What just happened? Messaging platforms WhatsApp and Signal have said they would refuse to weaken their encryption in the UK and will walk away from the country if forced to do so. The ultimatums come as the UK government prepares to discuss the Online Safety Bill, which seeks to prohibit end-to-end encryption in the country.
WhatsApp chief Will Cathcart made the statement during a visit to the UK to discuss internet regulations with legislators.
“It’s a remarkable thing to think about. There isn’t a way to change it in just one part of the world. Some countries have chosen to block it: that’s the reality of shipping a secure product. We’ve recently been blocked in Iran, for example. But we’ve never seen a liberal democracy do that,” said Cathcart, as per The Guardian.
“The reality is, our users all around the world want security. Ninety-eight percent of our users are outside the UK. They do not want us to lower the security of the product, and just as a straightforward matter, it would be an odd choice for us to choose to lower the security of the product in a way that would affect those 98% of users.”
It’s not just WhatsApp that is threatening to leave the UK if the Online Safety Bill forces companies to weaken encryption. Meredith Whittaker, the president of Signal, last month said the company “would absolutely 100 percent walk rather than ever undermine the trust that people place in us to provide a truly private means of communication.”
While the bill doesn’t specifically mention weakening encryption, it could lead to that. It requires companies to use “accredited technology” to scan users’ messages for child sexual abuse material or CSAM, something that many believe would be impossible without removing end-to-end encryption.
If WhatsApp refused to comply with the bill, its parent company Meta could face fines of up to 4% of its annual turnover. Meta recorded revenue of $116 billion last year. Signal would face the same punishment for not complying.
The situation is reminiscent of Apple’s plans to scan all iPhones and iCloud accounts in the US for CSAM in 2021. That caused so much criticism and controversy that Apple decided to scrap the idea a year later.
Cathcart says one possible solution would be for the bill to explicitly state that end-to-end encryption should not be taken away – something found in similar legislation outside of the UK. “There can be more procedural safeguards so that this can’t just happen independently as a decision,” Cathcart said. He also wants private messaging excluded entirely from the Online Safety Bill.
Back in October, OnlyFans said it wanted to move away from its image as a paid-for porn site, likely the result of the Online Safety Bill’s requirement for tech companies to protect their users from “legal but harmful” content. OnlyFans will have been happy when that section of the bill was removed in November.
The Online Safety Bill is expected to return to parliament this summer.