I have long said that the security services and social media companies should sit down and work out a solution to the problem of terrorist using messaging apps. But whether or not companies should use encryption is not the thing they should be discussing.
A 14-year old hacker could get round most of the encryption on social media or messaging sites. Don’t tell me that our security services can’t do it. We know that security agencies have used hacking tools – the NSA leaked tools created havoc on the NHS. As I’ve written before, if hackers – from security services or otherwise – want to access data, encryption won’t stop them. It might take a bit longer. They can target information at the device level, which avoids the issue of encryption altogether. It’s just a bit harder, which means you have to know who you’re targeting, rather than scanning everyone’s post as a matter of course, but it’s possible.
Blocking extremists from uploading content to social sites might sound like a good idea. But all that will do is force them deeper underground into the dark web, out of view completely.
The other issue is that when a terrorist sends information over a messaging service, you’re constantly playing catch up trying to follow where that message (or the information in it) ends up. It will be shared, forwarded and downloaded.
In business, the biggest risk of data leakage is your contacts – the recipients of the content sent. Even if the message and attachments are encrypted in transit you have no control over what the recipient will do with the information once they have received it. You could argue that for the spreading of extremist content this is the reverse and that the sender’s contacts are in fact their strongest link as it enables rapid, widespread sharing of the content received.
The conversation we should be having is how to control that content and stop it spreading. If you could delete extremist content at source, before it was shared, that would help tackle the problem. And the only way to do that is for the big social networks to change the way information is sent, stored and shared.