The U.S. Wants a Backdoor to Your Encrypted Messages. Sweden Just Showed Up With a Battering Ram | Opinion

As the U.S. government continues to press Facebook to create a backdoor into its encrypted messages apps to allow police to access private communications, Sweden has performed the equivalent of smashing down the door without bothering to knock.

Mikael Damberg, the Swedish Interior Minister, announced recently that their national police force will be able to secretly install spyware on the computers, tablets and telephones of crime suspects. This technology will be capable of activating the devices' microphones and cameras, intercept communications and covertly extract data such as pictures or files. Significantly, the new law grants police the legal and technical capabilities to read encrypted communications.

Damberg's press conference even flashed up the logos of several apps that use encryption including WhatsApp, Telegram and Signal on screen.

The radical approach by Sweden is one that the U.S., U.K. xfand others will be watching closely, given the challenges of tracking tech-savvy terrorists, paedophiles and other serious criminal networks. More than 90 percent of the digital communication police in Sweden have tried to monitor has been encrypted, according to Damberg, making it easier to criminals to evade them.

"Police in Malmö believe that there has not been a single murder in Malmö over recent years which hasn't been preceded by encrypted communications between gang members," he warned. "We are giving law enforcement agencies a new tool and a very sharp weapon in the fight against the gangs that handle much of the shootings and blasts and the serious criminal activity that is afflicted by Sweden."

The new law is proposed to come into force on March 1 next year, but how the Swedish authorities plan to do it remains hazy. They're clearly not going through Facebook, so will most likely buy the technology from contractors. There is a thriving market for companies that sell communications intercept tools, as we know from recent publicity around high-profile players like NSO Group, the Israeli tech firm. By 2022, the global lawful interception market is expected to be worth more than $4 billion, driven by the rising number of criminal activities and the growth of social media platforms.

The latest U.S. push for access to secure messaging services has been ignited by Facebook's plans to extend end-to-end encryption beyond WhatsApp to its Messenger and Instagram apps. The impression that's been created, however, is that without backdoor access, all hope is gone. An open letter to Facebook on October 4, signed by Donald Trump's Attorney General Bill Barr, acting U.S. Homeland Security Secretary Kevin McAleenan, and the U.K. and Australian governments quotes the National Center for Missing and Exploited Children's estimate that 70 percent of Facebook's reporting to NCMEC of illegal content and activity (12 million reports globally) would be lost. "Companies should not deliberately design their systems to preclude any form of access to content, even for preventing or investigating the most serious crimes," the letter reads.

As Sweden has shown, installing encryption backdoors as a way to read data when investigating crimes is not the only card on the table. It also brings its own risks. As a number of cyber security experts have pointed out, any backdoor created for law enforcement is likely to be exploited by the bad guys. If such a glaring vulnerability is there, someone will find a way to misuse it. And if the US, or the UK, is given access, then who will decide what other governments should have the same rights.

Sweden's direct approach has drawn surprisingly little controversy. That's not what would happen elsewhere. Human rights organisations have condemned the use of surveillance and interception technology as a serious threat to individual rights, due process, and democratic freedoms. Mark Zuckerberg has used much the same argument for end-to-end encryption, insisting that people want their messages to be secure and not to be seen by "hackers, criminals or over-reaching governments".