Security
Headlines
HeadlinesLatestCVEs

Headline

Apple Objects to UK Bill That Would Break Encrypted Messaging

New online safety bill could force encrypted messaging apps like iMessage and WhatsApp to scan for child abuse material, but platforms warn about privacy implications.

DARKReading
#apple#backdoor#sap

Apple has joined more than 80 technology experts and organizations in an appeal to UK lawmakers to consider the broader privacy ramifications of pending legislation called the Online Safety Bill.

The legislation, moving its way through Parliament, is intended to force accountability for technology platforms used to distribute child abuse materials.

Platforms like iMessage and WhatsApp use end-to-end encryption (E2EE), which prevents anyone but the sender and recipient from viewing the contents of a message. E2EE also keeps law enforcement from identifying illicit materials.

In its current form, the Online Safety Bill allows, under some circumstances, the UK’s communications regulator Ofcom to force platforms to scan messages for prohibited content.

In a statement, Apple said it was willing to work with the British government to purge abusive content on its platform, but adds that breaking end-to-end encryption comes with other privacy risks, according to reports.

“End-to-end encryption is a critical capability that protects the privacy of journalists, human rights activists, and diplomats,” Apple said, according to the BBC. “It also helps everyday citizens defend themselves from surveillance, identity theft, fraud, and data breaches.”

“Apple urges the government to amend the bill to protect strong end-to-end encryption for the benefit of all,” Apple added.

In addition to Apple’s objections, an open letter to Technology Minister Chloe Smith from the Open Rights Group (ORG) warned about the security risks associated with this kind of open spying on citizens without their consent. The letter was signed by more than 80 national and international civil society organizations, academics, and cyber experts, the ORG said.

“The inconvenient truth is that it is not possible to scan messages for bad things without infringing on the privacy of lawful messages,” the ORG open letter read. “It is not possible to create a backdoor that only works for ‘good people’ and that cannot be exploited by 'bad people’.”

Other encrypted messaging apps like WhatsApp and Signal told the BBC they adamantly refuse to weaken the privacy on their platforms, with Signal putting out a statement in February that if the legislation became law it … “would absolutely walk,” meaning it would halt services to the UK altogether rather than comply with proposed Online Safety Bill requirements.

DARKReading: Latest News

Microsoft Pulls Exchange Patches Amid Mail Flow Issues