Categories
News

70 organizations, cyber security experts, and elected officials sign open letter expressing dangers of the UK’s Online Safety Bill

On 24 November, seventy civil society organizations, companies, elected officials, and cybersecurity experts, including Global Encryption Coalition members, published an open letter to British Prime Minister Rishi Sunak highlighting their concerns with the threat that the United Kingdom’s Online Safety Bill poses to end-to-end encryption.


Dear Prime Minister Sunak,

With cyber attacks becoming ever-more frequent and sophisticated,[1] the reliance of UK citizens and businesses on end-to-end encryption to keep themselves safe and secure has never been greater.

Encryption is critical to ensuring Internet users are protected online, to building economic security through a  pro-business UK economy that can weather the cost of living crisis, and to assuring national security. As you begin your new role as Prime Minister, the undersigned civil society organisations and companies, including members of the Global Encryption Coalition,[2] urge you and your government to ensure that encryption is not weakened.

Despite its intention to make the UK safer, the Online Safety Bill currently contains clauses that would erode end-to-end encryption in private messaging. As noted in a recent letter by leading UK digital rights organisations, the Bill poses serious threats to privacy and security in the UK “by creating a new power to compel online intermediaries to use ‘accredited technologies’ to conduct mass scanning and surveillance of all citizens on private messaging channels.”[3] Leading cybersecurity experts have made clear that even message scanning, mistakenly cited as safe and effective by its proponents, actually “creates serious security and privacy risks for all society while the assistance it can provide for law enforcement is at best problematic.”[4] 

Undermining protections for end-to-end encryption would make UK businesses and individuals less safe online, including the very groups that the Online Safety Bill intends to protect. Furthermore, because the right to privacy and freedom of expression are intertwined, these proposals would undermine freedom of speech, a key characteristic of free societies that differentiate the UK from aggressors that use oppression and coercion to achieve their aims.

UK businesses are set to have less protection for their data flows than their counterparts in the United States or European Union, leaving them more susceptible to cyber-attacks and intellectual property theft. UK digital businesses will also face new challenges in foreign markets. When Australia passed a similar law undermining end-to-end encryption in 2018, the Australian digital industry lost an estimated $AUS 1 billion in current and forecast sales and further losses in foreign investment as a result of decreased trust in their products.[5] As the UK economy faces significant challenges in the wake of COVID-19 and the impacts of the War in Ukraine, it is critical that the Bill does not undermine UK tech leadership and economic security.[6]

Undermining end-to-end encryption or introducing content scanning obligations for private messaging will also remove protections for private citizens’ data. Opening a backdoor for scanning also opens a backdoor for cyber criminals intent on accessing our bank account details, private messages and even the pictures we share online privately with family and friends. We all deserve the protection that end-to-end encryption provides, but the most vulnerable in society – children and members of at-risk communities – need it most of all.

For economic security, a free society and the safest Internet possible for UK citizens, we call upon you and the UK government to ensure that the Online Safety Bill does not undermine end-to-end encryption.    

Signatories*

Access Now

The Adam Smith Institute

Advocacy for Principled Action in Government 

Aspiration

Associação Portuguesa para a Promoção da Segurança da Informação (AP2SI)

Betapersei, S.C.

Big Brother Watch

Blacknight Internet Solutions Ltd

Jon Callas, Director of Public Interest Technology, EFF

L. Jean Camp, Professor, Indiana University

Center for Data Innovation

Center for Democracy and Technology

Center for New Liberalism 

Centre for Policy Studies 

CIPPIC (Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic)

Lord Tim Clement-Jones

Collaboration on International ICT Policy for East and Southern Africa

comun.al, Digital Resilience Lab

CRYPTO ID – BRAZIL

DNS Africa Media and Communications

Electric Coin Co. (creators and supporters of Zcash)

Electronic Frontier Foundation

Encrypt Uganda

Fight for the Future

Global Partners Digital

Markéta Gregorová, Member of the European Parliament

Index on Censorship

Dr. Philip Inglesant

Internet Freedom Foundation, India

Internet Society

Internet Society – Brazil Chapter

Internet Society Catalan Chapter

Internet Society Côte d’Ivoire Chapitre

Internet Society Colombia Chapter

Internet Society Ghana Chapter

Internet Society India Hyderabad Chapter

Internet Society Tanzania Chapter 

Internet Society Tchad chapter 

Internet Society Liberia Chapter 

Internet Society Niger Chapter

Internet Society Portugal Chapter

Internet Society UK England Chapter

Interpeer gUG (haftungsbeschraenkt)

JCA-NET(Japan)

Kijiji Yeetu

C. de Larrinaga

Matthew Lesh, Head of Public Policy, Institute of Economic Affairs

Liberty

MEGA

Alec Muffett, Security Researcher

New America’s Open Technology Institute 

Numex

OpenMedia

Open Rights Group

Organization for Identity and Cultural Development

Ranking Digital Rights

People’s Privacy Network

Chip Pitts

Sharon Polsky MAPP, President, Privacy & Access Council of Canada

Runa Sandvik, Founder, Granitt

Jamie Stone MP, Liberal Democrats

Superbloom

Surfshark

Susan Landau, Bridge Professor of Cyber Security and Policy, Tufts University 

Tech for Good Asia

The Tor Project

Tutanota

TwelveDot Incorporated

University of Bosaso

Phil Zimmermann

*Affiliations listed for identification purposes only

[1] https://www.gov.uk/government/news/businesses-urged-to-boost-cyber-standards-as-new-data-reveals-nearly-a-third-of-firms-suffering-cyber-attacks-hit-every-week

[2] With over 300 members distributed across every region of the world, the Global Encryption Coalition promotes and defends encryption in key countries and multilateral fora where it is under threat. It also supports efforts by companies to offer encrypted services to their users. https://www.globalencryption.org/

[3] https://cloud.openrightsgroup.org/nextcloud/s/irGJD4GSRx3d4Mb

[4] https://arxiv.org/abs/2110.07450

[5] https://www.internetsociety.org/news/press-releases/2021/new-study-finds-australias-tola-law-poses-long-term-risks-to-australian-economy/

[6] https://www.gov.uk/government/news/uk-tech-sector-achieves-best-year-ever-as-success-feeds-cities-outside-london