UK: Last week, the UK Online Safety Bill passed its third reading in the House of Lords. This Bill means the end of end-to-end encryption and an end to online privacy for Britons.It implies mass government surveillance of any internet available to users within the UK and its reach expands to any internet platform providing services to people in the UK. It would enable the UK government to implement similar surveillance to what China, Russia and others have forced on the internet within their borders.
A liberal democracy should be condemning such surveillance measures – not implementing them.
The Online Safety Bill Looks Set to Shatter Privacy in the UK
The following is a blog published by Proton on 5 September 2023.
The UK Parliament is set to finalise a bill this month that threatens privacy and freedom of speech at a fundamental level. We had hoped for last-minute amendments to be tabled protecting encryption and privacy, but based on information coming from Parliament at the time of writing, this now appears to be a lost cause. The Online Safety Bill is intended to protect people from online abuse, but the law as written would instead empower the UK government to break end-to-end encryption and monitor the most private aspects of your digital life.
Proton, along with much of the tech industry, has condemned the Online Safety Bill, specifically, the clauses that would undermine end-to-end encryption. But politicians have been unwilling to listen, and there looks to be little hope for crucial changes that could save encryption.
As it stands, the Online Safety Bill is one of the most concerning pieces of legislation to come out of the West in years. It would open the door to mass surveillance of the type and scale that Edward Snowden exposed in 2013. The British government would essentially be outlawing private conversations of any kind online, which is an affront to human rights and will likely put Britons in more danger, not less.
The bill is due to have its final review in the House of Lords on 6 September. Regrettably, it appears the House of Lords didn’t take this final opportunity to table any amendments that would protect encryption. So, it looks highly likely the bill will pass as it stands, along with its threats to break encryption. While the bill still hasn’t been completely finalised by Parliament, assuming it passes into law as drafted, we’re now counting on Ofcom (new window) to work closely with the industry to mitigate some of the worst effects this bill could have on privacy.
[Update: On 6 September, the House of Lords passed the Bill. It is now in the final stages of preparation to receive Royal Assent. Weak statements by government ministers, such as the hedging from Lord Parkinson during last week’s debate, are no substitute for real privacy rights. Nothing in the law’s text has changed.
Proton won’t accept the Online Safety Bill
We would be willing to aggressively defend the right to privacy in the courts as we have successfully done in Switzerland. However, we won’t do anything to put the Proton community at risk. As a company that puts privacy and security above all else, we refuse to do anything that undermines our encryption or our users’ rights, and we plan on continuing to serve the Proton community in the UK, regardless of what happens with the bill.
We haven’t broken encryption for the governments in China or Iran, and we won’t for the UK government. If the UK pursues this point, we’d sooner be barred from operating in the UK than compromise the security and privacy our community relies on.
The Online Safety Bill would destroy online privacy in the UK
The bill contains a clause that indirectly empowers the government to force companies to weaken or bypass their own encryption. We explained how this works in our previous article condemning the Online Safety Bill, and a group of human rights organisations have submitted a cogent appeal to Parliament (new window) clarifying the risks to civil rights.
End-to-end encryption underpins the secure exchange of information online. We use it at Proton to ensure no one – not us, not government agencies, nor anyone else – can access your emails, calendar events, files, and other personal data.
We expect attempts to break or undermine end-to-end encryption from repressive governments like Iran or China because the privacy these services provide allows for dissent, freedom of expression, and autonomy – principles that frighten these regimes. The fact that a modern democracy stands on the precipice of passing such a disastrous bill is a grave threat.
This also sends a chilling message to the global community. Rather than condemning the surveillance that China, Russia, and others have forced on the internet within their borders, the Online Safety Bill would enable the government to implement similar measures. It would be yet another blow against the open, uncensored internet, only this time it would come from a democracy that’s supposed to defend freedom and free speech.
As we have repeatedly explained, whenever governments try to abridge privacy, there is no such thing as partial end-to-end encryption. It either protects everyone who uses a service, or it protects no one.
This bill threatens to force companies to break end-to-end encryption at a time when Britons say they want more privacy, not less. The results would be catastrophic for Britain:
- No one will be sure if their online conversations are private or if they’re being watched.
- Hackers will try to exploit new weaknesses in encryption, threatening the security of financial transactions, official proceedings, business negotiations, and more.
- Companies could flee the UK, destroying the country’s future as a thriving tech hub.
- Authoritarian governments will try to copy the British playbook, issuing similar laws that further erode the right to privacy and free speech globally.
- Many services will no longer be available to UK residents because companies will prefer to pull out of the country rather than deliberately put their users’ privacy at risk.
None of this is news to Parliament. The UK government has had plenty of opportunity to listen to concerns from the tech and security industry, but so far it hasn’t. Instead, it’s suggested technological solutions that simply don’t exist. No matter what politicians claim, you can’t simultaneously scan everyone’s messages for illegal content while preserving privacy.
How to save encryption in the UK
We’ve been calling for UK lawmakers to hear the concerns of the technology industry and reject this bill, which directly threatens end-to-end encryption and the right of people in the UK to privacy. However, by not publishing any amendments that remove the obligation to break encryption, the House of Lords has missed an opportunity to save encryption.
Considering the political pressure, it’s highly likely that the bill will be passed. Should it be passed as expected, we must look to Ofcom to listen to the hundreds of security, privacy, and tech experts that have raised concerns and work closely with the industry on the privacy implications in the implementation of this bill. Ofcom has an opportunity to mitigate the threats to encryption and, most importantly, work with the industry to protect the privacy of UK citizens.
To our community in the UK, it’s time to make your voices heard. This bill threatens your basic rights to privacy and freedom of speech. Don’t let your government take your civil liberties without a fight.
We understand and appreciate the British government’s desire to make the internet a better place for all because this is our mission, too. People may disagree about the exact steps to get there. But privacy and free expression must be part of any world we want to create. End-to-end encryption is a technological guarantor of these rights.
Proton is ready to work with Ofcom and the UK government to advance online safety while protecting end-to-end encryption for everyone for good.
Featured image: UK Introduces Mass Surveillance with Online Safety Bill, Security Week, 30 March 2023
Join: 👉 https://t.me/acnewspatriots
The opinions expressed by contributors and/or content partners are their own and do not necessarily reflect the views of AC.NEWS
Disclaimer: This article may contain statements that reflect the opinion of the author. The contents of this article are of sole responsibility of the author(s). AC.News will not be responsible for any inaccurate or incorrect statement in this article www.ac.news websites contain copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to our readers under the provisions of “fair use” in an effort to advance a better understanding of political, health, economic and social issues. The material on this site is distributed without profit to those who have expressed a prior interest in receiving it for research and educational purposes. If you wish to use copyrighted material for purposes other than “fair use” you must request permission from the copyright owner. Reprinting this article: Non-commercial use OK. If you wish to use copyrighted material for purposes other than “fair use” you must request permission from the copyright owner.
Disclaimer: The information and opinions shared are for informational purposes only including, but not limited to, text, graphics, images and other material are not intended as medical advice or instruction. Nothing mentioned is intended to be a substitute for professional medical advice, diagnosis or treatment.
Discussion about this post