The UK Government is currently in consultation to pass a new bill titled the ‘Online Safety Bill’ which is designed to use device side scanning to protect children from harmful material. However, to achieve this it is required to break many security policies through breaking the security of end-to-end encryption.
Whilst, in theory, it seems obvious that placing regulation on messaging platforms to ensure the online safety of children is prioritised.
However, the technicalities of an act like this would require scanning of all messages sent and received by UK users. This is done through a bypass of encryption (a technology designed to scramble messages making it impossible for interceptors to read) and then scanning content on the device to flag potentially harmful material.
The bill would also obligate social media companies to prevent children from harmful content and would hold the executives of the company criminally liable for failing to remove or censor this content.
Whilst the act has not been finalised so the implications of it cannot be fully known, there is the potential that serious privacy invasion will be required. For example, if a back door is required to enable the scanning of private messages, it opens an easy channel to be exploited by Cyber Criminals. A back door is an entry point to a system that is created by malicious code and provides unauthorized access to data.
The required scanning of all messages causes debates around the integrity of UK citizens human rights.
In the UK, citizens, under the Human Rights Act 1998, are entitled to:
- A right to life
- A right to respect for private and family life
- A right to personal liberty
- A right not to be tortured or treated in an inhuman way
- A right to a fair trail
- A right to freedom of religion and belief
- A right to freedom of expression
As this bill requires all digital correspondence in and out of the UK it raises the question, does it violate my right to a private and family life?
This has caused many companies that provide services that would be affected to speak out.
One of these companies is the popular secure messaging app, Signal. They say that this bill would cause their platform to not be able to operate with the companies sole mission of truly private digital communication to anyone who requires it and would cease operation in the UK if their companies values could not be upheld. This app is typically used by journalists, activists and politicians who require their communication to remain private.
Other companies that provide secure communications to a variety of clients say that the bill would cost them clients and could cost the entire business as foreign offerings would be better due to the absence of backdoors for scanning.
Government action, such as this act, often raises the question of how far is too far with digital surveillance and where is the line between protection and a violation of your human rights.
We would like to hear your opinion, get in touch by clicking here to speak to one of our experts about issues such as this one or how we can help keep your business Cyber Wise.