The future of iMessage in the UK had seemed in doubt, as the British government was demanding that the company break end-to-end encryption to allow messages to be scanned. Apple had said that it would withdraw iMessage from the UK rather than compromise user privacy.
WhatsApp and Signal had similarly threatened to withdraw their messaging apps from the UK, but the government has now done a U-turn, while issuing a meaningless, face-saving statement …
17 years of trying to ban strong encryption
It was in 2006 that a previous government first put forward the idea of banning strong encryption, under what what was then known as the Intercept Modernisation Programme.
The later Investigatory Powers Act 2016 (IPA) actually implemented many of the proposed powers, including granting the government the power to issue orders to tech companies to break encryption by building backdoors into their products. Apple strongly objected to this at the time.
End-to-end encryption was also threatened by the separate Online Safety Bill, which seeks to make tech giants responsible for the content on their platforms. This was set to include the content of private messages.
Apple said that it would withdraw iMessage and FaceTime from the UK market rather than drop end-to-end encryption.
Future of iMessage safe in the UK
The Financial Times reports that the government has now agreed to drop from the Online Safety Bill the requirement to scan messaging apps for illegal content.
The UK government will concede it will not use controversial powers in the online safety bill to scan messaging apps for harmful content until it is “technically feasible” to do so, postponing measures that critics say threaten users’ privacy.
A planned statement to the House of Lords on Wednesday afternoon will mark an eleventh-hour bid by ministers to end a stand-off with tech companies, including WhatsApp, that have threatened to pull their services from the UK over what they claimed was an intolerable threat to millions of users’ security.
As is usually the case when governments want to compromise privacy, child sexual abuse materials were put forward as the original justification.
The government said in a statement: “As a last resort, and only when stringent privacy safeguards have been met, [the legislation] will enable Ofcom to direct companies to either use or make best efforts to develop or source, technology to identify and remove illegal child sexual abuse content – which we know can be developed.”
9to5Mac’s Take
Sanity has finally prevailed, at least on the Online Safety Bill. The fact that three powerful companies refused to compromise user privacy, stating that they would withdraw from the UK rather than do so, appears to have won the day.
Talk of the measure being “postponed” pending “technical feasibility” is, of course, pure bluff and nonsense. The very nature of E2E encryption means that it can never be technically feasible to scan the contents of messages; if you could, it wouldn’t be E2E encryption.
This isn’t necessarily the end of the argument. As things stand, planned amendments to the Investigatory Powers Act 2016 would impose the same requirement, and even threaten Apple security updates. However, with this precedent set, we are now more optimistic about a similar face-saving move being made here.
FTC: We use income earning auto affiliate links. More.
Comments