WhatsApp could refuse to comply with Online Safety Bill, company says

WhatsApp's encryption has been questioned

WhatsApp would rather be blocked in the UK than undermine its encrypted-messaging system under the Online Safety Bill, the company has said.

Will Cathcart, Meta’s head of WhatsApp, has described the bill as the most concerning piece of legislation currently being discussed in the Western world.

The executive told reporters the company would refuse to comply if asked to weaken the privacy of encrypted messages, preferring to leave the UK than provide a less-secure service to users. 

“We’ve recently been blocked in Iran, for example. But we’ve never seen a liberal democracy do that,” said Cathcart. “The reality is, our users all around the world want security. Ninety-eight per cent of our users are outside the UK. They do not want us to lower the security of the product, and just as a straightforward matter, it would be an odd choice for us to choose to lower the security of the product in a way that would affect those 98 per cent of users.”

The Online Safety Bill has been presented by the government as a ground-breaking law that will protect the privacy and safety of children in the digital sphere.

The bill, which is currently making its way through Parliament, is set to require tech giants like Facebook and Google to protect users from harmful content for the first time, with penalties for breaching the new rules including fines of up to 10 per cent of their annual turnover.

Although the legislation has been celebrated by children’s charities, free speech advocates and IT experts have criticised the requirement for companies to use “accredited technology” to scan users’ messages to identify and remove child sexual abuse material. 

The bill does not say how these scans would be implemented, but security researchers say they’re impossible to introduce without breaking end-to-end encryption. 

Moreover, safe-messaging applications such as WhatsApp and Signal have said they cannot read messages sent over its own service, and so they would be unable to comply with law-enforcement requests to hand over messages, or pleas to actively monitor communications.

Last month, the president of Signal, Meredith Whittaker, said the company “would absolutely 100 per cent walk [away from the UK] rather than ever undermine the trust that people place in us to provide a truly private means of communication”.

The companies have criticised the implications that this type of legislation would have for privacy laws worldwide. 

“When a liberal democracy says, ‘Is it OK to scan everyone’s private communication for illegal content?’ that emboldens countries around the world that have very different definitions of illegal content to propose the same thing,” Cathcart said.

Nonetheless, the National Society for the Prevention of Cruelty to Children (NSPCC) has highlighted the growing numbers of grooming and child-abuse-image crimes recorded in the UK. For every day the bill is delayed, the NSPCC estimates that more than 100 grooming and other such crimes could have been recorded, the charity said.

“Experts have demonstrated that it’s possible to tackle child-abuse material and grooming in end-to-end encrypted environments,” said the charity’s Richard Collard. “It is not a choice between privacy or child safety – we can and we must have both.”

Earlier this year, Prime Minister Rishi Sunak’s Conservative administration promised to amend the bill to introduce prison sentences for managers that fail to protect children from online harm. The proposal was pushed for by nearly 50 Conservative MPs, with the backing of the Labour Party. 

The Online Safety Bill is expected to pass later in 2023.

Leave a Reply

Your email address will not be published. Required fields are marked *