- Developers of encrypted communications in the UK may be considered hostile actors
- Independent review of national security law warns of abuses
- Encryption has been repeatedly criticized by British lawmakers
App developers that use end-to-end encryption to protect private communications can be considered hostile actors in the UK.
That's the stark warning from Jonathan Hall CC, the government's independent expert on state threat law and independent expert on terrorism law, in a new report. report according to national security laws.
In his independent review of the Counterterrorism and Border Security Act and the recently passed Homeland Security Act, Hall K.S. highlights the incredibly wide range of powers granted to authorities.
He warns that the developers of apps like Signal and WhatsApp may technically fall under the legal definition of “hostile activity” simply because their technology “enables[s] “It is becoming more difficult for British security and intelligence services to monitor communications.”
He writes: “It is reasonable to assume that it would be in the interest of a foreign state, even if the foreign state never contemplated this potential advantage.”
The report also notes that journalists “carrying out sensitive information” or material that would “personally embarrass the Prime Minister ahead of important treaty negotiations” could face similar scrutiny.
While it remains to be seen how the report will influence future amendments, it comes at a time of growing pressure from lawmakers against encryption.
Encryption is at risk
While the report's harsh language may be shocking, it does not exist in a vacuum. Encrypted apps are increasingly coming to the attention of UK lawmakers, with several pieces of legislation addressing the technology.
Specifically, Apple received a Technical Opportunity Notice under the Investigative Powers Act (IPA) to weaken the encryption that protects iCloud data. This legal standoff led the tech giant to disable advanced data protection. instead of creating a backdoor.
The Internet Safety Act is already well known for its controversial age verification requirements. However, the most controversial provisions have not yet been fully implemented, and experts fear they could undermine encryption even further.
On Monday Parliament discussed the law following a petition demanding its repeal. However, instead of repealing the law, Deputies insist on tightening control. During the discussion, lawmakers specifically called for a review of other encrypted tools such as best VPNs.
The potential risks of the Act's tougher stance on encryption were only briefly mentioned during the debate, highlighting a sharp divide between MPs and security experts.
Olivier Crepin-Leblond of the Internet Society told TechRadar he was disappointed with the outcome of the debate. “When it came to client-side scanning (CSS), most felt it could be one of the 'simple technology solutions' that could greatly help law enforcement, especially when they expressed their disappointment with Facebook's implementation of end-to-end encryption,” he said.
“It’s completely incomprehensible that such software could fall prey to hackers.”
It is obvious that for many legislators encryption is seen primarily as an obstacle to law enforcement activities. This is in stark contrast to digital rights experts, who stress that the technology is vital to protecting privacy and security in an online environment where cyber attacks are on the rise.
“The government sees end-to-end encryption as a threat, but they don't consider that breaking it would also be a threat to our national security,” Jemima Steinfeld, CEO of Index on Censorship, told TechRadar.
She also added that it ignores the vital role of encryption for dissidents, journalists and victims of domestic violence, “not to mention the general population, who should be afforded basic privacy.”
With the battle lines already drawn, we can expect the coming year to be difficult for services like Signal and WhatsApp. Both companies previously promised to leave the UK market rather than compromising the privacy and security of its users.
Follow TechRadar on Google News. And add us as your preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the “Subscribe” button!
