Encrypted Message Platforms Threaten to Pull Services From UK Over Online Safety Bill

Encrypted Message Platforms Threaten to Pull Services From UK Over Online Safety Bill
A 3D printed Whatsapp logo and keyboard buttons on a computer motherboard in an illustration taken on Jan. 21, 2021. Dado Ruvic/Illustration/Reuters
Patricia Devlin
Updated:

Seven of the world’s leading messaging apps have written a scathing open letter to the UK government over its proposed Online Safety Bill.

Bosses from firms including Signal and WhatsApp say the bill would lead to the mass surveillance of personal communications in what would become the “British internet.”

Urging ministers to “urgently rethink” the legislation, they said it “poses an unprecedented threat to the privacy, safety and security of every UK citizen and the people with whom they communicate around the world.”

If given the go-ahead in its current form, tech bosses said they would have no choice but to withdraw services from the UK in what experts said would set a “concerning global precedent” on encryption.

The Home Office has defended the plans, arguing that tech firms had a “moral duty” to ensure law enforcement agencies were not kept in the dark about “unprecedented levels of child sexual abuse on their platforms.”

The House of Lords will begin line-by-line scrutiny of the legislation in its committee stage on Wednesday.

The firms warned the legislation would give regulator Ofcom the power to try to force the release of private messages on end-to-end encrypted communication services.

The government has argued that Ofcom will only be able to make companies use technology to identify child sexual abuse material in “appropriate and limited circumstances.”

But the tech bosses said: “As currently drafted, the Bill could break end-to-end encryption, opening the door to routine, general and indiscriminate surveillance of personal messages of friends, family members, employees, executives, journalists, human rights activists and even politicians themselves, which would fundamentally undermine everyone’s ability to communicate securely.”

‘Sets Global Precedent’

Speaking to The Epoch Times on Tuesday, Matthew Lesh, director of policy at the Institute of Economic Affairs, described the tech letter as “a significant and important moment.”

“Once you cut encryption for one purpose encryption is pretty much over, you are creating a surveillance system that could be used for other purposes,” he said.

“Companies like WhatsApp who have massive international user base are quite simply incapable of complying with that command.”

Lesh said that threats from encrypted platforms about withdrawing apps from the UK if the issues around the bill are not resolved, should be taken seriously.

“There’s no way that they’re going to undermine their service for global users just in order to keep UK regulators happy—that sets a terrible global precedent.

“Even if the UK might be doing it for the best possible reasons, it sets very concerning precedents for private communications all over the world.

“And there’s many people in conflict zones, there’s social activists who rely on private communications.

“We don’t want to set a precedent that governments are happy to trample on that.”

Monica Horten, policy manager with Open Rights Group, also welcomed the move by messaging platforms.

“The spy clause appears to mean Ofcom-sanctioned mass surveillance of over 40 million British citizens’ private communications,” she told The Epoch Times.

“We urgently need clarification from the government as to its intentions.

“We urge peers to support Lord Clement-Jones’s amendment that would remove private messaging platforms from the ambit of these disproportionate measures.”

Horten said the proposals would affect messages sent through WhatsApp, Telegram, Signal, Facebook Messenger, and iMessage, and direct messages sent through platforms such as Snapchat, Facebook, Twitter, and Instagram.

She also said the government could force companies to install “government accredited” software on phones, which could scan private messages.

A teenage child looks at the screen of a mobile phone in London, on Jan. 17, 2023. (Leon Neal/Getty Images)
A teenage child looks at the screen of a mobile phone in London, on Jan. 17, 2023. Leon Neal/Getty Images

Child Abuse

Clare McGlynn, who has carried out extensive work into violence against women and girls, said the bill needed much more work.

“It’s so difficult because obviously, from a child protection angle, child sexual abuse is happening on these encrypted surfaces,” she told The Epoch Times.

“I totally understand that but on the other hand, I do actually understand that if we got rid of end-to-end encryption, it would be a serious problem particularly in many countries around the world in terms of emerging democracies and political protests.”

McGlynn said at present, there is no focus on the abuse of women and girls in the proposed legislation.

“Under the Online Safety Bill at the moment there’s no mention of women and girls in the whole 262 pages of the bill, so there’s more that can be done,” she said.

“It’s a real worry because the Online Safety Bill is such an opportunity to make a difference and to really reduce and prevent online abuse.

“And I guess at the moment in terms of violence against women and girls, we’re just not there yet.”

Asked what will happen if the bill goes through, co-founder and Chief Executive of messaging app Element, Matt Hodgson, told BBC Radio 4’s “Today” programme, “In Element we’ll almost certainly have to cease doing business in the UK because we cannot provide a secure messaging app.”

He said he could not speak on behalf of the other messaging providers but said it was “definitely” possible firms could just pull out of Britain.

“The problem is that the Online Safety Bill is going and putting this obligation for service providers such as Element or WhatsApp, Signal, or many others to go and scan for any kind of content that might be abusive and report it back to some kind of moderation team, so it is taking an encrypted messaging service and making it fundamentally unsecure and insecure, by going and obligating us to go and scan for content,” Hodgson said.

“The second that you put that scanning technology into the app, it opens an entire galaxy of possibility for attackers to use that scanning infrastructure.”

The tech boss likened the impact of the bill to “putting a CCTV camera into everybody’s house.”

“The UK wants its own special access into end-to-end encrypted systems,” he said.

“Bad actors don’t play by the rules. Rogue nation states, terrorists, and criminals will target that access with every resource they have.

“OSB [Online Safety Bill] is outright dangerous. It’s the cyber equivalent of Britain decommissioning its nuclear deterrent.”

A Whatsapp logo in an illustration on Aug. 22, 2022. (Dado Ruvic/Illustration/Reuters)
A Whatsapp logo in an illustration on Aug. 22, 2022. Dado Ruvic/Illustration/Reuters

‘British Internet’

The open letter, published on Tuesday, said that global providers of end-to-end encrypted products and services “cannot weaken the security of their products and services” to suit individual governments.

It added, “There cannot be a ‘British internet’ or a version of end-to-end encryption that is specific to the UK.”

In November, civil liberties groups warned that the Bill would undermine human rights in the UK if it went ahead.

In a letter to the U.N. special rapporteur on freedom of expression, the organisations, including Big Brother Watch, said the bill seriously threatens the rights to freedom of speech and privacy.

The civil liberties campaigners warned that the inclusion of these measures would result in the censorship of online speech which is “permitted in the offline world and are protected under international human rights law.”

The groups also argued that powers granted by the bill to the secretary of state could result in “political censorship.”

Responding to the encryption concerns on Tuesday, a Home Office spokesman said: “We support strong encryption, but this cannot come at the cost of public safety.

“Tech companies have a moral duty to ensure they are not blinding themselves and law enforcement to the unprecedented levels of child sexual abuse on their platforms.

“The Online Safety Bill in no way represents a ban on end-to-end encryption, nor will it require services to weaken encryption.”

Downing Street also defended the plan, with the prime minister’s official spokesman insisting “it will not introduce routine scanning of private communication.”

“It is being developed to ensure it has the requisite safeguards so it doesn’t weaken, by default, end-to-end encryption, it is a targeted power to be used only when necessary and when other measures cannot be used,” the spokesman said.

PA Media contributed to this report.
Patricia Devlin
Patricia Devlin
Author
Patricia is an award winning journalist based in Ireland. She specializes in investigations and giving victims of crime, abuse, and corruption a voice.
Related Topics