U.K. Home Secretary Calls for WhatsApp Access after Terror Attack
In a Sunday appearance on BBC’s Andrew Marr show, U.K. Secretary of State Amber Rudd said the end-to-end encryption capabilities of messaging tools like WhatsApp are “completely unacceptable,” and argued that tech companies had a responsibility to provide governments with access to user data to help counter terrorism. The comments add fuel to an ongoing battle between tech companies and world governments over user privacy.
Building even selective and legal access to user data could require compromising the basic architecture of secure messaging and data services, putting average users at risk from hackers. For instance, WhatsApp maintains no permanent record of user communications, and users can easily choose not to have them saved locally, so keeping records for law enforcement would effectively cripple the product.
Get Data Sheet, Fortune’s technology newsletter.
Rudd’s comments came after it was revealed that the culprit in a Wednesday terror attack in Westmenster had used WhatsApp just minutes before he drove a truck through a group of pedestrians.
“It is completely unacceptable,” said Rudd of the encryption capabilities of WhatsApp, which was acquired by Facebook for $19 billion in 2015.
“There should be no place for terrorists to hide. We need to make sure that organizations like WhatsApp, and there are plenty of others like that, don’t provide a secret place for terrorists to communicate with each other. It used to be that people would steam open envelopes, or just listen in on phones when they wanted to find out what people were doing—legally, through warrantry. But on this situation, we need to make sure that our intelligence services have the ability to get into situations like encrypted WhatsApp.”
However, Rudd didn’t accept that she was advocating for a “backdoor” similar to what the FBI has sought from Apple.
“If I was talking to Tim Cook, I would say to him, this is something completely different. We’re not saying open up, we don’t want to go into the cloud, we don’t want to do all sorts of things like that. But we do want them to recognize they have a responsibility to engage with government, to engage with law enforcement agencies, when there is a terrorist situation.
“We would do it all through the carefully thought through, legally covered arrangement. But they cannot get away with saying we are a different situation. They are not.”
What legislative form Rudd’s sentiments that might take is unclear, but efforts to thread this particular needle have floundered so far. A 2016 U.S. bill which would require tech companies to hand over user data or provide access under judge’s orders was furiously opposed by companies and privacy activists, and never made it to a vote.