(LifeSiteNews) — A slew of popular smartphone messaging app providers are threatening to remove their services from the U.K. market as the government proceeds with a controversial internet “safety” bill which they say would permit the government to scan the content of messages sent through their encrypted services.
Under the banner of tackling online child pornography distribution, the bill, which is set to become law in September, allows for the provision of “backdoors” in all encrypted messaging services, granting the government an access point to private messages and thus compromising the security of end-to-end encryption.
Apple, which provides encrypted iMessages and FaceTime calls, and messaging app Signal have both said the law would see them remove these services from the U.K. market rather than compromise the security and privacy of their worldwide users. As ComputerWorld reported on June 28:
Apple is not alone. More than 80 civil society organizations, academics, and experts from 23 nations have warned against the U.K. government’s decision, which would turn the U.K. into the first democracy to require routine surveillance of people’s private chats.
Yet the move, which the U.K. government maintains is undertaken to protect children, is likely to undermine the safety and security of the internet worldwide – according to a global coalition of experts who have heavily criticized the bill.
Invasive surveillance measures
The Online Safety Bill proposes to force messaging services such as WhatsApp, Signal, and iMessage to scan user messages before they are sent. These services are all currently encrypted, meaning that the messages sent cannot be deciphered and read by third parties.
The reason given for the permanent removal of digital privacy is to combat child pornography. Yet even this is unrealistic, according to European agencies tasked with its online detection.
With this authoritarian proposal, the U.K. joins several E.U. countries in a concerted attack on the safety and integrity of everyone’s private communications.
The E.U. version of this law would mandate the dangerous scanning of people’s private messages without due cause.
But across Europe, several police departments specialized in child protection, public prosecutors, and survivors’ groups have pointed out that these measures would be ineffective at tackling the problem of online abuse.
So said Ella Jakubowska, Senior Policy Advisor at EDRi (European Digital Rights), an organization defending online rights and freedoms in the E.U. On July 12 the group issued a statement condemning a similar law being discussed in the European Union:
An open letter from more than 300 scientists around the world was sent to E.U. lawmakers on 4 July, 2023.
The letter warned decision-makers against the proposed CSA regulation, citing harmful side-effects of large-scale scanning of online communications which would have a chilling effect on society and negatively affect democracies.
For E.U. lawmakers to proceed with this dangerous law despite such warnings will show a complete disregard for scientific evidence.
The evidence cited here is that weakening digital encryption to allow for mass surveillance will make everything on the internet less secure. Secondly, the creation of “backdoor” access will lead to non-government actors such as criminals creating “exploits” to access them, meaning the back door will be open to anyone with the time and skills to unlock it.
According to an open letter signed by the heads of several messaging apps, including Signal and WhatsApp, the success of the bill poses “an unprecedented threat to the privacy, safety and security of every U.K. citizen and the people with whom they communicate around the world.”
No secret ‘backdoors’
Apple claims it has never built in a secret access system for law enforcement and government agencies. Known as “backdoors,” these bypass systems which keep user data encrypted and anonymous.
To do so would endanger the security of the whole Apple platform, says the tech giant. How does it know this?
The firm piloted a scheme to monitor “CSAM” – Child Sexual Abuse Materials – and the technology was found by researchers at Imperial College, London, to allow simple adjustments leading it to fail 99 percent of the time.
The full report, published by Cornell University here, shows that:
- the image scanning technology does not work,
- the technology abolishes privacy.
What is more, tech community experts have labeled the notion that privacy can in any way be compatible with the measures as “magical thinking.”
A legacy of digital security failures
The situation presented by the U.K. and E.U. laws has been foreshadowed by a similar approach undertaken by former British Prime Minister Tony Blair. As a world leading British cryptography expert explains, in the mid 1990s, Blair’s Labor government refused export licenses to companies which refused to use weak encryption keys.
This, according to Cambridge University’s Ross Anderson, meant that Blair’s government was mandating weak security measures in order to monitor communications content. It was a move which had a negative impact on every digital security system in use at the time.
Anderson explains in the following presentation, delivered in 2017:
The resulting scandal – which involved a proposal to leave the National Health Service archives of patient data unencrypted – led to the criticism of the “magical thinking” of the Blair government, whose claims to protect privacy were irreconcilable with the steps they were taking to destroy it.
In a June 26 statement to the Open Rights Group, a U.K.-based digital rights campaigning organization, Anderson recalled Blair’s legacy and the parallels in these recent measures.
This revives the magical thinking of the Blair government during the first Crypto War, in the late 1990s and early 2000s, which limited the strength of commercial cryptography…
That has had devastating effects on security, leading to buildings that are easy to burgle, cars that are easy to steal, and government communications that are easy for our enemies to intercept.
A dangerous precedent
As Open Rights Group policy manager Dr. Monica Horten says, the implementation of this law provides the world with a dangerous example. “Where the U.K. leads, others will follow.” She says, warning that the measures will be welcomed by repressive regimes:
The signatories to this letter are worried that these measures will embolden hostile and abusive regimes who will be only too pleased to use the U.K. as an excuse to monitor the private messages of their citizens. It puts at risk global security as well as placing a stain on our international reputation.
The idea that there can be privacy for the good and none for the bad is the dangerous nonsense which inspires the abolition of digital freedom from surveillance.
The ORG’s open letter, which contains a petition from over 80 experts from 23 countries protesting the measures, warns that the argument for the laws is naive at best, and that it will have a worldwide impact.
It is not possible to scan in a way that only gets the ‘bad guys’ and leaves everyone else untouched.
This law would adversely affect not only the 40 million users in the U.K., but the two billion people around the world who rely on secure messaging services.
The U.K. bill is set have its third and final reading on September 6, 2023, following which it is expected to become law.
The similar measures proposed by the E.U. have been criticized by hundreds of encryption experts and academics from over 30 nations worldwide.
We therefore strongly warn against pursuing these or similar measures as their success is not possible given current and foreseeable technology, while their potential for harm is substantial.
These laws, which mirror the breathtaking scope of the recent Irish “hate speech” measures, cannot be justified on the basis of cybersecurity and are ineffective in preventing the spread of child pornography. They will make the world less safe and will permanently remove privacy between any affected user and those they contact.
Once again, a fantasy narrative is attached to government measures, the result of which will be a predictable chaos, and the dramatic reduction of basic liberties.