Tell the UK’s House of Lords: Protect End-to-End Encryption in the Online Safety Bill

The bill empowers OFCOM, a regulatory agency, to require online services to “use accredited technology”—in other words, government-approved software—to find child abuse images. Those orders can be issued against online services that use end-to-end encryption, meaning they currently don’t have any technical way to inspect user messages.

What the UK does here will have global impact. Lawmakers in liberal democracies around the world have claimed certain types of encryption backdoors are needed to inspect files for the worst crimes, like child abuse. And they’ve claimed, falsely, that certain methods of inspecting user files and messages, like client-side scanning, don’t break encryption at all. We saw this proposed in the U.S. with the EARN IT Act, and similar message-scanning rules have been proposed in the European Union.

If it passes, the Online Safety Bill would force internet services to look at millions of messages sent by users who’ve done nothing wrong. Services that currently provide encryption and strong privacy could be pressured to abandon it. If they are pressured to create backdoors for government agencies, those same backdoors will be used by criminals, domestic abusers, and authoritarian governments.

Security experts and NGOs have spoken clearly about this issue, and asked for the anti-encryption sections of the Online Safety Bill to be withdrawn. But in spite of some changes being made during its passage through the House of Commons, these provisions remain untouched. Multiple amendments to safeguard end-to-end encryption were not accepted.

As the Online Safety Bill enters the House of Lords Committee Stage, we need U.K. residents to tell members of the House of Lords to protect end-to-end encryption and the right to private messaging.