From Britain to Sweden, encrypted communication is increasingly under attack as authorities are seeking ways to better monitor people’s chats to fight crime. Signal, one of the best encrypted messaging apps, however, is unwilling to compromise its privacy and security.
“The signal’s attitude to this is very clear – we will not go back, adultery or otherwise interfere with the robust privacy and security guarantees that people are dependent on,” said signal president Meredith Whittaker under a panel at Rightscon 25 conference on Tuesday, February 25.
“Whether this disturbance or back door is called the scan of the client side or stripping of the encryption protection from one or the other feature similar to what Apple was pushed to do in England,” she added.
Whittaker’s comments come days after Apple was forced to kill its iCloud’s end-to-end encryption feature in the UK following a government’s order to create an encryption back door to give law enforcement access to users’ data. Sweden is also considering introducing a new law that requires all encrypted communication apps to create a similar back door.
UK’s attack on encryption
For almost a week – since Friday, February 21, to be accurate – people in the UK have not been able to use Apple’s Advanced Data Protection (ADP) feature on iCloud.
Although not a standard feature, Apple ADP launched in 2022 to provide an extra layer of protection on all iCloud storage data via end-to-end encryption technology. This means that not even the provider can access these files.
The large tech giant removed the feature instead of complying with the UK’s encryption back door order, ensuring that this decision will not affect iCloud data categories that are end-to-end encrypted by default. These include users’ health data, passwords, iCloud messages and Apple card transactions. You can see all the others on Apple’s support page.
“As we have said many times before, we have never built a back door or master key for any of our products or services, and we will never,” Apple explained in a written statement at that time.
However, it is not yet clear what influence this step will have on users’ privacy in and out of the country. What would happen when British users travel abroad, for example? And what about foreign users traveling in the UK? Perhaps the most important thing is to remove ADP being enough for British authorities?
These are some of the questions that still need an answer. For signal, however, it is not marketable and once again ensures that the company is ready to leave the British market instead of undermining encryption.
Sweden and additional anti-encryption efforts
The United Kingdom is not the only country pushing to choose the lock of encrypted communication to facilitate criminal investigations.
Sweden is recently connected to the list of governments considering adopting legislation to make it mandatory for them as a signal, whatsapp and iMessage to create an encryption back door in their software. If they succeed, the new rules could come into force as early as March 2026.
Again, when he talks to Swedish media SVT Nyheter, Whittaker has recently repeated the company’s attitude. She said, “This means that asking us to break the encryption that is the basis of our entire business. Asking us to save data would undermine our entire architecture and we would never do so. We would rather leave the Swedish market completely.
This is because Whittaker added: “Our responsibility is to offer technology that maintains human rights in an era in which these rights are being violated more and more places.”
Do you know?
Encryption refers to the encryption of data to an ulcerous form to prevent access to third parties. End-to-end encryption is the repetition of messaging apps and secure email services, among other tools, using to protect data in transit by keeping private between the sender and the recipient end.
Outside of Sweden, the EU has also tried to pass on a proposal to scan the citizens’ private communication, the encrypted included, since 2022 to stop the spread of sexual abuse of children (CSAM). The images are considered chat control by its critics and still receive pushback from both experts and legislators who could not yet find a compromise after almost three years and two lighter versions.
In January, Europol’s chief Catherine de Bolle repeated such efforts to break encryption, arguing that “anonymity is not a fundamental right” and technology giants have a “social responsibility” to give the police access to encrypted messages used by criminals.
However, at the same time, the recent events such as Salt Typhoon attacks on all major US telecommunications have shown how encryption is crucial to privacy and security for everyone’s data. On that occasion, even FBI and CISA experts have called on citizens to switch to encrypted services in the wake of this unprecedented cyberattack.
What is the next?
Signal is not alone among the tech community that calls the campaign against encryption. For example, a group of over 100 civil society organizations, tech companies and cybersecurity experts have also called on the British government to cancel its order to Apple and warns how an iCloud back door “brings millions of security and privacy.”
The way to mitigate litigation against encryption is certainly filled with challenges for privacy and tech experts. Still, users may be reassured signal is required to strike back.
“We are continuing to push back,” said Whittaker, pointing out how events like Salt Typhoon are a tangible example of what cryptographers, human rights experts, journalists and technical society as a whole have said for decades – “You can’t build a safe backdoor.”
She added: “Our position does not change. It does not change based on the year, it does not change based on jurisdiction. It’s actually quite simple.”
