The Truth of Mistruth: The UK Government’s Falsehoods on Encryption


Michelle Donelan, the UK Technology Secretary, has been in the firing line of encryption experts these past few weeks for repeating false claims and half-truths regarding the Online Safety Bill.

The legislation is proposed to force private messaging companies using end-to-end encryption to scan user content for illegal materials such as child abuse. The move would require users of the messaging services to download client-side scanning software that would read messages on devices before they become encrypted.

Donelan Kicks Off Proceedings

During a broadcast of the Radio 4 Today show, Donelan stated that technology has been developed enabling encryption and provision of this particular information, resulting in a wave of backlash from experts and insiders stating it as factually incorrect.

Experts quickly pointed out that no such technology existed that allows for encryption and access to the information. Detecting illegal content is a result of all content being scanned in the first place, and adding the ability to use scanning technology opens up countless opportunities for exploitation and abuse of the feature.

By putting a mechanism in place for good guys to undertake surveillance on the UK population in mass, the doors are thrown wide open for the bad to also gain that access. The forcing of private messaging and tech companies to implement such features is viewed as totally unacceptable when factoring the risks involved.

An Ignorant Option

Donelan doubled down by adding that it would be the tech companies’ responsibility to invest in technology that would solve the issues. It has been an argument often repeated by lawmakers that has been soundly dismissed by tech experts as both disingenuous and ignorant.

Such technology has been classed impossible to build by industry experts, academics and civil society organisations. If the government is suggesting that all tech companies pour resources into an eternal R&D black hole, it would surely be to prove the point that this technology is still impossible to implement.

Contradiction in Terms

Matthew Lesh, director of public policy and communications pointed out that the government’s claims on encryption were delusional. The Online Safety Bill empowers Ofcom into a world of scanning private messages which would lead to apps like WhatsApp and Signal leaving the UK shores by undermining their encryption promise to users.

Lesh spoke on the entire existence or development of a process to protect user privacy whilst scanning messages as a contradiction in terms. Privacy experts have criticized client-side scanning many times over, highlighting the false positive risks towards child abuse material being alarmingly high for it to be of any use.

For more information on the upcoming Government Sector cybersecurity conference, check out the upcoming events from Whitehall Media.