- Encrypted messaging developers may be considered hostile actors in the UK
- Independent review of national security law warns of excesses
- Encryption repeatedly targeted by British lawmakers
App developers using end-to-end encryption to protect private communications could be considered hostile actors in the UK.
That’s the stark warning from Jonathan Hall KC, the independent reviewer of state threats legislation and the government’s independent reviewer of counter-terrorism legislation, in a new report into national security laws.
In his independent review of the Counter-Terrorism and Border Security Act and the new National Security Act, Hall KC highlights the incredibly broad scope of powers granted to authorities.
He warns that developers of apps like Signal and WhatsApp could technically fall within the legal definition of “hostile activity” simply because their technology “makes[s] It is more difficult for British security and intelligence agencies to monitor communications. »
He writes: “It is reasonable to assume that this would be in the interest of a foreign state, even if that foreign state has never considered this potential benefit. »
The report also notes that journalists “carrying confidential information” or documents “personally embarrassing to the Prime Minister on the eve of important treaty negotiations” could face similar scrutiny.
While it remains to be seen how this report will influence future amendments, it comes at a time when lawmakers are increasingly pushing encryption.
Encryption under siege
Although the strong wording of the report may be surprising, it does not exist in a vacuum. Encrypted applications are increasingly in the crosshairs of British lawmakers, with several pieces of legislation targeting the technology.
Most notably, Apple received a technical capability notice under the Investigatory Powers Act (IPA) requiring it to weaken the encryption protecting iCloud data. This legal impasse led the tech giant to turn off its advanced data protection instead of creating a backdoor.
The Online Safety Act is already well known for its controversial age verification requirements. However, its most controversial provisions have yet to be fully implemented, and experts fear they could further harm encryption.
On Monday, Parliament debated the law following a petition calling for its repeal. However, instead of repealing the law, MPs insisted that it be enforced more strictly. During the discussion, lawmakers specifically called for reviewing other encrypted tools, like the best VPNs.
The potential risks of a tougher stance on encryption law were only briefly mentioned during the discussion, suggesting a marked disconnect between MPs and security experts.
Olivier Crépin-Leblond of the Internet Society told TechRadar he was disappointed by the outcome of the debate. “When it comes to client-side analysis (CSS), most felt that this could be one of the ‘simple technology solutions’ that could greatly help law enforcement, especially when they showed their frustration with Facebook’s end-to-end encryption,” he said.
“It is clearly not understood that such software could fall prey to pirates.”
It is clear that for many legislators, encryption is primarily seen as an obstacle to law enforcement. This contrasts sharply with the view of digital rights experts, who emphasize that technology is vital to protecting privacy and security in an online landscape where cyberattacks are increasing.
“The government views end-to-end encryption as a threat, but what they don’t consider is that breaking it would also be a threat to our national security,” Jemimah Steinfeld, CEO of Index on Censorship, told TechRadar.
She also added that this ignores the vital role of encryption for dissidents, journalists and victims of domestic violence, “not to mention the general population who should enjoy basic privacy.”
Once the battle lines are drawn, we can expect a tough year for services like Signal and WhatsApp. Both companies have previously pledged to exit the UK market rather than compromise their users’ privacy and security.
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
