In context: The UK's highly controversial Online Safety Bill, often referred to as the Snoopers' Charter, which many warn could have a global impact on encryption standards, is in the final stages of being passed into law. The Electronic Frontier Foundation (EFF) has posted a warning that if it passes, the bill will be a huge step backward for global privacy.
The Online Safety Bill is now in the last stages before passage in the UK's House of Lords. It has been around for over four years now and is finally edging closer to becoming law.
The bill contains many controversial elements, including web content moderation and allowing detailed reports of individuals' online activity to be sent to the government. But it's the section on encryption that is causing the greatest outcry, not only in the UK but globally.
The bill asks tech companies to use "accredited technology" to identify child sexual abuse or terrorist content "whether communicated publicly or privately." Since companies that use encrypted end-to-end messages can't see these contents themselves, the only solution would be to compromise them – and users' privacy.
The UK government says it needs to be able to scan encrypted messages to identify serious crimes. But companies that use them, including WhatsApp, Apple, and Signal, say it could break end-to-end encryption, "opening the door to routine, general and indiscriminate surveillance of personal messages of friends, family members, employees, executives, journalists, human rights activists and even politicians themselves."
WhatsApp chief Will Cathcart said there is no way to change encryption in just one part of the world. "The reality is, our users all around the world want security. Ninety-eight percent of our users are outside the UK. They do not want us to lower the security of the product, and just as a straightforward matter, it would be an odd choice for us to choose to lower the security of the product in a way that would affect those 98% of users," he explained.
The UK government insists that it will be able to scan encrypted messages while maintaining user privacy and that the bill does not represent a weakening of encryption - claims that the EFF says is a case of denying reality.
The organization adds that end-to-end encryption was not fully considered and voted on during either committee or report stage in the House of Lords. The Lords could still add an amendment to specify that end-to-end encryption can't be weakened or removed, but that seems unlikely to happen.
WhatsApp and Signal have both warned they could pull their services from the UK if the bill passes in its current form. There are also warnings that its introduction could age-gate Wikipedia, forcing the platform to shut down in the country.
It's not just the Online Safety Bill causing concern among tech giants. The UK's Home Office wants to update its Investigatory Powers Act 2016 with changes that include giving the ministerial department the power to access encrypted content via a technology capability notice (TCN), a move that has seen Apple threaten to remove FaceTime and iMessage from the UK.