Advertisement

Secure messaging apps line up to warn UK's Online Safety Bill risks web security

Secure messaging apps are lining up to oppose measures in the U.K. government's Online Safety Bill (OSB) they argue will do the opposite of promoting online safety by undermining the robust encryption web users rely upon to safeguard their communications.

Meta-owned WhatsApp, the not-for-profit Signal Foundation behind the Signal app, and Element, which operates the decentalized Matrix protocol, along with end-to-end encrypted email providers like Proton (ProtonMail) are warning the draft legislation contains measure that risk the security of robust encryption -- a technology they say is vital to keep web users' comms safe.

Speaking to the BBC and the Guardian yesterday, WhatsApp's head, Will Cathcart, described the OSB as the most concerning piece of legislation in the Western world. He also suggested the platform will not comply with a U.K. legal requirement to weaken the level of encryption it offers its users -- and would instead prefer to be blocked by U.K. authorities.

The draft legislation, which has reached the committee stage of scrutiny in the House of Lords, puts a duty of care on digital services to protect users from a range of harms and contains powers for the U.K.'s internet regulator, Ofcom, to block noncompliant services in cases of serious infringement -- in addition to a regime of hefty fines (of up to 10% of global turnover); and even the threat of jail time for law-breaking senior execs under recently expanded criminal liability.

"There isn’t a way to change [WhatsApp] in just one part of the world," Cathcart told the newspaper. "Some countries have chosen to block it; that’s the reality of shipping a secure product. We’ve recently been blocked in Iran, for example. But we’ve never seen a liberal democracy do that.

"The reality is, our users all around the world want security. Ninety-eight percent of our users are outside the U.K. They do not want us to lower the security of the product, and just as a straightforward matter, it would be an odd choice for us to choose to lower the security of the product in a way that would affect those 98% of users.”

The Signal Foundation also sounded another klaxon over the legislation this week, with president Meredith Whittaker warning in a blog post that the platform will "stand firm against threats to private and safe communication" -- reiterating a message she gave to the BBC last month when she said the not-for-profit will "100%" walk away from the U.K. rather than weaken security and privacy for its users.

"As written, the provisions in the Online Safety Bill are poised to eviscerate privacy while opening new vectors for exploitation that threaten the safety and security of everyone in the U.K. As one of the first of its kind, it could also create a template that would certainly be copied by authoritarian governments. We oppose the Bill in its current form, and believe key provisions need to be fundamentally reconsidered," she wrote yesterday.

"When the Iranian government blocked Signal, we recognized that the people in Iran who needed privacy were not represented by the authoritarian state, and we worked with our community to set up proxies and other means to ensure that Iranians could access Signal. As in Iran, we will continue to do everything in our power to ensure that people in the U.K. have access to Signal and to private communications. But we will not undermine or compromise the privacy and safety promises we make to people in the U.K., and everywhere else in the world."

Also raising concerns in a blog post last month, Element, the U.K. startup behind the E2EE Matrix protocol for decentralized messaging, called for the government to rip the whole thing up and start again -- dubbing the current draft "an attack on encryption."

"What could have been a constructive piece of legislation has ended up as a bloated and overreaching proposal, drafted with little technical prowess. As it currently stands the bill weakens the U.K.’s digital security, threatens basic privacy, stymies the U.K. tech industry, and introduces the prospect of ever-creeping censorship and blanket surveillance," blogged co-founder Matthew Hodgson. "Instead of setting a principled example to the rest of the world, the OSB sees the U.K. proposing state surveillance and censorship. It’s far closer to the approach seen from regimes in Russia and China than anything in Europe or the U.S."

Discussing his concerns via email with TechCrunch today, Hodgson also warned that if the OSB is passed in its current form and not amended to fix the threats to encryption, Element would be forced to stop providing its services to U.K. users.

"We cannot add client-side surveillance/content-scanning to our apps, as it fundamentally undermines encryption and makes it enormously easier for bad actors to access encrypted content," he told us, emphasizing its red lines. "We cannot insert third party proprietary code in our apps, even if it’s special 'government accredited' code."

If the U.K. law ends up going to this dark place, he said Element would also have no choice but to be "forced to stop providing services to U.K. citizens" -- meaning it would likely remove its app from U.K. app stores, relocate U.K.-hosted public-facing servers to other countries and block U.K. IP addresses from being able to connect to those servers.

"If forced, we would switch our headquarters to a different country and close our U.K. legal entity (we already have U.S., French and German entities)," he also told us, warning: "This would fundamentally reduce privacy for law-abiding U.K. citizens (and catastrophically damage Element as one of the U.K.’s leading encrypted communication startups, in turn damaging Element’s paying customers, which include the U.K. Government)."

We reached out to the Department of Science, Innovation and Technology for a response to the messaging apps' concerns about the OSB's impact on E2EE but at the time of writing it had not sent one. We'll update this report if we get a response from the government.

Update:
A government spokesperson said:

“As a tech-neutral Bill, the Online Safety Bill does not ban or undermine end-to-end encryption. The Government fully supports users’ right to privacy, including through encryption. Platforms will rightly need to take proportionate measures to protect children from abuse and that includes private messaging services.

"Yesterday Technology Secretary Michelle Donelan met with Whatsapp to discuss this issue and we continue to work with the wider industry to develop innovative solutions that protect public safety and privacy."

The OSB is a sprawling, multiyear attempt by the U.K., helmed by a succession of Conservative prime ministers, to create rules aimed at tackling illegal (or otherwise harmful) content online. It touches on many aspects of digital activity in a bid to address a spectrum of risk and harms -- from terrorism and child sexual abuse material (CSAM), to hate speech, online sexual aggression and cyberbullying, and even scam ads (to name a few) -- including harms that may arise when web users communicate with each other.

Ministers have generally argued that legislation in this area is needed because major social media platforms have failed to uphold safety standards they claim to maintain in their own T&Cs, although the bill as drafted would apply to scores of digital services, not just social media giants.

Child protection has been the main motivation the government has claimed for why a law is needed to force web firms to clean up their act. However the bill goes further than setting out rules governing how in-scope services should go about moderating public conversations as it also puts requirements on user-to-user services to police private speech to ensure it does not contain terrorism or CSAM. And it's these provisions, especially, legal experts have warned threaten end-to-end encryption (E2EE).

Even if the bill does not explicitly demand that providers ditch E2EE the concern is the regime will force them to fatally weaken the level of security and privacy they provide their users in order to avoid the risk of major penalties.

Digital rights groups were early to sound the alarm about the bill's potential impact on encryption -- and their alarm has only grown as the bill has progressed through parliament. In a policy briefing put out last month, the Open Rights Group warned that what it called "a form of chat surveillance" is being slipped in through "a back door measure" in the legislation. Its paper went on to call for E2EE private messaging services to be put out of scope of the bill entirely.

The risk the bill poses to encryption looks to be two-fold: Either (1) a service provider may feel forced to remove (or indeed never implement) E2EE -- downgrading the level of security offered to users by retaining encryption keys so it can decrypt (and scan) content in order to comply with requirements placed on them by the legislation to check users' comms for illegal activity.

Or (2) an E2EE service may feel compelled (or indeed be ordered by Ofcom) to implement client-side scanning in order to comply with the law -- which would mean that the contents of users' messages would be scanned on their device prior to that data being encrypted.

In recent years, client-side scanning has been an area of interest for the U.K. government -- which has been actively encouraging development of scanning technologies that could be applied to scan E2EE messages without technically breaking the encryption. (DSIT confirmed a recent "Safety Tech Challenge Fund" led to five "proof of concept" tools being developed which it claimed demonstrate potential while conceding further development is needed.)

Then, last year, ministers tabled an amendment to the OSB which proposed to give Ofcom new powers to force service providers to implement content-scanning technologies even if their platform is E2EE -- laying out a scenario where a platform could be legally forced to do client-side scanning.

The move has substantially dialled up concern about the bill's impact on web security.

While client-side scanning technology is not usually considered to amount to a backdoor in encryption, per se, it remains hugely controversial -- since it requires the blanket scanning of message content (which is both horrible for privacy and risks creating a massive new harm of 'false positives' -- for example, if a photo of a child's bath time that's shared between parents gets wrongly identified as CSAM by scanning algorithms and caregivers who have done nothing wrong have their private comms handed to the police); and also because it introduces additional technology into the E2EE mix which could create new vulnerabilities in systems that represent the current 'gold standard' of encryption.

Privacy and security experts remain united in warning about the risks posed by client-side scanning -- pointing out, for example, that the technology is abusively disproportionate and has not been demonstrated to a robust level of accuracy such sensitive use cases should demand. They also warn that Western democracies going down this road could give succor to and encourage authoritarian regimes to pass versions of the tech that scan for political opposition and further seek to oppress free expression.

So far, none of these concerns have stopped lawmakers from rushing to promote a popular policy goal (child safety) by seizing on an intrusive and unproven technology -- which offers a cheap and easy way to claim they're doing something about a type of abuse that emerges from complex social problems, including poor resourcing of social and public services, that's something they seem less far interested in trying to 'fix.' (See also: The EU's proposal on CSAM mitigation -- which also wants to push platforms to adopt scanning technologies -- although, in practice, lawmakers there are likely to struggle to impose such a regime given the bloc's prohibition on general monitoring obligations.)

While email services are not explicitly in scope of the OSB such is the level of concern about the direction of travel in the U.K. that E2EE email providers are adding their voices to the public chorus of concern about the bill.

E2EE email provider Proton has dubbed the OSB "misguided and dangerous" and "a ban on end-to-end encryption in all but name" -- calling recently for the draft to be amended to protect the encryption that it said the internet relies upon to function. "Weakening end-to-end encryption would reduce everyone’s safety online, including the children this bill is trying to protect," it further warned. "Without strong encryption, the sensitive data of millions of people would be at risk."

In another public intervention, Tutanota -- a continental-Europe-based E2EE email provider -- wondered aloud whether the U.K. is set to follow the likes of Russia and Iran and block access to encryption? "It is really worrying what is going on in the U.K. -- once the greatest democracy in the world," suggested co-founder, Matthias Pfau. "The British government still believes they can have a 'magical key' to access encrypted communication -- completely ignoring the technical background and what cryptography experts have said again and again: You can't backdoor encryption and make sure that this backdoor is not going to be abused by malicious actors."

While the OSB has had many extra measures bolted on to it since the 2019 'online harms' white paper -- and since the 2021 first draft of the bill -- all of which the government has claimed have strengthened the proposal, as it's responded to ongoing campaigning by child safety groups which have urged ministers to go further to tackle safety risks, the most recent revision to the bill actually dialled back provisions that had targeted legal but harmful speech -- after some MPs raised concerns about the impact on freedom of expression -- suggesting ministers are not immune to criticism of their approach.

Although it remains to be seen whether the prospect of voters reading headlines in the not too distant future that blame the government for WhatsApp going dark in the U.K. will be enough for ministers to rethink their stance on strong encryption.

Whatever happens with WhatsApp, the bill seems unlikely to be able to stop use of all E2EE messaging apps that refuse to deploy client-side scanning if that really is ministers' aim.

Much like Signal's suggestion that U.K. users could resort to proxy servers to retain access to its app if it's forced to officially shutter U.K. service, Element's Hodgson points out that if it has to quit the U.K. it does not necessarily mean the end of local usage of the technologies it develops either -- given that its apps, and the Matrix protocol itself, are open source and "anyone can run their own deployments."

"Secure end-to-end encryption has been out there in the public domain for over 30 years, and attacking end-to-end encryption service providers will not make it disappear given anyone can run their own services," he suggests, adding: "We also have a long-running project to make servers optional in Matrix in the form of Peer-to-Peer (P2P) Matrix. Once P2P Matrix or similar technologies become prevalent in the coming months, users no longer need servers -- each app effectively is its own service. Therefore users will be able to communicate securely without dependency on any service provider, irrespective of the OSB’s attack on encryption."

If the U.K. government is really serious about addressing child abuse Hodgson suggests that it hire more police officers -- to "focus on traditional investigation and infiltration, and arm them with the tools and training to fight bad actors online."

"Forcing encryption services to add mass surveillance is trying to outsource policing on the cheap to service providers," he adds -- dubbing it the online equivalent of forcing CCTV cameras to be installed in everyone’s bedrooms to catch "possible abuse."

This report was updated with DSIT's response