Let’s be honest, new spy powers could kill off how we use Facetime and iMessage
A new anti-encryption bill quietly introduced to parliament this week could mean the death of iMessage for Brits, writes Matthew Lesh
This week’s Rwanda bill debate turned out to be a damp squib. Despite the hurried activity – including the farce of a climate change minister flying back and forth from Dubai – the Prime Minister easily won the second reading vote. Rishi lives to fight another day.
But among all this drama, another bill was introduced to Parliament which got much less attention: an amendment to the Investigatory Powers Act that could have enormous implications for user privacy and tech companies.
This legislation will allow the Home Office to require tech companies to seek approval before updating their software in ways that limit the ability of the government to spy on users. The home secretary will then be able to, in secret, block the release of a new feature or product. They will also be able to require security features to be disabled immediately without telling the public.
This is all part of a long-running campaign against encrypted services. Last year, the Home Office hired M&C Saatchi for a bizarre half-a-million-quid astroturf public relations campaign to oppose encryption. They wanted to discourage Meta from making Facebook Messenger end-to-end encrypted by default, something that was confirmed last week. The Online Safety Act also gives powers to Ofcom to require the use of technology that scans private messages; Whatsapp said it would shut down its UK service if faced with such a request.
The Home Office is allergic to encryption because they believe it encourages criminality and undermines child safety by allowing the spread of unlawful material.
But this sets up a false dichotomy. Nobody is safe, including children, when criminals can access their data.
Hackers are relentlessly trying to exploit our private information for fraud, identity theft and blackmail. Encryption helps prevent criminal behaviour and abuse by protecting our data. This safeguards everyone everywhere, from the intelligence services and journalists to human rights activists and other marginalised groups. It means our health, legal and financial data is kept secure.
The practical implications of the new rules that require tech companies to seek pre-approval from the Home Office before introducing new product security features are significant. It could slow down or prevent the release of vital security patches as companies await permission from the state, compromising product safety.
Tech companies could also cease developing new products and features or withdraw existing ones. Apple has warned that it could be forced to remove services like Facetime and iMessage from British users because they will not weaken security globally for the UK government.
There are far smarter ways to protect children than undermining encryption.
Metadata could be used to track problematic behaviour and identify potential perpetrators. Police could be better resourced to take advantage of this data and existing reporting mechanisms. Criminal law could be strengthened to punish actual perpetrators. Gareth Mellor, an assistant head teacher caught with 11,500 indecent images and videos of children, was recently given just a two-year suspended sentence and 200 hours of community service. This hardly seems like justice.
The government’s anti-encryption efforts will make British users less safe, enable more criminal behaviour and could mean the loss of features and products.
A better approach is needed.