In an attempt to crack down on illegal content and minimise the likelihood that users will encounter harmful or age-inappropriate online posts, the UK Parliament drafted a piece of legislation called the Online Safety Bill (OSB). Unfortunately, what once started as a bill to protect people from violent or dangerous content on the internet has now turned into a ‘catchallfor UK internet regulation’ that has the potential to be altered if there is a change in government.
Encryption elimiNATION
The OSB has become a catchall for issues like age verification, content moderation, and more, and there is one element of this legislation that cannot be ignored: encryption. The current bill includes a provision that mentions ‘routine monitoring’ of users’ private communications, and in order for that monitoring to take place, technology companies would be forced to build intentional vulnerabilities in the software known as backdoors, shattering the protections encryption offers.
Breaking end-to-end encryption, even for ‘good’ actors to monitor harmful content, creates access for bad actors such as cybercriminals and oppressive regimes. Without solid end-to-end encryption, users may become victims of cybercrimes, identity theft, harassment, stalking, and even persecution. These dangers were highlighted in a recent letter to the UK Parliament signed by nearly 70 IT security and privacy academics. The letter’s key concern centered around the idea that ‘giving the State the technological means to access every private message and image implies that any actor with access to the relevant monitoring facilities will have the same access’, and went on the note that ‘such compromises are not merely an abstract possibility but eventualities to prepare for when keeping in mind recent high-profile security breaches at the national security level.’
Unfortunately, the OSB has already passed through the House of Commons and is in its report state in the House of Lords. This is a time for amendments to be taken up, and security experts who have weighed in are hopeful their concerns will be amongst changes in the House of Lords amendment process. After that, the bill will be returned to the House of Commons so that any changes in the previous amendment process can be considered. Should the bill pass this year, the Office of Communications (Ofcom) will still need to determine what services should follow the strictest rules and develop codes of practice for platforms, a process Ofcom says could take months.
In conclusion
Mandating government-sanctioned software in personal messaging platforms sets a concerning precedent that could have far-reaching implications outside of the UK. As a global organisation with member companies located all over the world, we’re well aware of the fact that the encryption provisions in the UK’s OSB would have harmful consequences not only to our UK members but our global member companies as well. While it may seem that bad legislation ends in the country it’s implemented in, the global app economy is borderless and will feel the impact one way or another. We hope to see the UK Parliament consider the massive harms that repealing end-to-end encryption would have on the economy and work to protect users online while upholding safety provisions like encryption.