UK Online Safety bill could compromise encryption, privacy experts warn

As the controversial legislation makes its way back to the Parliament next month, privacy and cybersecurity experts warn that the bill will make UK businesses more susceptible to cyberattacks and intellectual property theft.

uk united kingdom fallback generic shutterstock 1666920130
Angyalosi Beata/Shutterstock

In response to the news that UK Prime Minister Rishi Sunak will be bringing the Online Safety Bill back to Parliament in December, 70 organizations, cybersecurity experts, and elected officials have signed an open letter, highlighting their concerns that the legislation could attack end-to-end encryption.

“Encryption is critical to ensuring internet users are protected online, to building economic security through a pro-business UK economy that can weather the cost of living crisis, and to assuring national security,” said the letter, whose signatories include Global Encryption Coalition members.

“UK businesses are set to have less protection for their data flows than their counterparts in the United States or European Union, leaving them more susceptible to cyber-attacks and intellectual property theft,” the letter noted.

Opponents of the bill have repeatedly argued that the legislation’s current provisions will erode encryption in private communications, reduce internet safety for UK citizens and businesses, and compromise freedom of speech.

The letter ultimately calls for clauses that could undermine the technology to be removed from the bill, citing “economic security, a free society and the safest internet possible for UK citizens.”

The Online Safety Bill aims to protect people who use online services from material, which is legal but harmful, by giving a duty of care to large technology companies that provide online services, in addition to a responsibility to remove illegal content. A white paper outlining the bill’s proposals was first published in 2019 however, the resignation of former Prime Minister Boris Johnson saw the legislation withdrawn from the Parliamentary timetable.

Despite the country now being on the fourth Prime Minister and seventh culture secretary since the white paper was first published, Sunak has said the bill would make its way back into parliament as soon as December, albeit with some potential amendments.

During the Conservative Party leadership race over the summer, Sunak said that while he supported the general aims of the bill, he was concerned about its potential to suppress freedom of expression, since the British government would have the ability to designate information as “legal but harmful”.

“I think it’s fair that people have raised some concerns about that and its impact on free speech. And I think it's right that those concerns are properly addressed,” he said during his leadership bid.

As a result, Secretary of State for Digital Michelle Donelan, confirmed last month that provisions in the bill dealing with “legal but harmful speech” would be changed. 

This is not the first time late stage amendments to the bill have been tabled. In March 2022, the government announced it would be adding new requirements to its Online Safety Bill that will hold social media platforms and search engines accountable for scam or fraudulent adverts that appear on their sites.

Copyright © 2022 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)