Menu Close

70 organizations, cyber security experts, and elected officials sign open letter expressing dangers of the UK’s Online Safety Bill

 

On 24 November, seventy civil society organizations, companies, elected officials, and cybersecurity experts, including Global Encryption Coalition members, published an open letter to British Prime Minister Rishi Sunak highlighting their concerns with the threat that the United Kingdom’s Online Safety Bill poses to end-to-end encryption.


Dear Prime Minister Sunak,

With cyber attacks becoming ever-more frequent and sophisticated,[1] the reliance of UK citizens and businesses on end-to-end encryption to keep themselves safe and secure has never been greater.

Encryption is critical to ensuring Internet users are protected online, to building economic security through a  pro-business UK economy that can weather the cost of living crisis, and to assuring national security. As you begin your new role as Prime Minister, the undersigned civil society organisations and companies, including members of the Global Encryption Coalition,[2] urge you and your government to ensure that encryption is not weakened.

Despite its intention to make the UK safer, the Online Safety Bill currently contains clauses that would erode end-to-end encryption in private messaging. As noted in a recent letter by leading UK digital rights organisations, the Bill poses serious threats to privacy and security in the UK “by creating a new power to compel online intermediaries to use ‘accredited technologies’ to conduct mass scanning and surveillance of all citizens on private messaging channels.”[3] Leading cybersecurity experts have made clear that even message scanning, mistakenly cited as safe and effective by its proponents, actually “creates serious security and privacy risks for all society while the assistance it can provide for law enforcement is at best problematic.”[4]

Undermining protections for end-to-end encryption would make UK businesses and individuals less safe online, including the very groups that the Online Safety Bill intends to protect. Furthermore, because the right to privacy and freedom of expression are intertwined, these proposals would undermine freedom of speech, a key characteristic of free societies that differentiate the UK from aggressors that use oppression and coercion to achieve their aims.

UK businesses are set to have less protection for their data flows than their counterparts in the United States or European Union, leaving them more susceptible to cyber-attacks and intellectual property theft. UK digital businesses will also face new challenges in foreign markets. When Australia passed a similar law undermining end-to-end encryption in 2018, the Australian digital industry lost an estimated $AUS 1 billion in current and forecast sales and further losses in foreign investment as a result of decreased trust in their products.[5] As the UK economy faces significant challenges in the wake of COVID-19 and the impacts of the War in Ukraine, it is critical that the Bill does not undermine UK tech leadership and economic security.[6]

Undermining end-to-end encryption or introducing content scanning obligations for private messaging will also remove protections for private citizens’ data. Opening a backdoor for scanning also opens a backdoor for cyber criminals intent on accessing our bank account details, private messages and even the pictures we share online privately with family and friends. We all deserve the protection that end-to-end encryption provides, but the most vulnerable in society – children and members of at-risk communities – need it most of all.

For economic security, a free society and the safest Internet possible for UK citizens, we call upon you and the UK government to ensure that the Online Safety Bill does not undermine end-to-end encryption.

Signatories*

Access Now

The Adam Smith Institute

Advocacy for Principled Action in Government

Aspiration

Associação Portuguesa para a Promoção da Segurança da Informação (AP2SI)

Betapersei, S.C.

Big Brother Watch

Blacknight Internet Solutions Ltd

Jon Callas, Director of Public Interest Technology, EFF

L. Jean Camp, Professor, Indiana University

Center for Data Innovation

Center for Democracy and Technology

Center for New Liberalism

Centre for Policy Studies

CIPPIC (Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic)

Lord Tim Clement-Jones

Collaboration on International ICT Policy for East and Southern Africa

comun.al, Digital Resilience Lab

CRYPTO ID – BRAZIL

DNS Africa Media and Communications

Electric Coin Co. (creators and supporters of Zcash)

Electronic Frontier Foundation

Encrypt Uganda

Fight for the Future

Global Partners Digital

Markéta Gregorová, Member of the European Parliament

Index on Censorship

Dr. Philip Inglesant

Internet Freedom Foundation, India

Internet Society

Internet Society – Brazil Chapter

Internet Society Catalan Chapter

Internet Society Côte d’Ivoire Chapitre

Internet Society Colombia Chapter

Internet Society Ghana Chapter

Internet Society India Hyderabad Chapter

Internet Society Tanzania Chapter

Internet Society Tchad chapter

Internet Society Liberia Chapter

Internet Society Niger Chapter

Internet Society Portugal Chapter

Internet Society UK England Chapter

Interpeer gUG (haftungsbeschraenkt)

JCA-NET(Japan)

Kijiji Yeetu

C. de Larrinaga

Matthew Lesh, Head of Public Policy, Institute of Economic Affairs

Liberty

MEGA

Alec Muffett, Security Researcher

New America’s Open Technology Institute

Numex

OpenMedia

Open Rights Group

Organization for Identity and Cultural Development

Ranking Digital Rights

People’s Privacy Network

Chip Pitts

Sharon Polsky MAPP, President, Privacy & Access Council of Canada

Runa Sandvik, Founder, Granitt

Jamie Stone MP, Liberal Democrats

Superbloom

Surfshark

Susan Landau, Bridge Professor of Cyber Security and Policy, Tufts University

Tech for Good Asia

The Tor Project

Tutanota

TwelveDot Incorporated

University of Bosaso

Phil Zimmermann

*Affiliations listed for identification purposes only

[1] https://www.gov.uk/government/news/businesses-urged-to-boost-cyber-standards-as-new-data-reveals-nearly-a-third-of-firms-suffering-cyber-attacks-hit-every-week

[2] With over 300 members distributed across every region of the world, the Global Encryption Coalition promotes and defends encryption in key countries and multilateral fora where it is under threat. It also supports efforts by companies to offer encrypted services to their users. https://www.globalencryption.org/

[3] https://cloud.openrightsgroup.org/nextcloud/s/irGJD4GSRx3d4Mb

[4] https://arxiv.org/abs/2110.07450

[5] https://www.internetsociety.org/news/press-releases/2021/new-study-finds-australias-tola-law-poses-long-term-risks-to-australian-economy/

[6] https://www.gov.uk/government/news/uk-tech-sector-achieves-best-year-ever-as-success-feeds-cities-outside-london

Article: 70 organizations, cyber security experts, and elected officials sign open letter expressing dangers of the UK’s Online Safety Bill

Leave a Reply

Your email address will not be published. Required fields are marked *

(UN General Assembly, 1948) The Universal Declaration of Human Rights: 1. All human beings are free and equal 2. No discrimination 3. Right to life 4. No slavery 5. No torture and inhuman treatment 6. Same right to use law 7. Equal before the law 8. Right to be treated fair by court 9. No unfair detainment 10. Right to trial 11. Innocent until proved guilty 12. Right to privacy 13. Freedom to movement and residence 14. Right to asylum 15. Right to nationality 16. Rights to marry and have family 17. Right to own things 18. Freedom of thought and religion 19. Freedom of opinion and expression 20. Right to assemble 21. Right to democracy 22. Right to social security 23. Right to work 24. Right to rest and holiday 25. Right of social service 26. Right to education 27. Right of cultural and art 28. Freedom around the world 29. Subject to law 30. Human rights can’t be taken away