When Moxie Marlinspike, the iconoclastic technologist, landed Hillary Clinton as a client of his encrypted messaging app last year, he hailed the event with trademark Silicon Valley idealism: “I think we have actually sort of won the future.
”But his Signal encryption technology, which also underpins WhatsApp and other similar services, has been as controversial as it has successful.
The billions of people who now use such apps operate under cover of secrecy.
We are only starting to discover quite how dangerous the flipside to that west-coast liberal vision could be.
Whenever a terrorist attack occurs these days, a key line of investigation is how the perpetrators communicated.
Over the past couple of years — in Paris, in London, in Stockholm — police have highlighted the role of encrypted messaging via WhatsApp.
“The shadow continues to fall,” former FBI director James Comey told senators in May, in reference to the secrecy such services provide.Encrypted messages render wiretaps and subpoenas worthless because the words sit only on an individual’s device and are not accessible by the companies that facilitate them.
Authorities both in the UK and US have appealed, often in vain, to technology groups to give them “backdoor” access to encrypted data in serious crime probes, most notably Apple after the San Bernardino mass shooting.
Much of the debate has centred so far on terrorism. Now, as the FBI highlighted this week, the potential of encrypted messaging to facilitate financial crime is coming into focus.
Encryption is a growing problem in tackling “fraud, money laundering and insider trading”, a senior FBI agent told the Financial Times.
Last week Daniel Rivas, a former Bank of America IT employee, pleaded guilty to passing secret information about corporate takeovers to a handful of other men. Mr Rivas used an encrypted messaging service to communicate the tips, according to the Securities and Exchange Commission complaint.
Earlier this year, the UK’s Financial Conduct Authority imposed the first fine on a banker for sharing confidential information on WhatsApp.
Christopher Niehaus received a penalty of £37,198 for passing information on confidential deals to friends.
Examples of regulatory action like this would suggest that encrypted messaging is no obstacle to law enforcement.
But the tools inevitably make it harder to identify wrongdoing, catch criminals and bring cases against them.
The FCA case relied on Mr Niehaus volunteering his phone and passwords, rather than having his messages rumbled.What if WhatsApp had existed 10 years ago? Would the rigging of Libor and foreign exchange rates ever have been uncovered? As it was, Bloomberg and other unencrypted messaging services were used — providing prosecutors with ample evidence, much of it memorably colourful.Superficially, at least, behaviour has been tightened up in recent years.
Bloomberg has improved the monitoring tools offered on its terminals, allowing compliance officers easier access to employees’ communications.
Several banks have banned the kind of multi-company chat rooms that allowed the Libor and forex collusion to take place.
Some no longer allow traders to take phones on to trading floors.
Chief executives have joined clean-up initiatives, such as the UK’s Banking Standards Board.
Fines should now be on a downward trajectory, too. A springtime assessment by Boston Consulting Group of penalties imposed on banks globally found that last year’s tally was $42bn.
Though it was up on 2015, it was a long way off the $75bn peak of 2014. Numbers should keep falling as banks finalise their penalties for the big legacy scandals — mis-selling products and breaching money laundering rules, as well as manipulating Libor and forex.
Among this year’s notable settlements, Deutsche Bank has sealed a $7.2bn settlement over mis-sold mortgage bonds, as well as a $630m penalty over Russian money laundering.
BNP Paribas has paid out nearly $600m over the forex affair.It is a fair bet that Mr Marlinspike did not have the protection of market manipulating investment bankers in mind when he spoke out a few years ago against the “burgeoning worldwide surveillance industry”.
But unless Silicon Valley’s idealists relent, and grant regulators some kind of backdoor access to encrypted information, financial criminals, like terrorists, will have an easier ride.
And we may never know whether bankers’ crimes are genuinely declining — or are just going undiscovered.
