UK Mulls “Ghost Protocol” to Snoop On Encrypted Messages, Calls

In what they said was a further undermining of basic privacy rights and government spying, a group of 47 technology giants and digital security organizations have condemned a United Kingdom proposal that would silently add a law enforcement participant to a group chat or call.

That means people who use encrypted services such as WhatsApp to protect themselves being snooped on could find themselves exposed – without their knowledge – to government eyes and ears through the so-called “Ghost Protocol.”

Blueprint for Free Speech has joined WhatsApp, Google, Apple, the Electronic Frontier Foundation, Freedom of the Press Foundation, Government Accountability Project, Human Rights Watch, Reporters Without Borders, Microsoft and a bevy of security and policy experts in opposing the proposal.

All have signed an open letter addressed to the UK’s signals intelligence agency GCHQ, which argues that the proposal would give unprecedented powers to Britain’s eavesdropping agency and pose a “serious threat” to digital security and human rights.

Details of the initiative were first published in an article by two of the UK’s highest ranking cybersecurity officials in November 2018. Ian Levy, the Technical Director of Britain’s National Cyber Security Centre, the public-facing part of GCHQ, and Crispin Robinson, GCHQ’s head of cryptanalysis. The proposal was floated as an alternative to trying to break encryption protocols, an interpretation which is not shared by many experts.

Levy and Robinson’s proposal suggested that it would be “relatively easy for a service provider to silently add a law enforcement participant to a group chat or call,” and said this would be similar to the crocodile clips used to wiretap communications that aren’t encrypted.

The open letter takes issue with this interpretation, stating that, “to achieve this result, their proposal requires two changes to systems that would seriously undermine user security and trust.” In order to make the function work, messaging apps, service provides and operating systems would have to change their software and “mislead users by suppressing the notifications that routinely appear when a new communicant joins a chat.”

“The overwhelming majority of users rely on their confidence in reputable providers to perform authentication functions and verify that the participants in a conversation are the people they think they are, and only those people,” the letter continues. “GCHQ’s Ghost Protocol completely undermines this trust relationship and the authentication process.”