Protecting Privacy and Security Online
To anyone who cares about safety and privacy on the internet, we urge the UK government to address the risks posed by the Online Safety Bill to everyone’s privacy and security. It is not too late to ensure that the bill aligns with the government’s intent to protect end-to-end encryption and respect the human right to privacy.
End-to-End Encryption: A Powerful Shield Against Cyber Threats
Around the world, businesses, individuals, and governments face persistent threats of online fraud, scams, and data theft. Malicious actors and hostile states routinely challenge the security of our critical infrastructure. End-to-end encryption is one of the most robust defenses possible against these threats. As vital institutions increasingly rely on internet technologies to carry out core operations, what’s at stake has never been higher.
The Risk of Breaking End-to-End Encryption
As currently drafted, the Online Safety Bill could break end-to-end encryption, opening the door to routine, general, and indiscriminate surveillance of personal messages from friends, family members, employees, executives, journalists, human rights activists, and even politicians themselves, fundamentally undermining everyone’s ability to communicate securely.
The bill does not provide explicit protection for encryption and, if implemented as written, could empower OFCOM to try to force proactive scanning of private messages on end-to-end encrypted communication services, negating the purpose of end-to-end encryption and compromising the privacy of all users.
A Threat to Privacy and Security Worldwide
In summary, the bill poses an unprecedented threat to the privacy, security, and protection of all UK citizens and the people they communicate with worldwide while emboldening hostile governments that may attempt to draft copycat laws.
Defenders say they appreciate the importance of encryption and privacy, claiming it’s possible to monitor everyone’s messages without undermining end-to-end encryption. The truth is, this is not possible.
We are not the only ones sharing concerns about the UK bill. The United Nations has warned that the UK government’s efforts to impose covert requirements constitute “a paradigm shift that poses a series of serious problems with potentially disastrous consequences.”
Even the UK government has acknowledged the privacy risks posed by the bill text but has said that its “intention” is not for the bill to be interpreted this way.
Protecting Privacy and Security Must Be a Global Priority
Global providers of end-to-end encrypted products and services cannot weaken the security of their products and services to accommodate individual governments. There cannot be a “British Internet” or a version of end-to-end encryption specific to the UK.
The UK government must urgently rethink the bill, revising it to encourage companies to offer more privacy and security to their residents, nothing less. Weakening encryption, undermining privacy, and introducing mass surveillance of people’s private communications is not the way forward.
Signed by those who care about keeping our conversations safe:
Matthew Hodgson, CEO of Element
Alex Linton, Director, OPTF/Session
Meredith Whittaker, Chair of Signal
Martin Blatter, CEO of Threema
Ofir Eyal, CEO, Viber
Will Cathcart, Head of WhatsApp at Meta
Alan Duric, co-founder, and CTO, Wire
As per information from the source.