The spectre of “law-enforcement going dark“ is on the EU agenda once again. I’ve written about the unintended consequences of states using malware to break into mobile phones to monitor communication multiple times. See here and here. Recently it became known that yet another democratic EU Member state has employed such software to spy on journalists and other civil society figures – and not on the hardened criminals or terrorists which are always cited as the reason why these methods are needed.

Anyway, I want to discuss a different aspect today: the intention of various law enforcement agencies to enact legislation to force the operators of “over-the-top” (OTT) communication services (WhatsApp, Signal, iChat, Skype, …) to implement a backdoor to the end-to-end encryption feature that all modern applications have introduced over the last years. When I talked to a Belgian public prosecutor last year about that topic he said: “we don’t want a backdoor for the encryption, we want the collaboration of the operators to give us access when we ask for it”

Let’s assume the law enforcement folks win the debate in the EU and chat control becomes law. How might this play out?

My view on this is shaped by two thoughts:

1) Product versus service. Right now, the instant messaging platforms operate primarily as services: they run computers and software that enable the communication. They handle the authentication, the directory and the OTT equivalent of the mobile operator’s Home Location Register (HLR): the system that enables communication endpoints to find each other. Implementing all this in a server-client model certainly make sense, but it’s not the only way it can be done. The seminal text on this is Clay Shirky’s essay on ZapMail, FedEx’ attempt to build a service based on FAX machines which completely bombed because people just bought their own FAX machines, turning a prospective service into a product that operates on top of the phone network.

2) The evolution of file-sharing applications. Initially, Napster was built as service: the central Napster servers knew about the files each member of the network offered and could then act as a broker that matched file searches to clients who offered those files. On an abstract level, this is exactly what WhatApp is doing, just instead of enabling a download it is enabling texting and calls. This made Napster the obvious target for legal action: the content-owners knew exactly whom to sue. And it worked: by targeting this central broker service, the lawsuits managed to shut down this file-sharing model.

But it didn’t stop file-sharing, it just changed the model how it operated. The centralized service evolved into a peer-to-peer model. Users downloaded software that built a P2P overlay network over the Internet which provided the necessary directory / search / rendezvous functions without the need for a central node. While the technology used (distributed hash tables) was pretty new, this is actually how most of the initial Internet applications work: you download (or buy) software that implements a certain protocol, configure the DNS as the directory / rendezvous function and pronto: you are part of the global network. It still works this way for e-mail and the world wide web. The spam epidemic is one of the downsides of this fully distributed approach.

What does this mean for instant messaging apps?

If the legislation targets the OTT services themselves, one possible counter is to de-centralize the service. Make it as thin as possible, e.g. by providing only an authentication and directory service, but refrain completely from being involved in any communication between users. The latter can be implemented with a P2P setup. This has been done before: the original Skype protocol also was heavily reliant on users acting as communication hubs.

Alternatively, the communication service could split into multiple small, interconnected services. Models for this are the fediverse (the network of Mastodon instances which together implement a global social media platform), Jabber (based on the XMPP protocol) or federated Matrix instances. These all make us of the DNS to enable instance to instance communication.

If user identifiers are domain-based, that’s easy to do, for phone-number based networks this is a bit trickier – regrettably ENUM didn’t take off, that would have been the perfect directory to map phone numbers to instant messaging IDs. But maybe we finally see a killer application for the blockchain: mapping identifiers to cryptographic keys in a distributed fashion is something that might actually work using that technology.

So yes, it is possible that any serious government interference with OTT services might trigger the development of alternative technologies and a shift of the users to the new architecture. If the user experience is good, this could happen pretty quickly. Yes, there is Metcalfe’s law to overcome, but there are historical precedents of populations switching from one social network to another. It may be slow in the beginning, but once a tipping point is reached, it might become unstoppable.

Here the analogy with file-sharing breaks down: sending copyrighted files to strangers is of questionable legality, texting with friends or calling a relative over the Internet is certainly legal.

What are the next steps? If people download one of the available chat-and-call applications, maybe choosing between simple open-source implementations and fancy commercial ones, then what can law enforcement do? Make distributing those programs illegal? Make using them illegal? I cannot believe that this will work from a legal point of view.

Summary

Any heavy-handed interference by lawmakers into the end-to-end encryption properties of OTT service could trigger an evolutionary step in those applications with wide-reaching implications. I strongly recommend treading very lightly here: it is probably a lot better to enter a constructive discussion with the OTT service on cooperative policing of their users. After all, it is not in the operator’s interest to expose their users to fraudsters on their service. Every additional story of government abuse of surveillance makes this a harder sell.