Online Safety Bill insecure: international organisations, academics and cyber experts urge UK government to protect encrypted messaging
EDRi, Open Rights Group and over 80 civil society organisations, academics and cyber experts from 23 countries have written to the UK government to raise the alarm about proposed powers in the Online Safety Bill.
Over 80 civil society organisations, academics and cyber experts from 23 countries have written to the UK government to raise the alarm about proposed powers in the Online Safety Bill. These powers would require the scanning of encrypted messaging apps, such as WhatsApp and Signal, posing a threat to chat services which people use every day to connect securely.
“With this authoritarian proposal, the UK joins several EU countries in a concerted attack on the safety and integrity of everyone’s private communications. The EU version of this law would mandate the dangerous scanning of people’s private messages without due cause. But across Europe, several police departments specialised in child protection, public prosecutors, and survivors’ groups have pointed out that these measures would be ineffective at tackling the problem of online abuse.”
The letter, co-ordinated by the UK-based digital rights organisation, Open Rights Group, and the pan-European network of over 47 organisations, European Digital Rights, notes that the UK could make chat platforms insecure for everyone. Privacy is an essential element for people’s security online, especially so for young people, activists, human rights defenders, lawyers, doctors and journalists.
Investigative journalists find it essential to use end-to-end encrypted messaging to be able to research powerful people in the governments or companies. For example, the team of the Organised Crime and Corruption Reporting Project (OCCRP) relies on safe, private communications to research Russian atrocities in the war with Ukraine.
The letter’s signatories also raise concerns that such measures would make people vulnerable to hacking and abuses of their private information without any control over who gets access to such sensitive data. This law would adversely affect not only the 40 million users in the UK but the two billion people around the world who rely on secure messaging services.
The powers in the Bill could mean that people relying on messaging services to work and connect in the UK would have to download technology to their phones, which would allow private messages to be scanned. Technology, known as client-side scanning, which has been heavily criticised , will turnchats into spaces that are dangerous for everyone’s privacy, security and free expression. The UK government asserts that client-side scanning will not compromise privacy, but evidence from cyber-security experts worldwide contradicts this view.
By introducing such intrusive measures, the UK government also risks damaging the country’s free market. Companies that respect the privacy of people using their services will be forced to leave the UK, moving away capital, resources and services.
The Prime Minister, Rishi Sunak, has said the UK will maintain peace, freedom and security around the world. The ability for people to communicate privately and securely is crucial to that objective.
The signatories to this letter call on the government to put people’s safety and uphold democratic values by dropping private messaging platforms from the scope of the Online Safety Bill.