
UK government MPs are using Signal’s automatic deletion feature - snthd
https://www.private-eye.co.uk/issue-1522/news
======
dan-robertson
I’m in two minds about this. I think it’s pretty sleazy to be using signal to
evade record keeping requirements. I also think it’s important to have
transparency into things governments do.

But I also worry that such requirements can lead to worse results. Generally
in a well run organisation, you want people to be able to speak their mind and
disagree about things, but if the organisation makes a bad decision and those
disagreements are recorded, they will be used against them.

For an arbitrary example, look at the Boeing 737 max. There were some internal
emails claiming that the system which turned out not to be safe wasn’t safe
(the problem with these was probably that they didn’t seem to make their way
up to anyone who could change the decision), and probably the fallout from
them will be worse than if there were no such emails and Boeing just appeared
to not have considered the possibility of failure. This gives the message that
one shouldn’t have these discussions through email because that gives the
impression that known issues were ignored if they turn out to have mattered.
But no one asked about the cases where people had raised concerns by email and
they were corrected by redesigning things or where concerns were raised but
deemed to not be significant and turned out not to be significant. It seems
better to me for people to be able to voice disagreements.

Another example is in healthcare: I suspect people get worse outcomes because
if anyone has a different (potentially better) opinion about how a patient may
be treated, they are incentivised not to voice it because any disagreement in
a hospitals records will make for a much stronger case in any litigation
against a hospital.

Perhaps the issue is that the media or public inquiries (or maybe courts or
juries) will look at any such record as a sign of negligence rather than an
ordinary thing which happens all the time in cases that go wrong and right.

But maybe signal is really being used for political scheming and some public
business overflows onto signal unintentionally.

~~~
Jestar342
> For an arbitrary example, look at the Boeing 737 max. There were some
> internal emails claiming that the system which turned out not to be safe
> wasn’t safe (the problem with these was probably that they didn’t seem to
> make their way up to anyone who could change the decision), and probably the
> fallout from them will be worse than if there were no such emails and Boeing
> just appeared to not have considered the possibility of failure. This gives
> the message that one shouldn’t have these discussions through email because
> that gives the impression that known issues were ignored if they turn out to
> have mattered. But no one asked about the cases where people had raised
> concerns by email and they were corrected by redesigning things or where
> concerns were raised but deemed to not be significant and turned out not to
> be significant. It seems better to me for people to be able to voice
> disagreements.

I'm sorry, but what?! The fallout of the 737 max debacle is that the senior
people didn't listen when the engineers raised concerns about safety. This is
a solid example of why comms _should_ be recorded, and wholly _not_ the
example of why they should not.

~~~
waterhouse
"Should" for us, yes. But consider the perspective of the company—and
specifically its lawyers; their takeaway may be "This stuff being in writing
made things worse in court, therefore we'll instruct our employees not to put
this stuff in writing."

Though I would guess that having an explicit policy of "don't write down any
safety concerns" would do badly in court as well. I suspect any real such
policy would have to be unwritten, or a not-very-explicit side effect of
something that seemed relatively benign.

~~~
lotsofpulp
That’s already known. It’s why mingling at golf clubs and galas and charity
events is important and why clustering in cities is useful. Generally, you can
trust conversations you have in person to not be recorded and maintain
plausible deniability.

~~~
el_nino
Many companies and worse, public institutions around the world are moving to
solidify the destruction of evidence with data retention policies. They may
automatically delete any email older than 1 or 2 years, every instant message
sent via corporate channels in 30 days, etc. as a "disk-space saving measure".
Including backups! Anyone can see through that explanation since any CIO
claiming cost savings come from the few tens of GB of archived Office
Communicator chats should be politely invited behind the barn for a dramatic
reenactment of an age old saying.

Scandals like Boeing's and others that shook trust in public institutions,
most of which are required by law to make any such material available to
citizens, just convinced them that proactive destruction of evidence is the
way to go. This is not punishable by law. And when the requests for data do
come in all the have to do is delay the process until the totally legitimate
automatic policy kicks in and removes the last shred of evidence.

At this point only whistle blowers diligently collecting all the data before
it's destroyed could still help in any way but this comes at great personal
risk. And when tools like Signal are involved good luck with that, one would
have to be part of every conversation.

------
tomhoward
Some points to consider:

\- From the article: “Starting in late 2004, before the FOIA came into force
in early 2005, Downing Street implemented an automatic 90-day deletion of
emails aside from those specifically selected by civil servants as relevant
for storage in the National Archives”

\- Since the invention of the telephone, it's never been an expectation that
transcripts of telephone calls between MPs or officials should be recorded and
made available under FOI.

\- Indeed, it's never been an expectation that private face-to-face
conversations between MPs/officials be recorded and made available under FOI.

\- At least according to FOI laws I'm vaguely familiar with (in Australia), an
FOI request can only be made for an item of information that is known to
exist. People can't go on "fishing expeditions" for, say, all communications
between nominated people over a nominated period of time. Thus, if UK FOI is
similarly constrained, it's usually going to be unlikely a private messaging
app conversation could be sought under FOI anyway.

All that considered, I don't think this is that big a deal.

~~~
pwc
> At least according to FOI laws I'm vaguely familiar with (in Australia), an
> FOI request can only be made for an item of information that is known to
> exist. People can't go on "fishing expeditions" for, say, all communications
> between nominated people over a nominated period of time.

Interestingly I don't think this is 100% true - under (for example) the
federal FOI Act I think a request framed as asking for "email sent on
government systems between Alice and Bob in the last six months" would be
facially valid, if Alice and Bob were civil servants (although of course
exemptions may apply to individual emails).

Here's an (Australian) FOI request that is similar in spirit to your example:

[https://www.righttoknow.org.au/request/philip_gaetjens_the_l...](https://www.righttoknow.org.au/request/philip_gaetjens_the_liberal_part)

which asks for "any emails contained in all of Philip Gaetjens’ outlook items
(including deleted items) that contain any of the following terms (in the body
of an email and/or in the addressee fields of an email): “liberal.org.au” or
“ipa.org.au”", and the department deemed that a valid request. (Philip
Gaetjens is a senior civil servant, the Liberals are a political party and the
IPA is a right-leaning think tank; it's reasonable to infer that the fishing
here is for evidence of a link between the civil service and a particular side
of politics.)

~~~
tomhoward
Thanks for expanding on that (I avoided digging into it for brevity and as I
was time-constrained).

That aligns with my understanding, that there must be an explicit piece of
information you’re looking for or occurrence you’re looking for evidence of,
rather than just seeking to dragnet-fish all correspondence to see what’s
there.

Anyway, it makes sense to me that messenger app conversations are considered
ephemeral like phonecalls and can just naturally disappear, whereas more
formal material like meeting minutes, official written correspondence,
contracts and public service documents are kept on record and made subject to
FOI.

------
cheschire
I had a buddy a couple years ago who was a low level FOIA officer in the U.S.
military. He was telling me that shortly after the Clinton email scandal there
was a policy pushed on all his branch's computers that forced encryption to be
turned on for all users.

What that resulted in was basically a complete shutdown of email discovery for
fulfilling FOIA requests. You go into Outlook, do a search, and if it's not in
the subject line of the email then it's simply not found.

He told the story as if it was a conspiracy against FOIA, but based on my
experience of dealing with bureaucracies, it was more likely just coincidence.

Never attribute to malice what could be explained with incompetence.

~~~
clort
Incompetence is what leads to doing nothing and scandals continuing to happen
because people have access to information that exposes hypocrisy and
wrongdoing that offends them. As this was a reaction to a scandal I'm going to
say your buddy was on track, it was done intentionally in order to frustrate
future discovery. (Not solely a conspiracy against FOIA particularly but that
is one method used to reveal information)

~~~
cheschire
It was done near a scandal, but not necessarily in reaction to one.
Correlation is not causation.

~~~
JoeAltmaier
Does anything, anything happen in politics that isn't in reaction to a
causation?

~~~
cheschire
Newton's third law confirms that yes, everything in politics occurs in
reaction to some other causation.

However correlating two items together based on timestamp alone is not enough
to validate causation.

------
afandian
For those unfamiliar, Private Eve is an excellent magazine with a long
history. It takes a humourous but serious investgative look at UK politics,
business etc looking at eg corruption and double standards. With cartoons and
iconic front page puns.

And for the large part it avoided the pitfalls of moving online. Current
issue: [https://www.private-eye.co.uk/current-issue](https://www.private-
eye.co.uk/current-issue)

~~~
noir_lord
So good in fact that the managing editor is usually the most sued person in
the UK.

Ian Hislop is a national treasure and his evidence to the select committee on
press intrusion was both erudite and hilarious.

~~~
mabbo
His TV panel show, "Have I Got News For You" is also wonderful. Just
comedians, discussing and making jokes about the news, for something like 25
years now. And most of it is on YouTube.

~~~
iso947
Angus Dayton used to host that show

He couldn’t keep it in his pants, so was ridiculed by the guests (including
Hislop)

That led to him resigning

Which led to Boris Johnson hosting a few episodes

A charismatic buffoon, that catapulted him to wider attention

He was then selected for London mayor

During the 2012 Olympics he was pushed further into the world’s eye

That led to him being a key role one way or another in brexit. He flipped a
coin and backed Leave.

That backing tipped the scales and road to leave

That eventually led to him becoming PM, after a lucky backstabbing by Gove in
2017, meaning he managed to get a large majority in 2019

It’s an interesting example of the butterfly effect.

~~~
timthorn
I think it was Dayton's drug use that caused the initial situation.

~~~
iso947
Possibly, such a long time ago.

The tactics that won brexit with vote leave were used later to elect trump.

It amuses me to think how the world can change from tiny changes

------
mellosouls
Tangentially, the UK government digital service (and made available to the
wider civil service) uses the free tier version of Slack which retains but
disallows access to historic messages.

FOI in this case (in lieu of anybody coughing up the licences) relies on
regular manual exports and their secure archiving.

This isn't afaik an attempt to avoid accountability (in fact it's the
opposite), just a good faith use of free software to enable cross department
communication in the absence of a service from a high level mandated corporate
partner.

[https://www.computerweekly.com/news/450423927/ICO-
highlights...](https://www.computerweekly.com/news/450423927/ICO-highlights-
challenge-cloud-based-comms-tools-pose-to-public-sector-FOI-request-
compliance)

~~~
kees99
> Slack [...] just a good faith use of free software [...]

Since when is Slack free software?

~~~
ThePowerOfFuet
It sounds like you are conflating free software and Free software.

~~~
kees99
I don't think capitalization matters:

[https://en.wikipedia.org/wiki/Free_software](https://en.wikipedia.org/wiki/Free_software)

In addition to not being free, Slack is also not software. It's a service.

Sure, there's some software involved in making that service tick (mostly
proprietary), as well as some limited gratis access ("free tier") being
offered, but that doesn't magically transform that service into "free
software".

~~~
mellosouls
Which I clearly referred to with "free tier version of Slack". What's the
complaint here?

Update: you've edited the parent since I responded to it. Your original
comment was something like "it's not free, part of it is free"

Still no idea what you're moaning about tho...

~~~
kees99
> "it's not free, part of it is free"

That's news to me. Which part of Slack do you consider to be free software? Is
that the part you think GDS is using?

~~~
mellosouls
See my original comment.

------
billme
For those not following the topic, among others, the UK, EU, US - all
officially endorsed the use of Signal for official government use.

~~~
BiteCode_dev
Do you have a link for that? I often get ask questions about secure messaging,
and I always have a hard time giving anything better than "it depends".

~~~
billme
——————————

UK example reference:
[https://www.theregister.co.uk/2019/12/20/uk_conservatives_br...](https://www.theregister.co.uk/2019/12/20/uk_conservatives_brexit_from_whatsapp_to_signal/)

——————————

EU example reference: [https://www.theverge.com/2020/2/24/21150918/european-
commiss...](https://www.theverge.com/2020/2/24/21150918/european-commission-
signal-encrypted-messaging)

——————————

US example drafted by NSA:
[https://media.defense.gov/2020/Apr/24/2002288652/-1/-1/0/CSI...](https://media.defense.gov/2020/Apr/24/2002288652/-1/-1/0/CSI-
SELECTING-AND-USING-COLLABORATION-SERVICES-SECURELY-LONG-FINAL.PDF)

* Note this document is for public release. If you dig around you will find references to deploy US Special Forces even using Signal for official communications within combat zones.

——————————

~~~
pbhjpbhj
>US Special Forces even using Signal for official communications within combat
zones //

Do they have some other systems for using Signal on, they can't use it on
regular mobile phones without being tracked by base-stations, surely?

------
LatteLazy
While voting to ban normal people from using any form of encryption in any
form...

------
laumars
It’s “funny” how the U.K. government endorse signal for covering their tracks
but want backdoors put in because other people can’t be trusted.

Furthermore, it should be illegal for governments to use self-destructing
messages.

~~~
fit2rule
Government secrecy should be absolutely restricted by the general public - it
is the beginning of all corruption of government. The UK headed down the wrong
path towards totalitarian class-ist society when it decided the common people
shouldn't know their own governments' secrets.

------
sailfast
> if the records have already been deleted, or indeed are automatically
> deleted after the request is made, no crime is committed

This isn’t true under US law. No matter where you conduct your work, if you
destroy a record without capturing it as required by your records schedule,
you have violated the law, whether there is a FOIA request or not. It is your
responsibility to migrate record material to an appropriate location.

If you conduct official business on any of these platforms with auto-destruct
that seems suspect to me and cause for some sort of censure, just like a stock
trading floor doing this would be in breach of regulation.

------
pjc50
Oddly, all the internal party shenanigans seem to be done over Whatsapp still
- but the main threat there is leaking from the recipients.

And this particular government seems particularly untrustworthy at a
particularly difficult time.

------
tarkin2
I can’t help but laugh a sad laugh. I oppose government monitoring and support
transparency. And I support Signal to avoid monitoring and now it’s used to
remove transparency.

I can’t get my friends to install Signal because they say they have nothing to
hide from their government and now the same government is using Signal to hide
from my friends.

Moxie should add it to the advertising blurb:” We’re so secure the British
government use Signal to hide from its citizens.”

~~~
vondro
Re: trying to get friends to install Signal Been there, but <rant>it got even
harder as Signal makes it mandatory to set a PIN now which cannot be skipped,
all because of future 'cloud backup' feature. It kinda stinks to me, as Signal
bragged about not keeping almost any metadata, and now they want to keep
backups. Whats worse, it seems there is no opt-out.<rant/>

Makes it hard to recommend Signal now.

As a Signal user, what do you think about Signal's recent development?

~~~
tarkin2
I’ve not followed them too much but trust Moxie since his previous decision
were good.

I think Signal is trying to gain more mainstream adoption and it will need
backups for that. The pin is annoying but if it gives the app secure backups
then I guess it’s a good idea. Although I agree having an opt-out would be
good (but I expect most people want backups)

------
crtasm
Please change the title here, the article posits that MPs _may_ be using
disappearing messages, but does not make any claims they are doing so.

------
TazeTSchnitzel
How different is this from previous use of phone calls? I guess they can have
many participants and stretch over much longer periods of time.

------
bencollier49
I think they ought to legislate this into normality. The alternative is to
make it mandatory to note all conversations with colleagues for the public
record, however trivial, which is obviously absurd. An IM conversation _is_ a
personal conversation, treating it any other way will stifle the effective
function of government.

~~~
Sevaris
It's not a personal conversation if you're working for the government and
talking about topics that pertain to government functions. You have no right
to privacy in the same way that your average citizen (should) be when your
decisions affect the lives of millions. There needs to be a paper trail or
power becomes even more opaque than it already is and all accountability goes
out the window. There can be no democracy if your government can hide
everything they do. The records don't necessarily need to always be public,
but they do need to be stored so FOI requests can be served when necessary.

~~~
iguy
We don't only want accountability, we also want good decisions, and good
advice, even on delicate topics. IMO this is quite a difficult topic.

Suppose you are concerned that some variants of a policy you're thinking about
may be legal or illegal. There is a pretty large gray area. You could corner
the relevant legal mind after lunch, and ask his opinion. Then there is no
recording, only your memory.

Or you could email him, and get a more considered opinion. This is likely to
lead to better policies. But perhaps some of the options you're considering
are a bit controversial, and stating bluntly what you really mean (and what
you are concerned about) is risky if your email may be subject to a FOI
request. So perhaps you re-write it very carefully avoiding the worst options,
or perhaps you run it past the PR people before emailing, or perhaps you give
up and ask in the pub instead. These all seem like worse outcomes, and ones we
should be careful not to encourage.

~~~
Sevaris
I'm sorry, but if you require the deletion of what you said to protect
yourself from the people, then you shouldn't be in a position of power.

> and stating bluntly what you really mean (and what you are concerned about)

In the end, people aren't judged for this. They're judged for the actions that
they take, and then communications like this are used for context. If your
decision is so bad that they had to make a FOI request to find out how
spurious your reasoning was, then I don't see why you should have the
protection of having no paper trail. That's insanity.

~~~
goatinaboat
_I 'm sorry, but if you require the deletion of what you said to protect
yourself from the people, then you shouldn't be in a position of power._

In reality if a politician makes a genuine error or prediction that turns out
to be wrong he will face demands that he resigns for deliberately misleading
the public. The media have created this toxic environment where normal debate
and discourse is impossible

------
subsubsub
Isn't this better than them using whatsapp and having everything they write
read by a foreign government?

At least someone has some technical knowledge. Was a bit worried about them
after their zoom screenshot debacle.

------
truculent
It’s okay, the leopards would never eat _my_ face

------
emilfihlman
Forcefully deleting stuff from my device is super annoying and I'll fight that
to the bitter end.

~~~
zajio1am
Yes, software that forcefully deletes received messages from recipient device
is software acting against intent and will of its user (recipient). We have
one word for such software - malware.

