UK drops 'spy clause' for scanning encrypted chat, admits it's not 'feasible'

Comment Sanity appears to person prevailed successful nan statement complete nan UK's Online Safety Bill aft nan authorities agreed to ditch proposals - astatine slightest for nan clip being - to legislate nan scanning of end-to-end encrypted messages.

In consequence to questions regarding nan method feasibility of scanning securely encrypted messages and nan assessments that Ofcom must make, Lord Parkinson, a Digital, Culture, Media and Sport minister, said: "If nan due exertion does not beryllium that meets these requirements, past Ofcom will not beryllium capable to usage Clause 122 to require its use."

Clause 122 successful nan Online Safety Bill relates to online coercion and kid exploitation content.

Parkinson said: "A announcement tin beryllium issued only wherever technically feasible and wherever exertion has been accredited arsenic gathering minimum standards of accuracy."

Thus nary scanning of end-to-end encrypted messages unless it is technically feasible to do so. Quantum computing, anyone?

Victory? Not truthful fast...

The statements person been wide interpreted arsenic a triumph for exertion firms, galore of which had threatened to exit nan UK complete nan request that it must beryllium imaginable for moreover powerfully end-to-end encrypted messages to beryllium scanned for forbidden content.

However, it could besides beryllium based on that nan changes only correspond nan bare minimum needed to get nan measure crossed nan line. The arguable clauses stay mostly successful place, pinch nan subordinate passed to early administrations, aliases to erstwhile reference nan messages becomes "technically feasible."

Matthew Hodgson, CEO of unafraid chat app developer Element, said: "The authorities saying 'no scanning until it's technically feasible' is nonsense. Scanning is fundamentally incompatible pinch end-to-end encrypted messaging apps. Scanning bypasses nan encryption successful bid to scan, exposing your messages to attackers."

He told The Register that nan connection and nan guidance from immoderate conception of nan tech organization near him terrified. “It’s not a triumph astatine all,” he said.

Hodgson continued: “The ministers must beryllium emotion utterly smug… nan unit has been removed from them to alteration nan measure and extremity scanning, and they didn’t person to do anything.

“It's unspeakable because nan rule still says that scanning tin beryllium obligated connected encrypted messaging providers, it would still undermine extremity to extremity encryption. And each it is [doing] is pushing it somewhat down nan statement until personification decides it's technically feasible, which is simply a wholly subjective thing.”

Martina Larkin, CEO of net state org Project Liberty, queried nan reasoning down nan clause and said: "No 1 is questioning that much must beryllium done to protect people, particularly children, online. However nan statement should not beryllium astir protecting children versus protecting privacy. We tin have, and should have, both.

"When it comes to really we build a amended web, everybody loses erstwhile rash decisions are made. Trying to protect children by building backdoors into encryption will person unprecedented antagonistic consequences for online privacy, nan usage of people's information arsenic good arsenic nan protection of free reside and antiauthoritarian values. No 1 would ever willingly fto a complete alien publication each of your mail, put cameras successful their house, and travel their each move. So why do it online?"

• Now Apple takes a wound retired of encryption-bypassing 'spy clause' successful UK net law
• Wrong clip to weaken encryption, UK IT chartered institute tells government
• Online Safety Bill property checks? We won't do 'em, says Wikipedia
• International cops impulse Meta not to instrumentality unafraid encryption for all

We'll tie a discreet veil complete nan devices pinch imaginable for surveillance supplied by ample exertion companies that group person so cheerfully installed successful their houses. Still, some Larkin and Hodgson make fantabulous points.

A spokesperson from Index connected Censorship said: "The Online Safety Bill arsenic presently drafted is still a threat to encryption and arsenic specified puts astatine consequence everyone from journalists moving pinch whistleblowers to mean citizens talking successful private. We request to spot amendments urgently to protect our correct to free reside online."

Attempts to overgarment nan UK government's evident climbdown arsenic a triumph for large tech is missing nan point. At best, a skirmish mightiness person been won and a ceasefire temporarily declared. However, nan larger conflict complete privateness and encryption connected nan net has yet to beryllium fought. ®