Signal, WhatsApp, and other encrypted messaging services have called on the UK government to drop a proposal in the Online Safety Bill that would require them to undermine end-to-end encryption and allow the government access to messages.
“We support strong encryption,” a government official said, “but this cannot come at the cost of public safety.
“Tech companies have a moral duty to ensure they are not blinding themselves and law enforcement to the unprecedented levels of child sexual abuse on their platforms.
“The Online Safety Bill in no way represents a ban on end-to-end encryption, nor will it require services to weaken encryption.”
In an open letter, signed by executives at companies providing encrypted messaging services, the government was told: “Weakening encryption, undermining privacy and introducing the mass surveillance of people’s private communications is not the way forward.”
The letter was signed by executives at Element, WhatsApp, Signal, Threema, Viber, Wire, and the Oxen Privacy Tech Foundation and Session.
The executives said that, as is, the bill would result in “routine, general, and indiscriminate surveillance” of private messages. They noted that it would also risk “emboldening hostile governments who may seek to draft copycat laws.”
They added that while the UK government insists that solutions can be found to scan messages for child sexual abuse content without compromising encryption, “the truth is that is not possible.”
Element CEO Matthew Hodgson, speaking on the BBC Today show, said the proposal is a “spectacular violation of privacy… equivalent to putting a CCTV camera in everyone’s bedroom.”
WhatsApp, Signal, and Threema’s executives said they would rather stop offering their services in the UK than undermine encryption.
“Global providers of end-to-end encrypted products and services cannot weaken the security of their products and services to suit individual governments,” the letter says.
“There cannot be a ‘British internet’ or a version of end-to-end encryption that is specific to the UK.”
Responding to the letter, the Prime Minister’s official spokesperson said that the power of scanning encrypted messages would only be applied where “less intrusive measures” are not able to to reduce child abuse content.
Asked if the government was concerned that the proposal would open up messaging services to hacking, they said that the “requisite safeguards” would be applied to ensure encryption is not “weakened by default.”