The former head of GCHQ has called for an end to the government handling crises over WhatsApp, saying the platform might suit gossip and informal exchanges but is inappropriate for important decision-making.

Sir David Omand, who ran the UK intelligence service before becoming the permanent secretary of the Home Office and the Cabinet Office, criticised the way government was conducted in the pandemic and said future crises should be handled with “proper process”.

  • jabjoe
    link
    fedilink
    English
    arrow-up
    4
    ·
    11 months ago

    Right? Americans (well some, who, to be fair, also aren’t unbiased) went mental about Hilary using personal email for government business. In the UK so many don’t see an issue with goverment by WhatsApp!

    • Digestive_Biscuit
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      Not disagreeing, they shouldn’t use WhatsApp at all, but email is way less secure. Emails are easier to “hack” and if I remember right they were stored on her personal server so she personally keeps the data, a bit like how Trump was found with government documents in his personal belongings. WhatsApp is encrypted end to end and presumably (I hope) are used on gov work phones.

      For me it’s more about the lack of controls on accessing and retaining data used in WhatsApp. It’s not stored on a central government system.

      I don’t know if the gov have an official messaging app. But hearing all this in the news really sounds like people in gov are intentionally using WhatsApp as a means to keep conversations secret. Like everything else with this government, it stinks.

      • jabjoe
        link
        fedilink
        English
        arrow-up
        2
        ·
        11 months ago

        Email security is purely on how it’s done. If you want it end to end and encrypted at rest, there is the PGP email standard.

        Government via WhatsApp is not acceptable. It’s a closed source app from a foreign for profit data-mining company. It should be a no brainer that it’s not acceptable.

        • mannycalavera
          link
          fedilink
          arrow-up
          1
          ·
          11 months ago

          there is the PGP email standard.

          I don’t think Hilary was using PGP to be fair.

          • jabjoe
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            Even if she was, it is a legitimate problem using non-gov email for gov business. Though the crazy thing is those calling to “lock her up” support politicians doing far worse.

        • Digestive_Biscuit
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 months ago

          Yeah totally agree. WhatsApp shouldn’t be used by government.

          Email can be secure both sides, one side or neither. You can’t rely on it being secure.

          • jabjoe
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            If it’s PGP email, it’s as secure as the keys. If the keys can’t be kept secure, no system can be kept secure. You email whose public key you have and it requires their private key to read.

            • Digestive_Biscuit
              link
              fedilink
              English
              arrow-up
              1
              ·
              11 months ago

              Were talking about somebody using their own personal email for work purposes. There’s absolutely no assurances on encryption their using. It’s a bigger risk than WhatsApp, although I again should say I agree WhatsApp shouldn’t be used either. Both options aren’t good but for slightly different reasons, in my opinion anyway.

              • jabjoe
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                11 months ago

                Oh I’m not arguing it’s ok to use personal email for government business. I’m saying email can be secured.