UK online safety law would ‘compromise privacy', says WhatsApp

In a statement introducing an open letter published on its website, WhatsApp claimed the law would make people “less safe” and criticised attempts to allow governments to see encrypted messages on communications platforms.

The Online Safety Bill, which had its second reading in parliament on Monday, could allow Ofcom to platforms to monitor users to identify and combat child abuse images, which the government has said does not undermine privacy on the platforms.

However, WhatsApp and other encrypted platforms have suggested the changes would undermine their end-to-end encryption model and would be willing to withdraw from the UK rather than change their privacy rules.

“The UK government is currently considering new legislation that opens the door to trying to force technology companies to break end-to-end encryption on private messaging services,” the WhatsApp statement said.

“We don’t think any company, government or person should have the power to read your personal messages and we’ll continue to defend encryption technology.

“We’re proud to stand with other technology companies in our industry pushing back against the misguided parts of this law that would make people in the UK and around the world less safe.”

The letter said that the Online Safety Bill, as currently drafted, would open the door to the routine, general and indiscriminate surveillance of personal messages.

“The bill provides no explicit protection for encryption, and if implemented as written, could empower Ofcom to try to force the proactive scanning of private messages on end-to-end encrypted communication services – nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users.

“In short, the bill poses an unprecedented threat to the privacy, safety and security of every UK citizen and the people with whom they communicate around the world, while emboldening hostile governments who may seek to draft copy-cat laws.”

The letter concludes: “Global providers of end-to-end encrypted products and services cannot weaken the security of their products and services to suit individual governments. There cannot be a ‘British internet’, or a version of end-to-end encryption that is specific to the UK.

“The UK government must urgently rethink the bill, revising it to encourage companies to offer more privacy and security to its residents, not less. Weakening encryption, undermining privacy, and introducing the mass surveillance of people’s private communications is not the way forward.”

Signatories of the open letter were Matthew Hodgson, chief executive at Element; Alex Linton, director at OPTF/Session; Meredith Whittaker, president at Signal; Martin Blatter, chief executive at Threema; Ofir Eyal, chief executive at Viber; Will Cathcart, head of WhatsApp at Meta; and Alan Duric, chief technology officer at Wire.