

 
The U.K. Government does not want unfettered access to all communications, and we do not want to be able to decrypt and read everyone’s communications all of the time. We do not want technology companies to create a universal key or a so-called backdoor into their systems. And we have no intention of banning end-to-end encryption or of trying to weaken the security of industry standard encryption that is used to secure the global trade and communications we rely upon in our daily lives. But we do intend to work with the technology companies to better understand the decisions they have made whilst implementing encryption within their services and identify ways for our law enforcement and intelligence services to gain specific information about what serious criminals and terrorists are doing online, without compromising wider safety and security of their systems for lawful users.
 

What did we learn?

Like Minister Goodale of Canada, Secretary Rudd describes future actions with the Five Eyes countries, while also expanding the coalition of governments the U.K. plans to work with to include the G20 and E.U. member states. We also learn that Secretary Rudd expects encryption to be a topic in the recently launched Global Internet Forum to Counter Terrorism (GIFCT).
 

What to do next?

Recently, Access Now named Secretary Rudd a human rights villain, alongside Australian Attorney General George Brandis, for her continued public statements opposing the development of strong encryption. Secretary Rudd should include civil society groups, as well as technologists and academics, in the government and corporate forums that she recognizes as places of consultation. She should also commit to reviewing the recently passed Investigatory Powers Act and its accompanying protocols to ensure that U.K. officials will never ask private companies to deliberately undermine the security of their products or services.
 

United States and Australia’s Response
Officials from the United States and Australia have not yet responded to the coalition letter. Collectively, we encourage officials from these countries to commit to providing a response and pledging to support the development and use of encryption.
 
However, a broader open letter lead by the EFA and other rights groups to all world leaders on the important of encryption, had received a response from a top official of the Australian Cyber Policy and Intelligence Division. It expressed general support for encryption as a critical part of the modern economy, though it noted that criminals have increasingly used encryption to foil law enforcement. Now, however, it appears that Australian officials are actively engaging in conversations about undermining strong encryption. It is therefore vital that relevant agencies and officials meet with members of civil society and others on the central role that encryption plays not only in commerce and protecting human rights, but also in defence.

 
We hope you found this article informative or useful. Help us get the word out and bring more awareness by sharing this with your friends and family!
 
If you need any help regarding our VPN services, we’re just an email away at support@my-private-network.co.uk. Shoot us an email and our support team will try their best to help you out.