Facebook’s proposed enhanced encryption  will create opportunities of anonymity for online criminals and extremists, UK Security Services argue.

The Daily Mail reports that during a recent interview with the new head of the UK Security Service, MI5 Chief Ken McCallum suggested Facebook’s initiative to adopt end-to-end encrypted messaging may provide criminal groups and terrorists with more capability to communicate and plan via online messaging than before due to the nature of the proposed security changes at Facebook.

Previously, the Service stated that it relied upon Facebook’s algorithms that assisted in flagging illegal content, and enabled surveillance to target data content senders and receivers for further investigation and examination.

End-to-end encryption means that the data contained in the message will only be visible to the sender and receiver. This denies Facebook access to clear content visible in messages which was previously subjected to the algorithms that have enabled detection and response to extreme and illegal content.

MI5 Chief Ken McCallum provides the argument that Facebook executives have made a decision that will ultimately affect the way many security services and law enforcement agencies around the world conduct their investigations to disrupt serious crimes involving terrorist, extremists, and child sex abuse activities.

MI5 chief Ken McCallum

The Security Services have relied upon the exploitation of social media since its conception and the benefits it has presented to the enhancement of surveillance. Results from surveillance ideally lead to applications for search warrants to enable officers to examine the premises where suspicious activity has been detected, stemming from online communications between suspects.

In order for officers to be granted a warrant, judges need to be presented the necessary communications, in the clear, containing the details of the sender and receiver and their chain of communications and illicit images, in order to decide on the appropriate and proportionate course of action — which includes any limitations and special conditions in place for the search to be lawfully conducted.

Facebook argues that it intends to provide its users with strong encryption in order to provide safety online from criminals and hackers. It aims to use sophisticated technology within its platforms — including the use of behavioural patterns analysis and user reports — to detect users abusing their service.

MI5 vows to continue essential work on countering terrorism and extremism, which it says is currently as much a security risk to the UK as it was in Afghanistan. In an interview with the Times Radio recently, the UK Security Services was reported to have disrupted 29 ‘late-stage’ plots, including ten which were planned by far-right white extremists.

Security Services have focused upon the problem of online extremists grooming and radicalising young and vulnerable suspects for many years. Instances arising from recruitment would see many subjects finding their way to the battle front to engage in acts of terrorism and participating as foreign fighters.

Australia has experienced this problem during the past decade in which we were engaged in theatres of war. Extremists would prolifically search and groom recruits on discreet online chat rooms to booster their numbers in these conflict zones and provide fresh profiles, unbeknown to intelligence agencies due to the nature of recruits’ relatively young ages, history and pattern-of-life.

The concern for Australian intelligence and law enforcement agencies is that, as a member of the global Five-Eyes intelligence pact, Australian agencies rely on the sharing of information and profiles from overseas partners. Australia reciprocates with sharing among its partners critical intelligence and activities it discovers pertaining to crimes involving extremism, terrorism and child sex abuse that are of strategic and operational interest to those member countries.

Facebook’s proposed end-to-end encryption will challenge this key function of the security services until a new concept is developed and can replace the loss of access to the illicit data detected by the algorithms. Will this be Behavioural Pattern Analytics and User Logs, or can artificial intelligence and associated technologies further evolve in order to continue effective surveillance?

Additional reading:

The lunch is open to senior executives, risk managers, board members.  No IT Vendor or consultants, thanks

Image source: Glen Carrie on Unsplash

Previous post

What Cybersecurity Questions Should Directors Ask in an Age of Digital Acceleration?

Next post

Minicast: Prioritising A Safe Workplace Culture