2020 is indeed an upside-down year. In a discombobulating development, China, American Civil Liberties Union, Electronic Frontier Foundation and a host of other global civil society organisations have found themselves on the same side of a debate — standing up against backdoors to end-to-end encrypted platforms.
A Chinese Foreign Ministry official, on October 13, accused the Five Eyes intelligence alliance, the US in particular, of double standards for asking companies to build backdoors to encrypted communications. Zhao Lijian’s, the Foreign Ministry spokesperson, instead cited China’s own framework on data security that asked technology and telecom companies to not install backdoors. He said that the Five Eyes’ “wanton” accusations against Chinese companies of installing backdoors in their products are proof of their political motives and their “intention to suppress foreign companies”.
Zhao questioned the Five Eyes’ intentions: fighting crime or gathering intelligence? He said that if countries need data stored overseas for law enforcement purposes, they should access it through judicial assistance or the relevant bi/multilateral agreements. However, law enforcement agencies, especially in India, have long contended that bilateral treaties such as the Mutual Legal Assistance Treaty (MLAT) make it very difficult to get access to data and content in time.
“Without any evidence, the Five Eyes have long been wantonly accusing Chinese companies of installing ‘backdoors’ in products, which they say threaten the security of supply chains and personal privacy. However, they baldly ask companies to insert ‘backdoors’ in encrypted apps; it is typical double standard. It not only reveals those countries’ hypocrisy, but also proves that there are political motives behind their action, and that their real intention is to suppress foreign companies.” — Zhao Lijian, Chinese Foreign Ministry spokesperson
Zhao explicitly stated that the Chinese government “has never asked Chinese companies to install back doors and provide overseas data to the government”. However, China’s controversial Cybersecurity Law, enacted in 2017, allows the Chinese government to essentially access companies’ networks and computers for review and are subjected to the state’s supervision, potentially giving the government access to all data stored within or routed via servers in China. Zoom and TikTok have both been treated with suspicion in the US and India because of this reason. TikTok has been banned in India while an American court has stayed a ban on it in the US.
Despite the involvement of India and Japan in the international statement, Zhao did not address any country in particular except the US. He instead brought up USA’s PRISM surveillance programme through which the National Security Agency hoovered up communications from American internet companies, Equation — a group of offensive hackers who had reported ties to the NSA —, and the Five Eyes’ ECHELON programme.
The Five Eyes alliance — USA, UK, Australia, Canada, and New Zealand — have renewed their demand for backdoors to end-to-end encrypted communication systems, citing public and child safety. Their latest statement, released on October 11, was also signed by India and Japan. The call has already drawn criticism from more than fifty civil society organisations who have called this call an “ill-considered attempt” which is “incompatible with the technical reality of encryption”.
China is infamous around the world for its surveillance mechanisms and censorship over the internet. It is home to the largest video surveillance monitoring system in the world, threateningly called Skynet. Unlike the Five Eyes nations, access to internet is completely controlled by the state through what’s called the Great Firewall of China. Despite China’s stance this time, end-to-end encrypted platforms are not all that easily accessible or available in the country. WhatsApp, the most popular one in the world, is blocked, but Signal is not.
‘Look at our anti-backdoors framework,’ says China
Zhao referred to China’s global data security initiative, released in September, that focusses on the handling of personal user data, surveillance by foreign actors or states among a slew of other issues. “ICT products and services providers should not install backdoors in their products and services to illegally obtain users’ data, control or manipulate users’ systems and devices.” The phrasing of this particular principle suggests that if a law allows companies to install backdoors, it may be permitted.
China’s initiative was an answer to the United States’ similarly-focussed “Clean Network” initiative that called on other nations to protect their internet infrastructure from Chinese influence.
- ‘Don’t conduct mass surveillance against other countries,’ China tells the world in its global initiative on data security
- Chinese lawmakers deliberate upon personal data protection bill
- ‘We want backdoors to E2E encrypted platforms for law enforcement’: India, Japan, Five Eyes to companies
- ‘Backdoors to encryption are bad,’ civil society group tells Five Eyes, India, Japan. Again.