In the letter, the companies explain that the principles laid out by the GCHQ "are an important step in the right direction," but contend that a ghost protocol wold "violate important human rights principles," as well as others outlined by the organization.
"Although the GCHQ officials clam that 'you don't even have to touch the encryption' to implement their plan, the 'ghost' proposal would pose serious threats to cybersecurity and thereby also threaten fundamental human rights, including privacy and free expression," the letter states.
The letter also points out that the ghost proposal would undermine authentication systems, which in turn would create digital security risks and potentially introduce unintentional vulnerabilities.
"Importantly, it would also undermine the GCHQ principles on user trust and transparency set forth in the piece," the letter states.
"It’s relatively easy for a service provider to silently add a law enforcement participant to a group chat or call. The service provider usually controls the identity system and so really decides who’s who and which devices are involved—they’re usually involved in introducing the parties to a chat or call," National Cyber Security Center's (NCSC) Ian Levy said. "You end up with everything still being end-to-end encrypted, but there’s an extra ‘end’ on this particular communication."
Now Apple and others are at odds over encryption once again, this time in the UK. The letter concludes by urging that the GCHQ to abandon the ghost proposal, and "avoid any alternate approaches that would similarly threaten digital security and human rights."