While the removal of a provision to regulate “legal but harmful” online material in the UK’s Online Safety Bill has generated headlines, fears over a threat to end-to-end encryption has prompted 70 organizations, cybersecurity experts and politicians to express their concerns in an open letter to UK Prime Minister Rishi Sunak.
It warns that “UK businesses are set to have less protection for their data flows than their counterparts in the United States or European Union, leaving them more susceptible to cyber-attacks and intellectual property theft”. The signatories are calling for the removal of clauses that undermine encryption.
Undermining encryption
The letter expresses concerns over threats to business data flows, freedom of speech, and personal privacy and security. It references the introduction of “a similar law undermining end-to-end encryption” in Australia in 2018, a move the writers claim cost the Australian digital industry “an estimated AUD1bn ($673,743,670) in current and forecast sales and further losses in foreign investment as a result of decreased trust in their products”.
Concern over “serious threats to privacy and security in the UK” is also expressed. This, say the signatories, would come through the creation of “a new power to compel online intermediaries to use ‘accredited technologies’ to conduct mass scanning and surveillance of all citizens on private messaging channels”. Research from Cornell University is referenced to back up these fears.
Citizens’ data
The letter also says that the measures risk removing protection for the data of individual citizens. “Opening a backdoor for scanning also opens a backdoor for cyber criminals intent on accessing our bank account details, private messages and even the pictures we share online privately with family and friends.”
Organisations signing the letter include the Adam Smith Institute, Centre for Policy Studies, the Electronic Frontier Foundation, Index on Censorship, and Liberty.