UK minister defends plan to demand access to encrypted messages | Privacy

The technology secretary has defended the online safety bill’s push to force messaging apps to access private messages if requested by the communications watchdog.

Michelle Donelan said the move, strongly opposed by secure messaging firms and privacy campaigners, was necessary to combat child abuse.

“I, like you, want my privacy because I don’t want people reading my private messages [ …] however we do know that on some of these platforms, they are hotbeds sometimes for child abuse and sexual exploitation.” Donelan told the BBC.

“And we have to be able to access that information should that problem occur,” Donelan added.

This comes after several security and privacy academics have warned that the online safety bill could threaten safety if it undermines robust encryption.

“Technology is in development to enable you to have encryption as well as to be able to access this particular information and the safety mechanism that we have is very explicit that this can only be used for child exploitation and abuse,” Donelan added.

The technical heads of GCHQ and the UK’s National Cybersecurity Centre have argued that a technology, called client-side scanning, could protect children and privacy at the same time. It involves installing software on to a device, which scans contentand sends alerts if triggered.

Tech firms, including WhatsApp and Signal, have said that they could withdraw from the market rather than undermine their encrypted messaging systems and compromise the security of their users.

End-to-end encryption means that even the company messaging service cannot access or view the contents. Content can only be viewed by the sender and the recipient.

At present, several messaging platforms, including WhatsApp and iMessage, use encrypted messaging as a security feature by default.

The online safety bill has caused controversy because of the government’s proposal that encrypted messages, specifically those that are understood to be a risk to children, be made accessible. The bill is due to be passed in autumn.

Earlier this year, a Home Office spokesperson said: “It is not a choice between privacy or child safety – we can and we must have both.”

This week, MPs called on the UK government to tackle “tech abuse,” in a report that called for action to protect the privacy and rights of children.

The government also amended the bill to allow Ofcom to obtain information on a child’s social media use if it is requested by a coroner. This is intended to help families and law enforcement understand if a child’s online activity contributed to their death in any way.

This comes after the death of 14-year-old Molly Russell, who died from an act of self-harm while suffering from depression and the negative effects of online content.

Matthew Hodgson, the CEO and co-founder of secure messaging app Element, said, in response to Donelan’s comments: “The government still does not understand how technology or encryption works, despite numerous experts explaining this to them.

“Its own ‘safety tech challenge fund’ failed to deliver an impossible solution to scan messages without breaking encryption. What more will it take for the government to finally accept how encryption works? For a ‘tech positive’ government, it might want to listen to British tech companies.”