Illustration: The Verge
A number of encrypted messaging apps including WhatsApp and Signal have banded together to oppose a proposed UK law they say could undermine end-to-end encryption. Leaders from each company have signed an open letter asking the UK government to “urgently rethink” sections of its Online Safety Bill to ensure it aligns with “the Government’s stated intention to protect end-to-end encryption and respect the human right to privacy.”
The UK’s Online Safety Bill is a new set of laws intended to protect children and adults online by holding social media companies accountable for users’ safety. The bill has been widely criticized for its potential to allow the UK government and its communications regulator OFCOM (Office of Communications) to abuse their new power when moderating online platforms. One clause requires companies offering end-to-end encrypted messaging services to scan users’ messages for child sex abuse material, something critics argue would compromise encryption and user privacy.
Our position remains clear. We will not back down on providing private, safe communications. Today, we join with other encrypted messengers pushing back on the UK’s flawed Online Safety Bill. pic.twitter.com/MwGBgcvgjk
— Signal (@signalapp) April 18, 2023
“The Bill provides no explicit protection for encryption, and if implemented as written, could empower OFCOM to try to force the proactive scanning of private messages on end-to-end encrypted communication services — nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users,” reads the open letter. The United Nations has similarly warned that the bill’s requirements represent “a paradigm shift that raises a host of serious problems with potentially dire consequences”.
“We support strong encryption, but this cannot come at the cost of public safety,” said a government official (seen via BBC News) in response to the criticisms. “Tech companies have a moral duty to ensure they are not blinding themselves and law enforcement to the unprecedented levels of child sexual abuse on their platforms. The Online Safety Bill in no way represents a ban on end-to-end encryption, nor will it require services to weaken encryption.”
WhatsApp, Signal, and Threema have said they would refuse to weaken their encryption standards if the Online Safety Bill is passed
Both WhatsApp and Signal have previously stated that they would cease operations in the UK rather than weaken their encryption standards under the Online Safety Bill if it is passed in its current state later this year. Swiss-based app Threema also informed BBC News that weakening its security “in any way, shape, or form” is “completely out of the question.”
The open letter has been signed by the leaders of WhatsApp, Signal, Threema, Element, Wire, Session, and Viber — all services that provide end-to-end encryption technology to their users. Closing its appeal, the letter reads that “Global providers of end-to-end encrypted products and services cannot weaken the security of their products and services to suit individual governments. There cannot be a ‘British internet,’ or a version of end-to-end encryption that is specific to the UK.”