UK amends encrypted message scanning plans
The UK government has amended powers that might be used to compel tech companies to analyze encrypted messages for photos of child abuse.Because of privacy concerns, tech companies like as Signal, WhatsApp, and Apple have spoken out against the capabilities.The government now wants a report to be published before the regulator’s powers are deployed, thanks to amendments voted by the Lords on Wednesday.However, privacy advocates argue that this additional precaution falls short of the mark.
The government modification comes after major messaging applications, other corporations, and technological experts expressed concerns.According to the modifications to the Online Safety Bill, a “skilled person” must submit a report for communications regulator Ofcom before the new powers to require a corporation to scan messages are used.This was optional in prior versions of the bill.The report could discuss the implications of scanning on free expression and privacy, as well as if less intrusive technology should be employed instead.
Another government proposal approved by peers requires the regulator to assess the impact of technology on journalism as well as the protection of journalistic sources.The law would require Ofcom to use “accredited technology” to scan messages for child sexual abuse material.The Online Safety Bill is nearing the end of its passage through Parliament.
Ministers, police, and children’s charities claim the powers are needed to combat “record levels” of child abuse on internet platforms, such as imagery and grooming, and to prevent encrypted sites from allowing child abusers to “operate with impunity.”Because end-to-end encrypted messages can only be read by the sender or receiver, critics argue that businesses must scan messages before they are encrypted, a process known as client-side scanning.
This, they claim, severely weakens encrypted messaging’s privacy and security. Meredith Whittaker, head of the encrypted messaging platform Signal, previously told the BBC that the powers would require tech companies to “run government-mandated scanning services on their devices.” According to the BBC, the latest modification is in response to concerns about the bill’s privacy ramifications and technical feasibility. Lord Parkinson, a government minister, told peers that he understood “the concerns that have been expressed about how these powers work with encrypted services,” but that sufficient protections had been incorporated in to preserve privacy.
Concerns about personal privacy
The report must be considered by Ofcom when determining whether it is necessary and reasonable to oblige a firm to scan messages and share a summary of its results with tech firms.However, campaigners who have branded the capabilities a “spy clause” have suggested that at the very least, a court should have to approve the monitoring of user messages.”This is not the legal oversight that these important new powers require, and it ignores users’ rights,” Index on Censorship warned of the new proposals.”Judicial oversight is a bare minimum for a government-appointed body to be able to break encryption and access private messages,” said free-speech advocates.
Read more at: