Cybersecurity

Roadmap to the UK Gov’s Campaign Against Encryption

Rolling Stone Magazine broke the news that the British government approached an advertising agency for a £500,000 campaign – since confirmed by the Home Office.

Its goal? To prep a media blitz PR campaign. It’s focus, to undermine public confidence in encrypted communications apps. The initial stage of the campaign should get underway in May. But what will it look like, and how can you spot this campaign on the British streets?


A Roadmap To the Launch

According to documents for presentation to coalition partnership members (which includes children’s charities) the effort will attempt to cloak itself - ironically, not too differently to how VPNs work - as a grassroots push from such organisations, while dissociating itself from any government involvement.

For instance, one of the presentation’s notes says that on the day of the launch, a PR notice should be released saying that Britain’s largest children’s charity and key stakeholders have partnered with each other in order to encourage social media firms to better protect children.

The messaging itself would be distributed through a pre-agreed network of media outlets which includes “sofa programmes” like Loose Women and This Morning in order to reach eyeballs during popular broadcasting. Further comments say that the campaign was also considering partnering with the tabloid paper The Sun — which is Britain’s second-best selling newspaper.

Yep, we couldn’t make this stuff up… 

According to a presentation, the campaign will involve a distinct PR stunt piece: a physical digitised counter positioned in a public space, which will count the number 14 million in the space of 1 day – which is supposedly the number of exploitation cases that the government claims would have been missed out on as a result of increasing end-to-end encryption usage in communication apps.

This isn’t the first time that the Home Office has been at the centre of investigations of its behind-the-scenes manipulation of major public plans. 

It has been behind several different events supposedly generated from grassroot desires to stem extremism and unwanted opinions, which one investigative journalist Ian Cobain criticised because it meant that the government was masking its activities in being involved in events.

These events were instead framed as spontaneous displays of solidarity by minority groups, for instance after a terror incident.

The sleaze addition will likely generate similar criticisms, particularly because M&C Saatchi advised for ways of triggering the public to directly influence social media firms, by prompting them to reach out.

One recommendation by the advertisement company was to encourage parents to write to Mark Zuckerberg by modifying their social status to make a statement – which would be an experimental form of social media activation.

But this is one of the most striking recommendations by M&C Saatchi to make this PR stunt something that is highly memorable. 

The feature centrepiece of this campaign, according to leaked documents, would be a glass box that would be placed at the centre of a popular public space. Inside of this box would be to actors. One would be an adult, the other a child – who clearly do not know each other. The child would be in the sitting position, playing with their smartphone. Meanwhile, at the other side of the box, would be the adult sitting on a chair he was also tapping away on their phone.

The implications are obvious. And it would be made even more so by having the adult intermittently looking across to the child, knowingly. At certain points in the day, the ‘privacy glass’ will activate so that the previously transparent container becomes opaque. Passersby will have no ability to see what’s occurring inside. The goal being to create sensory uneasiness because the activities of the strangers are now hidden – the comparison made to what happens when our online activities can’t be observed.

One key objective of the stunt, according to the document, would be to force the hand of Meta to re-evaluate their role in protecting young users. 

End-to-end encryption is already part of a great number of large scale messaging apps: WhatsApp (owned by Meta) already uses this as its default route, but so does Apple’s iMessage, and apps like Signal and Telegram. 

Meta however intends to increase its integration of this feature to its Messenger app — which seems to be one of the central targets for this UK anti-encryption push. The plan also includes urging Meta’s founder on a personal level, by targeting him “as a father,” rather than a business executive.

A letter would be sent that would claim to represent the concerns of British parents by documenting public sentiments collected after launching the phase 1 of the campaign. One part of this would involve a spokesperson walking into Meta’s headquarters in London – making a request to speak one-on-one with Mark.


Outlook

Let’s give a bit of backdrop to this startling story. The British government has been one of the most ardent opponents in the Western democratic world to end-to-end encryption — the level this is even prompted a backlash from some past senior officials responsible for security.

Indeed, one lecturer towards the end of 2021, from a former CEO of Britain’s National Cyber Security Centre Ciaran Martin spoke out against the Home Office’s anti-encryption starts — and its general approach.

To paraphrase, Ciaran said that the language that the UK took against encryption was designed to inflame outrage even from a lukewarm opponent to this measure. And the framing of the actual problem was not realistic (“ridiculous,” in his own words). But also, the British government had no intention to stop its own adoption of this encryption technology.

Ciaran went on to say that the government was attempting to have his cake and eat it too – this technological ‘cakeism’ didn’t make much sense, and experts don’t agree on the logic of resisting encryption. 

In Britain, there has been a fairly negative reaction to these campaign plans. Privacy groups already have their own counter-campaigns being prepared, and there was general agreement that the government is fear-mongering.

The bulk of the paper focuses on Meta’s integrations of entering decryption – on the surface, however it is yet to be seen what the bigger play is. This particular case because Meta is likely to adopt this mechanism regardless of the outcome. 

It overall looks like an experiment in cloaked social activism and it will certainly be interesting to see how the British public respond as the complaint goes underway. Public funds are already spent.