Law Enforcement's Nemesis — WhatsApp — Is Also Law Enforcement's Best Friend

from the love/hate-as-needed dept

WhatsApp: a tool for evil.

David Cameron announced early last year that it was “unacceptable” that all communications could not be intercepted and read by intelligence services and law enforcement agencies. He stopped short of calling for a ban but strongly hinted this would be addressed in the Snooper’s Charter.

This followed the head of the UK’s GCHQ throwing both terrorism and child porn into the mix while vocally handwringing about encrypted communications — portraying tech companies as callous accomplices of child abusers and jihadists.

In Brazil, WhatsApp was blocked and a Facebook executive arrested for refusing to hand over identifying information on its users.

And here in the US, the FBI has been dropping sealed hints that the popular messaging app may be the next recipient of one of its infamous All Writs orders.

Meanwhile, over in Belgium, it’s law enforcement that’s benefitted the most from the platform’s existence. (h/t Frederic Jacobs)

“There were no orders and nobody really knew what to do. The mobile phone network was also out of order. Fortunately, Whatsapp worked. Without this app we we could not communicate at all,” federal police spokesman Peter De Waele said as quoted by the media outlet.

Very handy, that. When cell infrastructure goes down, WhatsApp stays up. What law enforcement hates and fears because it can’t capture readable content in transit is also useful when all hell breaks loose. Kill it off because you fear the unseen communications and you’re going to end up hurting yourself.

As for Belgian law enforcement, they’re likely not as fearful of WhatsApp’s encryption as others. WhatsApp played a key part in a terrorist plot last summer — but one that was disrupted by Belgian law enforcement.

According to Gaspard Sebag from Bloomberg, the European law enforcement in a joint effort with the FBI are monitoring the use of the popular messaging platform WhatsApp.

“Investigators said earlier they had detained 16 people in the anti-terror raids after working with U.S. authorities to monitor suspects’ communications on WhatsApp Inc.’s messaging service.” states Sebag.

The Belgian law enforcement raided two separate groups operating in Ostend and Louvain, and according various sources the messages exchanged on WhatsApp allowed the investigators to trace the group.

At the time I’m writing, Facebook who acquired WhatsApp, declined to comment the events, but security experts speculate that there is something wrong in the implementation of WhatsApp end-to-end (E2E) encryption started in November.

And even if the flaw is no longer present, intelligence/law enforcement agencies still have other options:

It seems that even if the messages are protected by the encryption implemented, the FBI or NSA are able to gather metadata on the server side that could be used to link WhatsApp users. The analysis of metadata allowed law enforcement to identify the network of the alleged suspects.

Not quite the monster Cameron, et al. have portrayed it as. And it’s a great backup plan for those times when regular communication channels just aren’t working.

Filed Under: , ,
Companies: whatsapp

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Law Enforcement's Nemesis — WhatsApp — Is Also Law Enforcement's Best Friend”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Let’s be clear. And this comes from the official media: the Belgium strikes happened because the Belgian police (and the EU intelligence services) were touching their balls with both hands and both feet instead of doing their job.

They knew already who to catch, where they were and what to do. Actually, Belgium was a fucking fortress regarding surveillance, due to the Paris strikes a year before and other issues.

And yet, the terrorists could kill thirty plus people, not due encryption, or due people shutting up their mouths and not reporting them.

But because the police were fiddling with their thumbs.

And you know what? That now the PNR is going to get a smooth sailing because “think of terrorism”. And they will hop on the wagon to introduce new surveillance laws into place.

As if surveillance laws were thought to combat terrorism. They are made to combat citizens, not terrorists.

DannyB (profile) says:

Don't bad guys use burner phones?

This followed the head of the UK’s GCHQ throwing both terrorism and child porn into the mix while vocally handwringing about encrypted communications — portraying tech companies as callous accomplices of child abusers and jihadists.

Don’t bad guys use disposable mobile phones?

It seems like it might be the mobile phone companies that are callous accomplices of child abusers and jihadists. Shouldn’t they be monitoring (aka, listening in on) all mobile phone calls in order to prevent their networks from being used by bad guys?

Anonymous Coward says:

Re: Re:

…If the cell infrastructure goes down, how do WhatsApp clients still have connectivity? Does Brussels have widespread open wifi?…

Maybe not widespread but enough open points to hardwired services to maintain connectivity. If I’m reading right WhatsApp avoids using cel and SMS networks/protocols unless no other connection options exists.

streetlight (profile) says:

What about Google Hangouts or other apps?

According to Google’s web site:


All signals, like messages, are encrypted over an HTTPS connection with 128-bit encryption, using TLS 1.2. The connection is encrypted and authenticated using AES_128_GCM. The key exchange mechanism is ECDHE_ECDSA.


Audio and video

To improve audio and video quality, Hangouts calls use a direct peer-to-peer connection when possible, instead of routing through a server.

Audio and video in Hangouts are encrypted using SRTP. Video is AES_CM_128_HMAC_SHA1_80, and audio is AES_CM_128_HMAC_SHA1_32 (128-bit AES encryption and SHA-1 HMAC for authentication).

When you dial a phone number from a Hangout, audio is encrypted until it reaches the carrier network. But telephone carriers are responsible for the audio within carrier networks

I’m not a security expert, but it seems messages using Hangouts are end-to-end encrypted over Wi-Fi and possibly over cell networks. I believe that’s also the case for Gmail as messages are stored encrypted on Google’s servers. Whether decryption of these Google products messages can be done by others, I don’t know. Others should comment.

The possibility of detecting members of a connected web of terrorists by just knowing their messaging connections should one or more persons in the terrorist web is a known terrorist is a fascinating possibility. This suggests the authorities need to leave at least one known terrorist at large for awhile to complete the web while keeping an eye on the connected individuals. Burner phones may be a problem in this scenario, though.

Anonymous Coward says:

let’s face it, the various governments dont want anyone able to communicate, certainly in private, with anyone else! all they do is complain about messaging apps and encryption but are only too glad that both exist when they have lost their methods of communication! it’s basically like just about everything today. governments want everything and us to have nothing. they want to be able to punish people drastically for the most minor ‘crime’. stop people from getting any information about the governments or the people in government and spreading it around the globe whilst very conveniently ignoring the fact that they are supposed to be in office for the people, not for themselves!!

Tom Mink (profile) says:

Access to user metadata not enough?

As law enforcement and intelligence agencies monitor connections between suspects to establish cause for investigation (and membership no fly lists, detention, even assassination) does that mean that access to communications content will lead to exonerations and a greater evidence threshold for government sanctions against individuals? If you’re the perfectly innocent cousin of a terrorist suspect and at most you’ve discussed lasagna recipes you’d be off the hook, no?

Haha… Of course not.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...