Ministers are trying to prevent a threatened exodus of messaging apps from the UK by ensuring tech companies can’t be forced to scan encrypted texts indiscriminately for illegal content.
WhatsApp and Signal are threatening to quit the UK over a provision in the online safety bill that allows Ofcom to order a messaging service to use “accredited technology” to find and remove abusive material sexually of the child.
Companies and privacy advocates argue that the clause is a threat to end-to-end encryption, a technology that means only the sender and receiver of a message can see it.
The arts and heritage minister, Stephen Parkinson, said Ofcom could only intervene if scanning content was “technically feasible” and if the process met minimum standards of privacy and accuracy.
Outlining a series of assessments the watchdog must make before ordering tech firms to take action on Wednesday, Lord Parkinson said: “A notice can only be issued where it is technically feasible and where the technology is -accredited to meet minimum standards of accuracy in identifying only one child sexual, abuse and exploitation content.”
Referring to the controversial clause, he told the House of Lords: “If the appropriate technology does not meet the requirements, Ofcom cannot use clause 122 to require its use.”
Signal’s president, Meredith Whittaker, said the statement was a “victory” and represented “important clarity”. Writing on X, the platform formerly known as Twitter, he posted: “I hope this opens the door for changes to the text of the bill in the final stages.”
However, the government has not changed the wording of the bill, which still gives Ofcom the power to issue an accredited technology notice. A government spokesman said: “Our position on this matter has not changed”.
Will Cathcart, the head of WhatsApp, which is owned by Mark Zuckerberg’s Meta, said on Wednesday that scanning messages destroys privacy and that the app remains “vigilant” against any threats to destroy the encryption.
The fact remains that scanning everyone’s messages destroys privacy as we know it. That was as true last year as it is today. @WhatsApp never break our encryption and remain vigilant against threats to do so. https://t.co/iHsBOhkp8r
— Will Cathcart (@wcathcart) September 6, 2023
Martin Albrecht, a professor of cybersecurity at King’s College London and a critic of the contested clause, said it was difficult to see how the message scanning technology would be viable in terms of accurately identifying the material. to abuse or protect privacy.
after the newsletter promotion
“I am happy to see that the government has accepted the scientific consensus that the technology is not available to scan encrypted messages without violating the privacy of users. However, it is not clear what test the government plans to use to decide whether the technology is viable in the future,” he said.
The NSPCC, the child’s protection charity, said the statement did not change the bill.
Richard Collard, the NSPCC’s head of online child safety policy, said: “This statement reinforces how online safety legislation sets out a balanced approach that should encourage companies to mitigate risk of child sexual abuse when designing and launching features such as end-to-end encryption. This does not change the requirements of the legislation.”
A spokesman for the campaign organization Index on Censorship said: “The online safety bill as currently drafted is still a threat to encryption and thus puts at risk everyone from journalists working with whistleblowers to of ordinary citizens speaking in private. We need to see changes quickly to protect our right to free speech online.”
