Why are Apple and WhatsApp unhappy with the UK’s online safety bill?

28 Jun 2023

Apple CEO Tim Cook speaking at the Fortune CEO Initiative 2018 Annual Meeting in June 2018. Image: Fortune Photo/Flickr (CC BY-NC-ND 2.0)

Big Tech and privacy rights activists are putting pressure on the UK to prevent the upcoming Bill from breaking end-to-end encryption in messaging.

Apple has joined WhatsApp, Signal and a spate of privacy rights groups in taking a stand against a provision in the UK’s upcoming Online Safety Bill that will force messaging services to compromise on end-to-end encryption.

First drafted in 2021, the UK Online Safety Bill wants to crack down on the possession and sharing of child sex abuse material (CSAM) on popular privacy-focused messaging apps such as iMessage, WhatsApp and Signal.

If passed, the Bill, which is currently going through parliament, would give the UK’s communications regulator Ofcom the power to direct private companies to deploy certain technologies that bypass encryption – which ensures messages can only be read by the sender and receiver – and scan for CSAM on phones.

While the government argues that the added powers will prevent further distribution of CSAM and other related illegal visual content, messaging services and some rights groups are outraged at the potential privacy violation of the move.

Apple has become the latest of such companies to publicly criticise the Online Safety Bill, worried that the law would compromise on some of the principles of a liberal democracy.

“End-to-end encryption is a critical capability that protects the privacy of journalists, human rights activists and diplomats,” Apple said in a statement to the BBC.

“It also helps everyday citizens defend themselves from surveillance, identity theft, fraud and data breaches. The Online Safety Bill poses a serious threat to this protection and could put UK citizens at greater risk.

“Apple urges the government to amend the Bill to protect strong end-to-end encryption for the benefit of all.”

Legislative ‘grey area’

Meta-owned WhatsApp has also spoken out against the proposed bill, warning that it will not comply with any UK law that wants it to remove end-to-end encryption.

On a visit to the UK in March, WhatsApp head Will Cathcart said the bill is in a legislative “grey area” that would make it impossible to comply without removing end-to-end encryption altogether.

“Some countries have chosen to block it: that’s the reality of shipping a secure product. We’ve recently been blocked in Iran, for example. But we’ve never seen a liberal democracy do that,” Cathcart added.

According to Cathcart, it would not make sense for WhatsApp to remove end-to-end encryption from its platform only for the UK – a market that he said only accounts for around 2pc of users.

“It would be an odd choice for us to choose to lower the security of the product in a way that would affect those 98pc of users.”

Privacy-focused messaging app Signal has also indicated its intention to walk out of the UK market if the Bill is passed as is.

Meanwhile, privacy rights groups such as the Open Rights Group have written to Minister Chloe Smith asking her to reconsider the provision, calling the Bill “a deeply troubling legislative proposal”.

“If passed in its present form, the UK could become the first liberal democracy to require the routine scanning of people’s private chat messages, including chats that are secured by end-to-end encryption,” a statement published earlier this week read.

“As over 40m UK citizens and 2bn people worldwide rely on these services, this poses a significant risk to the security of digital communication services not only in the UK, but also internationally.”

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Apple CEO Tim Cook speaking in June 2018. Image: Fortune Photo/Flickr (CC BY-NC-ND 2.0)

Vish Gain is a journalist with Silicon Republic