Tech

FBI drafted Interpol resolution calling for ban on end-to-end encryption

Enlarge / The Interpol HQ in France.Massimiliano Mariani, CC BY-SA 3.0

Justice Department officials have long pushed for some sort of backdoor to permit warranted surveillance and searches of encrypted communications. Recently, that push has been taken international with Attorney General William Barr and his counterparts from the United Kingdom and Australia making an open plea to Facebook to delay plans to use end-to-end encryption across all the company's messaging tools.

Now, the Department of Justice and Federal Bureau of Investigations are attempting to get an even larger international consensus on banning end-to-end encryption by way of a draft resolution authored by officials at the FBI for the International Criminal Police Organization's 37th Meeting of the INTERPOL Specialists Group on Crimes against Children. The event took place from November 12 to November 15 at the INTERPOL headquarters in Lyon, France.

A draft of the resolution viewed by Ars Technica stated that INTERPOL would "strongly urge providers of technology services to allow for lawful access to encrypted data enabled or facilitated by their systems" in the interest of fighting child sexual exploitation. Currently, it is not clear whether Interpol will issue a statement.

The draft resolution went on to lay responsibility for child exploitation upon the tech industry:

The current path towards default end-to-end encryption, with no provision for lawful access, does not allow for the protection of the worlds children from sexual exploitation. Technology providers must act and design their services in a way that protects user privacy, on the one hand, while providing user safety, on the other hand. Failure to allow for Lawful Access on their platforms and products, provides a safe haven to offenders utilizing these to sexually exploit children, and inhibits our global law enforcement efforts to protect children.

Attendees of the conference told Ars that the resolution's statement was due to be published this week. But in an email to the New York Times' Nicole Perlroth, an INTERPOL spokesperson denied that the resolution was considered:

Interpol telling me this Reuters story is inaccurate:

Dear Ms Perlroth,

As per our statement there are, and were, no plans at this time for the INTERPOL General Secretariat to issue a statement in relation to encryption.

Regards,
Press Officehttps://t.co/EItFe0D3Je

— Nicole Perlroth (@nicoleperlroth) November 18, 2019

Ars requested comment from an FBI official and has not yet received a response.

Easy button

In a statement that flies in the face of the consensus of cryptographers and other technical experts, the draft resolution asserted that "technologists agree" that designing systems to "[allow] for lawful access to data, while maintaining customer privacy…can be implemented in a way that would enhance privacy while maintaining strong cyber security." In order to "honor and enforce" standards for prohibiting the distribution of "child sexual abuse material," the draft resolution states, "providers should fully comply with court orders authorizing law enforcement agencies access to data related to criminal investigations involving the sexual exploitation of children."

Facebook and other companies currently comply with warranted requests for data under the terms of the CLOUD Act—a law passed in 2018 that requires technology companies to provide data requested by warrant or subpoena to law enforcement, regardless of where in the world it is stored. But the officials behind this draft resolution claim such compliance cannot be achieved while allowing end-to-end encryption of communications.

As Barr and his compatriots noted in their October letter to Facebook, Facebook's ability to run analytics on and moderate content within users' communications Read More – Source