[UPDATE 12 Oct 2021: Cabinet policy obliges ministers to delete instant messages]
This was originally written near the peak of the COVID-19 crisis in the UK. It is understandable at such times that expediency wins out.
But there will come a reckoning when we have time to re-examine lots of things, ask hard questions, and make informed decisions about what is right rather than expedient.
Policy on what is the right and appropriate use of messaging apps will be one of those questions that needs addressing.
Let’s start by acknowledging the dominance of messaging…
It is understandable that policy lags reality given the speed of technical change but let us at least start by acknowledging that messaging is already where most communication takes place and this will continue to grow. How we deal with messaging therefore needs to be a priority.
Messaging is eating the world. Facebook’s WhatsApp and Messenger have over 3 billion users; Chinese app WeChat – with its Tencent stablemate QQ – over 2 billion; Telegram, Signal, Viber, Threema, Wire and a fistful of others like them another billion. Most of the planet is already communicating via messaging.
…and recognise the current choice between complete state surveillance or secrecy beyond the law
With certain messaging apps, like Chinese-owned WeChat, you must accept complete state surveillance and realise the level of insight and control this gives central authorities. Other messaging apps, like Telegram, Viber and Signal, are ‘end to end encrypted’ which means the content cannot be monitored and is beyond even law enforcement agencies. WhatsApp is the same and Facebook is moving Instagram and Messenger in that direction too.
Making the content ‘secret’ in this way, and allowing users to be anonymous, causes its own problems as we have seen recently with the spread of dangerous misinformation about Coronavirus, mostly via WhatsApp, that even Facebook is powerless to prevent. The government has had to create specialist units and campaigns like ‘Don’t feed the beast’ to try and combat this problem.
Concerns that messaging goes so ‘dark’ as to be beyond the reach of law saw the UK’s Home Secretary and the US Attorney General write an open letter to Facebook CEO Mark Zuckerberg asking them to incorporate “lawful access to the content of communications to protect our citizens.”
Is there not a third way where messaging can be secure, and protect individuals’ rights to privacy, but still remain responsible and accountable to the laws of a nation?
Let’s also recognise the dangers to democracy with our strange fixation on secrecy in messaging
We have communicated with letters, emails, web forums, phone calls, meetings, social networks and other platforms to date and none of them are encrypted. So why should messaging be a medium where there are expectations of levels of encryption which make it possible to abrogate responsibility and accountability behind the veils of secrecy and anonymity?
It seems part of the reason may be because we have lost trust in institutions like governments and law enforcement agencies and would rather take control ‘into our own hands’. This risks missing the obvious point that we are actually handing power and control to companies like Facebook which was fined $5 billion in 2019 for user privacy violations and has repeatedly been strongly criticised for its data practices by the UK, and other, governments.
Perhaps COVID-19 will help restore citizens’ faith and trust in institutions, like the health services and police, perhaps even politicians, the government and civil service, but we will need to be clearer on the choices we make with messaging.
We need to ask ourselves whether maybe we have a duty as citizens of democracies not to knowingly move our communications beyond the reach of our own governments and law enforcement?
When leading democratic governments feel they must write to tech companies to ask for the ability just to enforce their laws, we are entering dangerous territory for the future of democracy and the rule of law.
We must admit current policy around the proper use of messaging is a mess
The British Conservative party recently switched to messaging app Signal after WhatsApp leaks and the European Commission has also told its staff to stop using the likes of WhatsApp and start using Signal.
It seems there is a move against WhatsApp but it is not particularly clear why Signal should be the preferred choice (versus, say, Telegram or many others). Furthermore, advocating any such encrypted messaging services is directly in opposition to the very stance being taken by the UK and others in asking Facebook not to encrypt their messaging services.
There may be an argument that politicians and civil servants need particularly secure communications, even if that risks making them unaccountable. At a time where citizens want transparency, accountability and responsibility in their leaders this seems a little odd. But for journalists protecting sources, security and emergency services, and the military among others, there have always been more secure forms of communication including encryption.
Whatever the answer, the point is that there are no clear policies at the moment. We seem to be flying blind and largely bowing to whatever is most convenient rather than considering properly what is right.
For example, WhatsApp is used by over 40% of its users for professional purposes. Quite apart from the privacy and other legal problems with that, it is even against WhatsApp’s own terms of service to use it that way. If you look at existing government policy on the use of WhatsApp, for example the guidance on WhatsApp usage from the Ministry of Justice, it does not acknowledge these realities and appears to say “we’d rather you didn’t use WhatsApp but, if you must, do so in this way which makes it almost unusable”.
Currently, official policy on the correct use of messaging, and which messaging apps are allowed, either doesn’t exist, or it lacks clarity, or it is perilously weak.
Britain is well-placed to lead in policy and solutions that make the most of messaging in the right way
Coronavirus notwithstanding, as the UK starts to shape a new place on the world stage post Brexit, we can justifiably point to the quality of many of our institutions, not just of justice and ethics, but of innovation, engineering and design.
Britain is taking personal privacy and data security seriously. We are home to the Turing Institute, the Open Data Institute, techUK, the Oxford Internet Institute, the Centre for Data Ethics, and pioneering work is being done by the National Cyber Security Centre and Financial Conduct Authority among others. We can be proud of the advocacy of web inventor Sir Tim Berners-Lee, whose Contract for the Web is influencing digital policy agendas.
Combined with the dynamism and world-wide reputation of our professional services sector, Britain is well placed to develop progressive policies around messaging and provide considered alternative messaging app solutions.
For society and democracy’s sake, we can deliver an approach to messaging that combines respect for the user with respect for the law.
There is a need in our new, ethically-challenged online world for technology built with, and for, integrity.
At a time of great uncertainty and change, for the UK and the rest of the world, there is the opportunity, perhaps the duty even, for British policy-makers, and British messaging apps, to lead by example and offer more private, but still responsible and accountable solutions, in policy and in practice.