An unenforceable and entirely politically-motivated law that could have seen Apple iMessages and WhatsApp withdraw from the UK has been watered down to a face-saving compromise.
The UK’s calamitous decision to leave the European Union has left it with a raft of systemic problems that now include its school buildings being unsafe, but its politicians have attempted to divert attention by talking up an absurd Online Safety Bill. If it had passed in its original form, it would have required Apple and other firms to effectively shut down the end-to-end encryption that is needed for privacy.
Today the law has its final debate in Parliament, but ahead of that, the Financial Times says that regulator Ofcom will introduce a new clause that effectively ends it. The law will most likely pass the debate, but it will be rendered powerless.
Originally, it said that companies like Apple would be required to allow the UK government to scan and monitor any phone, ostensibly in order to search for child abuse images. Now it still says that, but with a significant climb-down.
“A notice [to companies such as Apple] can only be issued,” says Ofcom’s amending statement, “where technically feasible and where technology has been accredited as meeting minimum standards of accuracy in detecting only child sexual abuse and exploitation content.”
No such technology exists today, nor is it feasible that there will ever be a system that only allows the good guys to break end-to-end encryption.
So the law is dead, iMessages, FaceTime and WhatsApp will continue unaffected, but the UK government can still get a news cycle in which it claims to have come down hard on Big Tech.
However, it isn’t just Big Tech firms that objected to the proposals. Security experts in the UK signed an open letter against the plans. Nor is this a new issue: in 2017 a former head of British Intelligence service MI5 decried plans to break end-to-end encryption, too.
As recently as August 2023, however, the UK government was insisting that the proposals were not anti-encryption.
So the climbdown is not because of technology arguments, or security, or following advice, it appears to be directly in response to Apple and WhatsApp announcing that they would withdraw their services from the UK.
UK’s history of politics over technology
Surprisingly, the climbdown does indicate a greater degree of listening to technology firms than before. Previously, for example, the UK has said that it was in deep discussions with Apple over gaining access to iOS for its COVID app — and Apple says it wasn’t even contacted.
That COVID app was the UK’s own, created when the government originally eschewed Apple and Google’s app system in favor of one that would harvest users’ data for later resale.
Or it would have done, if it had worked. Eventually giving up on the idea after spending $15.6 million on it, the then Prime Minister Boris Johnson said the UK would adopt Apple and Google’s system, but also said it wouldn’t work.
“If we can get it to work it’ll be a fine thing,” he announced, “but there isn’t one anywhere in the world so far.”
When he said this, France, Germany, Australia, Singapore and Latvia had already launched their apps — and Germany had made its source code freely available to any country.