The UK is preparing for a showdown with “bespoke” phones – at least if the country’s Home Office has its way.
The intent behind the idea is to criminalize both the sale and possession of encrypted phones that are used for criminal purposes. But observers are not yet able to understand what would even qualify as a “bespoke” phone.
“Overbroad and poorly defined” – that’s how civil rights advocates are already branding this proposal and no surprise there. At this point, it’s almost an unofficial requirement that potentially freedom-limiting rules would be worded in this manner.
And unless it gets better and more narrowly defined, the (un)intended consequence of some future legislation stemming from the proposal could be the outlawing of “bespoke encrypted phones” spilling over into the legal domain of encrypted, i.e., secure communication.
Once again, the proposed measures are justified as necessary to help law enforcement fight against serious and organized crime, but those wary of similar efforts of governments around the world fear it could be an attempt at yet another battle in the broad and sustained “war on encryption.”
Home Secretary Suella Braverman has stated in the invitation to the consultation open to the public, which will last until March 21, that there are two proposals for possible future laws and that the goal is to help law enforcement improve their response to crime.
The first proposal deals with several issues, “sophisticated encrypted communication devices used to facilitate organized crime” being one of them, along with vehicle concealment used to conceal and transport illicit goods, digital templates that can be used for 3D-printed firearm components; and pill presses used in the supply of illegal drugs.
The first category, concerning “sophisticated encrypted communication devices,” is designed in the proposal to target the modified and bespoke devices that enable access to various platforms.
And those who supply, modify, and possess “these bespoke devices,” will be targeted, the proposal further reads, promising that the provisions “will not apply to commercially available mobile phones nor the encrypted messaging apps available on them.”
That sounds reassuring, but Privacy International’s senior legal officer and assistant general counsel, Ioannis Kouvakas, was cautious in his comments shared with Motherboard.
Noting that this last provision is in the proposal “at the moment,” Kouvakas added that, “it is difficult to see how it (the proposal) will not result in targeting devices used on a daily by human rights defenders, protesters and pretty much all of us who want to keep our data secure.”