During a recent visit to the UK, WhatsApp’s head Will Cathcart stated that the company would not comply with the proposed Online Safety Bill, which would effectively ban end-to-end encryption.
What is end-to-end encryption?
The concept of end-to-end (E2E) encryption provides a high level of security for communication by ensuring that only the intended recipient can access the message. Each message is encrypted using a unique decryption key that is specific to both the sender-recipient pair and the message itself. As a result, even the messaging service provider is unable to decrypt the message, providing complete privacy and security. E2E encryption has gained significant traction in recent years, and several popular messaging platforms like WhatsApp, Signal, Apple’s iMessage and FaceTime have already adopted it as the default security measure.
What is United Kingdom’s Online Safety Bill?
The proposed British Online Safety Bill aims to improve online safety by placing “duty of care” obligations on online platforms. Clause 110 of OSB, allows the regulator to issue notices to internet service providers to identify and take down terrorism and Child Sex Exploitation and Abuse content communicated “publicly or privately.” This would require messaging apps to scan messages and potentially break end-to-end encryption.
Criticism of Online Safety Bill:
- The provisions of the bill would erode the benefits of encryption in private communications, reduce internet safety for UK citizens and businesses, and compromise freedom of speech.
- Matthew Hodgson, co-founder of Element, argues that the idea of effectively requiring backdoors into private content such as encrypted messaging is controversial and would be used by bad actors.
- Concerns have been raised about how some of the provisions in the bill will be enforced and whether the government will prosecute vulnerable individuals, such as teenagers, for posting their own self-harm images online.
What if the platforms don’t comply?
They may face penalties up to £18 million or 10% of the platforms global revenue of the preceding accounting year.
Similar law in India:
Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021: It is made mandatory for messaging platforms with more than 5 million users in India to “enable the identification of the first originator” of a message (also called traceability). This does not involve scanning and flagging of all encrypted content, but rather aims to locate the initial source of a message that has been forwarded multiple times.
Conclusion:
Social media platforms need careful regulation and content moderation to address the spread of harmful content, while preserving benefits. Balancing regulation with freedom of expression and respecting individuals’ rights is crucial. Collaboration between governments, tech companies, civil society organizations, and users is needed to create a responsible online environment.
