UK flag

Some people have no shame, and one of those is Theresa May, the Prime Minister of the United Kingdom, who used the terror attacks that took place in London, on Saturday, June 3, to push her party's agenda for laws that would push for encryption backdoors.

May's Conservative party proposed wider Internet surveillance laws two weeks ago as part of their campaign manifesto for the upcoming general elections, set to take place this Thursday on June 8.

May's party already proposed legislation on the topic

May wants the government to pass legislation that would allow security agencies direct access to data of tech companies and telecommunications providers, for the purpose of intercepting encrypted communications. A leaked draft of the proposed modifications to the IP Bill is available here, courtesy of the Open Rights Group.

Historically, May has been the main champion of cracking down on Internet freedoms in the UK, being the driving force behind the Investigatory Powers Bill (IP Bill), a piece of legislation passed last November that forces Internet providers to log every user's web browsing history for a year and allow law enforcement agencies to access it without a warrant.

Many experts have deemed last November's IP Bill as the most extreme surveillance law in the history of Western Democracy.

Now, May is determined to use the tragedy of the Manchester and London terror attacks to get her way on the matter of encrypted communications.

If May's party gains a majority in Thursday's general elections, there's no doubt they'll pass their proposed legislation. If so, the UK will join Russia in the rank of countries that have legalized backdoors for encrypted communications.

Law language interpretation is everything

Nonetheless, there are a few problems. The proposed legislation details technical means to access encrypted telecommunications. It is unclear what the UK government understands through "telecommunications." Is it all encrypted Internet traffic, or just IM conversations? May's recent public speaches have focused on portraying encrypted IM apps as themain villain, but this doesn't mean the law couldn't be abused to force all sorts of tech companies to provide backdoors into their non-IM products.

It would be extremely foolish and self-defeating from the British government to mandate backdoors for all encryption, such as the one used to secure communications to bank accounts.

Furthermore, there's no assurance the UK government would be able to protect its "encryption backdoor" from other hackers, such as cyber-crime groups and nation-state APTs.

For example, the NSA wasn't able to protect some of its hacking tools, which were stolen and leaked online, and led to last month's massive WannaCry outbreak. It wouldn't be a too far-fetched scenario that the UK loses access to its "encryption backdoor."

We've seen this approach before

In late 2015, the EU used the Paris terror attacks to push for tougher legislation on Bitcoin, being currently in the midst of creating a database that links Bitcoin accounts with real identities. Authorities argued that terrorists used Bitcoin and the Dark Web to plan their operations, which in the end proved to be false.

In the past months, EU regulators have been pushing social networks such as Facebook, Google, and Twitter, to crack down on extremist content and hate speech, threatening the companies with huge fines.

Related Articles:

Stingray Devices May Interfere With 911 Emergency Calls

Chrome Extensions, Android and iOS Apps Caught Collecting Browsing Data

NSO Group Rejects Citizen Lab's Findings on Pegasus Operations

Critical RCE Peekaboo Bug in NVR Surveillance System, PoC Available

CCleaner Disregarding Settings and Forcing Update to Latest 5.46 Version