Controversial UK legislation known as the Online Safety Bill is moving closer to law. It is worrying digital rights advocates.
The UK is moving forward with a controversial piece of legislation known as the Online Safety Bill. Digital rights advocates have warned about the dangers of the legislation, pointing out that it not only puts the safety of British citizens at risk, but also the security of people all over the world.
Last year, we covered the legislation, describing it as Australia’s disastrous anti-encryption laws and Canada’s Online Harms proposal all rolled into one giant disaster.
Briefly, for the anti-encryption side of things, the Online Safety Bill mandates back doors for encrypted communications. It’s a critically flawed concept where all encrypted communication have a back door that only authorities can use to access said communications. This while allegedly “keeping the bad guys out”. Any security expert worth their own salt will quickly point out that there is no such thing as a safe back door that only law enforcement can access. Instead, it just weakens that encryption, making the internet as a whole a less secure place.
For the online harms side of things, the idea is that offensive material should be an offence worthy of jail time. It’s a terrifying concept because such a law could easily be used to jail dissenting voices. So, for example, if a politician denies that climate change is real, then someone online points out that there is plenty of research concluding that climate change is real, then that politician can demand that that person be thrown in jail because they were being offensive by pointing this out. Conversely, if a politician believes that the country needs tougher gun regulations, then someone calls that politician an idiot for saying that, that politician, equally, could have that person thrown in jail for being offensive. It’s a situation that works both ways.
If that weren’t bad enough, the bill also has age verification thrown into the policy toxic sludge. If you so much as want to access content deemed questionable, then be prepared to be forced to fork over your drivers license to do so. This is an absolute privacy nightmare because it is already a massive problem that there is too much personal information floating around today – legally obtained or otherwise. So, the last thing you want is laws that compel even more personal information be put on the internet. Yet, that is exactly what this law does. As a result, it puts more innocent people in danger of things like doxxing and harassment.
Whether it is on the security side of things or suppression side of things, this bill is set to unleash a lot of damage onto the internet. Yet, despite the fact that a lot of people have come forward to denounce this legislation for perfectly legitimate reasons, UK politicians pushing this bill have lashed out against those critics, calling them “extreme libertarians“. I don’t know about you, but asking for better privacy safeguards and protections for free speech in the face of a massive rollback of both isn’t exactly an extreme point of view. It’s actually more than reasonable.
Recently, the Electronic Frontier Foundation (EFF) is noting that the Online Safety Bill is getting close to passage. From the EFF:
If it passes, the Online Safety Bill will be a huge step backwards for global privacy, and democracy itself. Requiring government-approved software in peoples’ messaging services is an awful precedent. If the Online Safety Bill becomes British law, the damage it causes won’t stop at the borders of the U.K.
The sprawling bill, which originated in a white paper on “online harms” that’s now more than four years old, would be the most wide-ranging internet regulation ever passed. At EFF, we’ve been clearly speaking about its disastrous effects for more than a year now.
It would require content filtering, as well as age checks to access erotic content. The bill also requires detailed reports about online activity to be sent to the government. Here, we’re discussing just one fatally flawed aspect of OSB—how it will break encryption.
In response to this outpouring of resistance, the U.K. government’s response has been to wave its hands and deny reality. In a response letter to the House of Lords seen by EFF, the U.K.’s Minister for Culture, Media and Sport simply re-hashes an imaginary world in which messages can be scanned while user privacy is maintained. “We have seen companies develop such solutions for platforms with end-to-end encryption before,” the letter states, a reference to client-side scanning. “Ofcom should be able to require” the use of such technologies, and where “off-the-shelf solutions” are not available, “it is right that the Government has led the way in exploring these technologies.”
The letter refers to the Safety Tech Challenge Fund, a program in which the U.K. gave small grants to companies to develop software that would allegedly protect user privacy while scanning files. But of course, they couldn’t square the circle. The grant winners’ descriptions of their own prototypes clearly describe different forms of client-side scanning, in which user files are scoped out with AI before they’re allowed to be sent in an encrypted channel.
This is just repeating a fallacy that we’ve heard for years: that if tech companies can’t create a backdoor that magically defends users, they must simply “nerd harder.”
From the Canadian perspective, this is especially troubling because Canada currently has its own Online Harms legislation coming down the pipe as we speak. It hasn’t been released, so details are not necessarily publicly available. What’s more, it has seemingly been delayed and it has caused a great deal of stress for experts and observers alike.
If the UK Online Safety Bill is passed, it will give proponents of the Online Harms proposal more ammunition to demand that a similarly disastrous bill be passed here. We saw that with the link tax legislation with proponents beating to death the Australian example and saying that things will just magically work out here. Every time a valid criticism was brought forward in the link tax legislation, the government and the handful of proponents pushed back with “but Australia!” If the Online Safety Bill is passed in the UK, the same will likely happen in Canada with valid criticisms being pushed back with “but Britain!” This regardless of what actually goes down.
So, people from all over the world have reason to be nervous about this legislation. Canadians have an especially big reason to worry given what is going on in this country. While we can all hope that this bill gets shelved, it’s hard to have faith with so many other debates going sideways elsewhere. All we can do is raise awareness and wince at the progression of such a piece of legislation.
Drew Wilson on Twitter: @icecube85 and Facebook.