Cristina Criddle, Anna Gross, and John Aglionby, reporting from London for The Financial Times (paywall-circumventing Twitter link):
The UK government has conceded it will not use controversial
powers in the online safety bill to scan messaging apps for
harmful content until it is “technically feasible” to do so,
postponing measures that critics say threaten users’ privacy.
In a statement to the House of Lords on Wednesday afternoon,
junior arts and heritage minister Lord Stephen Parkinson sought to
mark an eleventh-hour effort to end a stand-off with tech
companies, including WhatsApp, that have threatened to pull their
services from the UK over what they claimed was an intolerable
threat to millions of users’ privacy and security.
Parkinson said that Ofcom, the tech regulator, would only require
companies to scan their networks when a technology is developed
that is capable of doing so. Many security experts believe it
could be years before any such technology is developed, if ever.
No, Thursday’s out. How about never — is never good for you?
WhatsApp, owned by Facebook’s parent Meta, and Signal, another
popular encrypted messaging app, are among those that have
threatened to exit the UK market should they be ordered to weaken
encryption, a widely used security technology that allows only
the sender and recipient of messages to view a message’s
Officials have privately acknowledged to tech companies that there
is no current technology able to scan end-to-end encrypted
messages that would not also undermine users’ privacy, according
to several people briefed on the government’s thinking.
This isn’t the worst reporting on encryption and lawmakers’ fantasies about “backdoors only accessible by the good guys”, but it’s fundamentally misleading. End-to-end encryption’s meaning is right there in its name. There’s no dial that can be adjusted from “weak” to “strong”. There’s no option for content inspection between end points. It’s not about choosing not to allow eavesdroppers, it’s about implementing protocols where it’s technically impossible to inspect content between sender and receiver.
The actual math is far more complex, but ultimately this boils down to the U.K. acknowledging that 2 + 2 can only equal 4.
★ Wednesday, 6 September 2023