Featured Article : WhatsApp’s UK Threats Over Online Safety Bill

Written by: Paul |

The boss of WhatsApp, Will Cathcart, has said he would rather stop users in the UK from using the app than lower its security, as suggested by the UK’s Online Safety Bill. 

End-to-end Encrypted App 

One of the key security features of Meta’s WhatsApp is its end-to-end encryption. This ensures that only the intended recipient can access and read the message or data, because the information is encrypted on the sender’s device and decrypted on the recipient’s device, without being accessible or readable by any intermediaries or third parties, including the service provider or government agencies. Crucially, this complete encryption also means (in relation to the latest developments) that not even WhatsApp itself can read users’ messages. 

However, this was identified as being a problem for the UK government back in 2017 (when Amber Rudd) was Home Secretary following reports that London terror attacker Khalid Masood used WhatsApp’s encrypted message service minutes before the killings, and there were calls for a ‘back door’ being built into the app.  

The Online Safety Bill 

The UK government’s Online Safety Bill, originally proposed by former PM Teresa May, is (draft) legislation that’s designed to place a ‘duty of care’ on internet companies which host user-generated content in order to limit the spread of illegal content on these services.  

The idea of the bill is to prevent the spread of illegal content and activity (e.g. images of child abuse, terror material, and hate crimes), as well as to protect children from harmful material.  

The proposed bill, in its current form however, means that WhatsApp would be required to scan messages within its app for child abuse material, something that would not be possible unless the security of the app’s encryption was weakened or removed. It has been proposed, for example, that under the bill, secure apps like WhatsApp would need to adopt “accredited technology” to identify and remove child-abuse material. 

Would Rather Block UK Users 

The suggestion that WhatsApp’s security would be required to be weakened in any way under the requirements of the Online Safety Bill has led to WhatsApp boss saying he would refuse to comply if asked to weaken the privacy of encrypted messages and would rather block UK users than weaken privacy.  

Mr Cathcart highlighted reasons why he would be happier to block UK users as being: 

– 98 per cent of WhatsApp users are outside the UK anyway, and don’t want WhatsApp to lower the security of the product. 

– WhatsApp has accepted being blocked in other parts of the world, e.g. Iran. 

– Proposing government scanning of private messages could embolden other countries, with different definitions of illegal content, to propose the same thing, i.e. using WhatsApp as a government mass surveillance tool. 

Support For WhatsApp 

Support for WhatsApp’s refusal to comply and threat to block has come from Signal president Meredith Whittaker who has suggested that blocking UK users would be the right response and that a “push back” is needed against the bill’s requirements in relation to secure apps. 

Also, Dr Monica Horten of the Open Rights group had also highlighted the “potentially damaging consequences for privacy and free-expression rights” that giving the government the ability to scan private messages could bring. 

Element, the U.K. startup behind the decentralised messaging E2EE Matrix protocol has also criticised the current draft of the Online Safety Bill as “an attack on encryption” and a proposal of “state surveillance and censorship” that’s reminiscent of “regimes in Russia and China” . 

The UK Government 

The UK government is currently sticking to its stance on the bill and re-iterating that technology companies need do more to tackle online child abuse and stop giving paedophiles a way to continue their online activities in secret. 

Other organisations, such as The National Society for the Prevention of Cruelty to Children (NSPCC) have supported the idea that the Online Safety Bill could help protect children by making legal requirement for platforms to identify and disrupt child sexual abuse taking place on their platforms and sites. The NSPCC’s chairman has also said that “Experts have demonstrated that it’s possible to tackle child-abuse material and grooming in end-to-end encrypted environments.” 

UK Businesses Would Be Hit Hard By WhatsApp Blocking Them 

If WhatsApp were to block UK users, it could have a significant impact on UK businesses that rely on the platform for communication with their customers, suppliers, and employees. For example, some potential impacts include: 

– Loss of communication with customers. Many UK businesses use WhatsApp as a key or primary means of communicating with their customers, e.g. messaging and groups. If WhatsApp were to block UK users, businesses would lose a key channel for engaging with their customers, potentially leading to a decline in sales and customer satisfaction. 

– Disruption of supply chains. WhatsApp is also widely used by businesses to communicate with their suppliers and vendors. If WhatsApp were to block UK users, it could lead to disruptions in the supply chain, resulting in delays and increased costs for businesses. 

– The need to find and increase reliance on alternative platforms (which may also come under the requirements of the bill). Businesses may need to find alternative platforms to communicate with their customers and suppliers, which could be time-consuming and costly. Furthermore, not all customers and suppliers may be on the same alternative platform, creating additional challenges for businesses to maintain their communication channels. 

– Data privacy concerns. If WhatsApp were to block UK users, it could raise concerns about data privacy and the security of other popular communication platforms. Businesses may need to reassess their data privacy policies and take additional steps to ensure the security of their communication channels. 

What Does This Mean For Your Business? 

WhatsApp’s privacy, provided by end-to-end encryption, is a much-valued aspect of the app, especially since so much sensitive personal and business data is shared on the app. Also, many UK businesses (and even UK government members in relation to the recent Matt Hancock message debacle) use WhatsApp daily as an important business tool, so blocking UK users could cause huge disruption and even have a negative effect on the UK economy at particularly precarious time. It is unlikely that anybody would disagree that tech companies need to do more to tackle online child abuse but the bill in its current form will doubtless create many other problems. Allowing governments to scan private messages may set a worrying precedent and embolden other countries with concerning regimes and motivations to call for similar measures as a means to conduct potentially dangerous mass surveillance. WhatsApp’s powerful indication that it is willing to ditch UK users rather than put the 98 per cent of its users who are outside of the UK at risk is a real possibility and businesses may now be looking at the UK government to take a better- informed look at the bill and enter into negotiations with WhatsApp to resolve the matter.