WhatsApp's Encryption Was Funded By Same Members of Congress Trying to Weaken It
Don't just thank WhatsApp for turning on encryption—thank Congress for funding it.
Senators Richard Burr and Dianne Feinstein. Photo: Tom Williams/CQ Roll Call
Today, the popular messaging service WhatsApp turned on end-to-end encryption for all of its 1 billion users, a massive achievement which effectively blocks any third party—including WhatsApp itself—from reading users' chats.
The security facelift means that WhatsApp and its parent company Facebook will no longer be technically capable of handing over users' chat logs, even when presented with a court order or wiretap warrant. Users will also be able to fully verify each other's identities, to make sure their conversations aren't being read or modified by a man-in-the-middle. And it's all thanks to the same Edward Snowden-approved encryption system developed by Open Whisper Systems, the makers of another popular messaging app, Signal.
"There is nothing in the draft language of the [encryption] bill that calls for weaker encryption and support of these two bills is not contradictory."
The big news comes just weeks after the anti-climactic conclusion of Apple's high-profile fight with the FBI over the iPhone used by a San Bernardino terrorism suspect. But while the Department of Justice has vowed to continue its fight to provide backdoors for law enforcement, other parts of the US government have actively funded the development of these very encryption systems—including some of the same members of Congress currently pushing for legislation to weaken them.
Senators Dianne Feinstein (D-CA) and Richard Burr (R-NC), for example, are two of the most prominent proponents of encryption backdoors on the Hill. They're currently working to introduce legislation that would force companies to comply with orders to access communications—even if it means building new software or capabilities, much like Apple was being ordered to do in the San Bernardino case.
"Criminals in the U.S. have been using this technology for years to cover their tracks," Burr told The Hill last December when work-in-progress encryption bill was first announced. "The time has come for Congress and technology companies to discuss how encryption—encoding messages to protect their content—is enabling murderers, pedophiles, drug dealers and, increasingly, terrorists."
But Feinstein and Burr have supported encryption in the past, whether they realized it or not.
Both senators voted for appropriations bills in 2008 and 2010 which, among other things, set aside $45 million for the Open Technology Fund (OTF), a State Department-funded program which seeded the very encryption tools they're now struggling against.
Altogether, the OTF has given Open Whisper Systems $2.25 million to develop its easy-to-use and now widespread encryption software since 2013; ACLU principal technologist Chris Soghoian calls it "an amazing return on our investment" as American taxpayers.
The OTF is a product of the US State Department's "internet freedom" agenda, an effort championed by former Secretary of State and now-Democratic presidential frontrunner Hillary Clinton. The idea, inspired by the Arab Spring and other foreign popular uprisings around the globe, was to fund the development of easy-to-use software tools that could be used by activists living under repressive regimes to circumvent state surveillance and censorship.
Clinton, ironically, is also now pushing Silicon Valley companies to help law enforcement access encrypted communications enabled by those tools, a move which security experts have repeatedly warned wouldn't stop criminals and would have dire consequences on internet security and the US economy.
"There is nothing in the draft language of the [encryption] bill that calls for weaker encryption and support of these two bills is not contradictory," said Burr in a statement sent to Motherboard. "I support encryption. I believe it is a priority to keep Americans' information safe and I also believe that private entities are also subject to U.S. law. When a judge issues an order, we are all required to follow the law."
A spokesperson from Feinstein's office told Motherboard that the Senator "won't have a statement until the bill is made public."
While the WhatsApp news gives privacy enthusiasts plenty of reason to celebrate, the new encryption does have one key flaw. Unlike competitor Signal, WhatsApp prompts users to backup their chats to the cloud. That means that if even one member of a conversation has enabled this option, all those chats will be stored in a server accessible to WhatsApp, Apple, or whoever manages your cloud backup service—as well as any government agency that comes knocking.
- Dianne Feinstein
- motherboard show
- Richard Burr
- end to end encryption
- Open Whisper Systems
- open internet fund
- radio asia