The British government’s hugely controversial Online Safety Bill has today passed in the second chamber of Parliament, and after six years of debate is now set to become law.
While Apple’s iMessage and other end-to-end encrypted messaging apps were saved from being outlawed by the bill, the government hasn’t yet given up the fight …
The Online Safety Bill
The Online Safety Bill started out as a relatively uncontentious concept. The idea was that when illegal content was found to be present on social media platforms – such as child sexual abuse materials (CSAM) – companies would be required to have systems in place for rapidly removing it.
As with many laws, however, it grew in scope. Most of the additions were well-intentioned but didn’t give thought to the likely unintended consequences.
As just one example, the bill makes it illegal to post material that promotes or facilitates suicide or other self-harm. The National Survivor User Network pointed out the problem with this:
We are extremely concerned about the potential of the bill to make illegal a broad range of activities and content directed toward supporting or helping others. For example, this may include harm reduction resources that offer detailed anatomical information and first aid guidance to help people make decisions about their self-harm – which could be seen to “assist” someone in their self-harm. Additionally, the bill could also be used to criminalise broader peer support efforts (whether formal or informal) which may include advice on how to reduce harm, deal with wounds, or limit negative feelings about having self-harmed.
Similar unintended consequences issues exist with almost every single component of the bill.
It also threatens federated social networks like Mastodon, in which every user would qualify as a social network server, and be subject to the law, legally responsible for the content that passes through their connection.
iMessage is safe… for now
At one point, the Online Safety Bill would have made it illegal to offer an end-to-end encrypted (E2EE) messaging service, like iMessage, WhatsApp, Signal, or Telegram.
Companies like Apple fought back against this, with the iPhone maker stating that it would withdraw iMessage from the UK rather than compromise user privacy.
Fortunately, the British government backed down on this, while pretending that it hadn’t.
But the Investigatory Powers Act still threatens it
However, plans to increase the scope and powers of the UK’s Investigatory Powers Act could still render E2EE messaging services like iMessage illegal. Those proposed amendments could even make it illegal for Apple to issue iOS and macOS security updates without government clearance!
Apple has described the proposed powers as “a serious threat to global privacy” as they could apply outside the UK as well as within it.
And the government is still publicly on the attack
The government has been loudly banging the drums of CSAM and terrorism in an effort to build public support for the changes.
Just today, Home Secretary Suella Braverman claimed that Meta’s switch to E2EE for Facebook Messenger and Instagram DMs could be used by “sickening abusers,” as BBC News reports.
On Wednesday she said: “Meta has failed to provide assurances that they will keep their platforms safe from sickening abusers. They must develop appropriate safeguards to sit alongside their plans for end-to-end encryption.”
Meta says that it is simply following in the footsteps of apps like iMessage and WhatsApp, which are already in widespread use.
“We don’t think people want us reading their private messages”, the firm said.
“The overwhelming majority of Brits already rely on apps that use encryption to keep them safe from hackers, fraudsters and criminals”, it added.
Security experts and tech writers alike have repeatedly explained to the government why it is technically impossible to create an E2EE messaging service that has a backdoor for security services, but have so far succeeded only in injuring their heads and damaging desks.
FTC: We use income earning auto affiliate links. More.
Comments