The Online Safety Bill puts the security of all citizens and communities at risk
The Internet Society say that to ensure the safety of everyone online, we must address the roots of the problem | Credit: Alamy
Prohibiting end-to-end encryption is not the way to keep people safe online in an increasingly unstable world.
As we emerge from the grip of a pandemic that drove more people online than ever for work, school, business, and staying connected to loved ones, digital security has never been more important.
And yet 68 million Britons are at risk of losing their greatest digital security shield: encryption.
End-to-end encryption protects our family photographs, messages to friends and family, financial information, and the commercially sensitive data of British businesses.
It keeps us safer in a world where connected devices are ubiquitous in our physical lives: end-to-end encryption secures connected homes, cars, children’s toys, and much more. It also secures the communications of MPs, ministers and civil servants.
The draft Online Safety Bill puts the personal and physical security of all citizens and their communities at risk of harm because it undermines –and in some cases effectively prohibits– end-to-end encryption.
The bill that purports to improve safety actually forces service providers to reduce users’ security by making them, the service providers, liable for behaviour over which they have no legitimate control.
This doesn’t add up. We don’t make car manufacturers liable for the way people drive, any more than we would make the Post Office liable for what people write in their letters.
Faced with liability for users' actions and content, service providers are likely to either withdraw encrypted services from the market, or only offer services with flawed security. Criminals –and indeed hostile governments– will find those flaws, exploit them, and harm the UK’s citizens, businesses, and national interests.
The Internet Society and more than 30 organizations, companies and trade associations agree that the Online Safety Bill’s threat to the security and privacy of the UK citizens and businesses far outweigh the potential good.
The Online Safety Bill does far more to undermine citizens’ rights and safety than it does to protect them.
Advocacy groups are alarmed by the threat the bill poses to children’s rights, and the chilling effect lower security and privacy would have on freedom of speech.
Internet-focused non-profits are troubled by the impact of the Bill on online trust; British trade associations are concerned by the negative economic impacts of the Bill, particularly in the already unstable economic environment created by Brexit and a global pandemic.
We all want to make sure technology empowers and protects citizens. However, the security-eroding measures of the Online Safety Bill make that impossible. This Bill implies that you can fix online crime by attacking the technology. And yet it has little or nothing to say about the causes. As a result, it will damage online trust and safety, and all those who rely on it, while failing to address the roots of the problem.
Government Ministers can’t conduct their own business without confidential conversations. They won’t be able to keep the country safe by outlawing encryption, and they won’t protect citizens by taking away their ability to communicate securely.
The Online Safety Bill does far more to undermine citizens’ rights and safety than it does to protect them. The Home Office cannot keep people safe by taking away their strongest security shield – and should not endorse a bill that gives people the illusion of safety.
Robin Wilton is the Internet Society’s Director, Internet Trust. He is a specialist in online privacy and digital identity, with over 30 years’ experience in systems engineering, consulting and industry analyst roles.
Get the inside track on what MPs and Peers are talking about. Sign up to The House's morning email for the latest insight and reaction from Parliamentarians, policy-makers and organisations.