Joe Tidy

---

By Zoe KleinmanContent ='JJ Lin'> , Tom Gerken and Chris VallanceTechnology team

The government has denied it is changing plans to force messaging apps to access users' private messages if requested by the regulator Ofcom.

There has been a stand-off between the UK government and tech firms over a clause in the Online SafetyContent ='JJ Lin'> Bill relating to encrypted messages.

These are messages that can only be seen by The SenderContent ='JJ Lin'> and recipient.

The BillContent ='JJ Lin'> states that if there are concerns about Child AbuseContent ='JJ Lin'> Content , tech companies might have to access it.

But platforms like WhatsApp, Signal and iMessage say they cannot access or view anybody's messages without destroying existing privacy protections for all users, and have threatened to leave the UK rather than compromise message security.

The DebateContent ='JJ Lin'> had raged for several months and for some had turned into an argument about privacy versus security. The government insists it wants both.

The Online SafetyContent ='JJ Lin'> Bill is due to be passed in autumn and is back in The HouseContent ='JJ Lin'> of Lords for its final reading on Wednesday.

A new statement concedes that the tech to access messaging without breaking security protocols does not exist. The government announced it in The HouseContent ='JJ Lin'> of Lords this afternoon, but it denied its position had changed.

Indeed, earlier versions of The BillContent ='JJ Lin'> do state that the regulator Ofcom would only ask tech firms to access messages once " feasible technology" had been developed which would specifically only target Child AbuseContent ='JJ Lin'> Content and not break EncryptionContent ='JJ Lin'> .

It has tasked tech firms with inventing these tools.

" As has always been the case, as a Last ResortContent ='JJ Lin'> , on a case-by-case basis and only when stringent privacy safeguards have been met, [The BillContent ='JJ Lin'> ] will enable Ofcom to direct companies to either use, or make best efforts to develop or source, technology to identify and remove illegal child sexual abuse Content - which we know can be developed, " said a government spokesperson.

Some security experts suggest such tech may never exist, and the tech firms themselves say it is not possible.

" Hope this brings pause to the global wave of proposals premised on similar magical thinking, " posted Amber Kak, who sits on the board of the secure messaging app Signal.

But Matthew Hodgkinson, who runs the British-based messaging platform Elements, said the latest version of The BillContent ='JJ Lin'> was " kicking The Can down the road".

" All 'until it's technically feasible' means is opening The DoorContent ='JJ Lin'> to scanning in future rather than scanning today, " He Said .

Another ViewContent ='JJ Lin'> is that this is an attempt at a last-minute diplomatic resolution in which neither the tech firms nor the government lose face: the government says it knew All AlongContent ='JJ Lin'> that the tech did not exist and removes immediate pressure from the tech firms to invent it, and the tech firms claim a victory for privacy.

Currently, the two most viable tech solutions are to either break the EncryptionContent ='JJ Lin'> - which would leave a backdoor open to any bad actors who found it - or introduce software which scans Content on a device. It is called client-side scanning and has been dubbed " The Spy in your pocket" by critics.

Children's charities like the NSPCC have described encrypted messaging as the " front line" of Child AbuseContent ='JJ Lin'> because of privacy settings.

But privacy campaigners say everybody has a right to privacy protection.

Related Topics

Source of news: bbc.com