Apple has joined WhatsApp, Signal, and other messaging companies, by raising concerns that end-to-end encryption would be threatened if the United Kingdom passes the “Online Safety Bill.” The bill moved to Parliament for review, and if passed, it would give the Office of Communications (Ofcom) the technology and authority to scan messages for concerning content.
The UK originally proposed the “Online Safety Bill” to criminalize content on social media platforms including Facebook, Instagram, and TikTok, that encouraged self-harm to users. However, after the initial stages of review, the bill’s parameters were broadened to focus on any and all illegal content as it relates to adult and child safety.
WhatsApp and other messaging sites accused the UK that the bill would effectively ban end-to-end encryption, and wrote an open letter in April, saying: “The bill provides no explicit protection for encryption.” It continues: “If implemented as written, could empower OFCOM [the Office of Communications] to try to force the proactive scanning of private messages on end-to-end encrypted communication services, nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users.”
WhatsApp has previously said it will not lower its security for any government, while Signal has said it refuses to eliminate end-to-end encryption and will stop providing services in the UK if the bill is passed. End-to-end encryption protects users from outside parties gaining access to the contents of their messages, but the UK government says the “Online Safety Bill” is necessary to expose and catch criminals.
“We support strong encryption but it cannot come at the expense of protecting the public,” a government spokesperson told The Guardian in December of last year. “End-to-end encryption cannot be allowed to hamper efforts to catch perpetrators of the most serious crimes.”
But as the bill nears potential approval, Apple is joining the ranks to oppose the bill and the problems it presents for users. “End-to-end encryption is a critical capability that protects the privacy of journalists, human rights activists, and diplomats,” Apple said in a statement to BBC News. “It also helps everyday citizens defend themselves from surveillance, identity theft, fraud, and data breaches. The Online Safety Bill poses a serious threat to this protection, and could put UK citizens at greater risk.”
If the bill is put in place, the government said it will use technology to gain access to encrypted messages to search for child abuse content, but tech experts claim the messages would need to be scanned before they’re sent by performing facial recognition without the user’s knowledge using client-side scanning. The technology was already developed by Apple who announced plans in 2021 to scan photos on iPhones for abusive content. The company withdrew its plans after receiving backlash from privacy advocates.
Dr. Yves-Alexandre de Montjoye, who works at the Imperial College London’s Department of Computing, and published a paper on Security and Privacy, told the Imperial College London News, “This Bill could result in the installation of software to check you don’t share images known to contain child sexual abuse material.”
He added, “But what our paper shows is that the software could be built or tweaked to include other hidden features such as scanning private content from the phones of hundreds of millions of people using facial recognition, the same technology used at airport gates.”
WhatsApp has previously said it will not lower its security for any government, while Signal has said it refuses to eliminate end-to-end encryption and will stop providing services in the UK if the bill is passed.