Government mull killing off enterprise encryption of customer data

Government mull killing off enterprise encryption of customer data

The UK government may soon pass new orders which will force companies to remove encryption from customer data and hand them over to the government on a platter.

The government is planning on curbing enterprise encryption in the aftermath of the Manchester terror attack which claimed 22 lives.

First reported by The Sun, the government is planning to introduce, before the Parliament, a series of new orders collectively titled Technical Capability Notices, after the elections are over. The new orders will allow the government to obtain encrypted messages and content from companies as and when required.

Elections and Cyber-security: How political parties are gearing up to face cyber-terrorism

This means companies in the UK will have to create encryption backdoors to allow government access to such data. Both UK-based enterprises, as well as multinational entities which hold customer data in the UK, have resisted previous attempts by the government to bypass encrypted customer data, fearing that such backdoors will also be exploited by hackers and enemy states.

Once the Technical Capability Notices are passed by the Parliament, new orders will require only warrants signed by the Home Secretary and approvals from a senior judge. The new set of orders has the backing of security chiefs who want more powers to track online communications without having to seize devices.

WhatsApp’s new encryption mechanism is a nightmare for hackers

The news comes at a time when enterprises, especially those facilitating social media interactions, are implementing stricter encryption protocols to ward off hackers and keep customer data protected at all costs. Earlier this month, WhatsApp quietly added a new encryption mechanism to make it increasingly difficult for anyone to access data uploaded to the iCloud drive. The new update sealed off backdoor tricks used by Federal agencies and hackers who could gain access to such data by hacking into iCloud servers and downloading data dumps.

A document leaked by the Open Rights Group has also laid bare the UK government's attempts to utilize new surveillance techniques to track as many as 6,000 people at any given time. As per the draft Investigatory Powers (Technical Capability) Regulations 2017, the Government aims to 'remove electronic protection applied by or on behalf of the telecommunications operator to the communications or data, or to permit the person to whom the warrant is addressed to remove such electronic protection.'

Firms’ use of encryption at an all-time high, report reveals

At the same time, the draft bill proposes to empower the government to 'provide and maintain the capability to simultaneously intercept, or obtain secondary data from, communications relating to up to 1 in 10,000 of the persons to whom the telecommunications operator provides the telecommunications service to which the communications relate.'

Copyright Lyonsdown Limited 2021

Top Articles

WhatsApp's New Privacy Policy Deadline Has Arrived

At the start of 2021, WhatsApp announced its privacy policy updates, sparking outrage and backlash from its consumers as WhatsApp will share personal information with its parent company, Facebook.

Overcoming the security challenge in remote working environments

The pandemic has changed the way we work. Remote working is no longer a nice-to-have for organisations, but a necessity especially if they want to attract the best talent.

President Biden pens Executive Order to boost US cybersecurity

US President Joe Biden signed an Executive Order this week to boost the cyber security of federal government systems and data.

Related Articles