Online Safety Bill: Where is encryption now? – DIGIT.FYI

admin on July 25, 2023 Leave a Comment

The Online Safety Bill is currently in the House of Lords, where members have adopted a new amendment concerning the regulation of encrypted content.

According to the new amendment, Ofcom, the telecommunications regulator, will have to add an extra reporting stage before it can require technology companies to scanend-to-end encrypted content and messages for child sex abuse material and other illegal content.

The measure for extra scrutiny is meant to give further protections to privacy that is typically secured by end-to-end encryption.

A report by a skilled person will have to be commissioned by Ofcom before the regulator gives notices to technology companies to scan encrypted messages.

The skilled person will be an independent expert, according to Lord Parkinson of Whitely Bay, who spoke at the House of Lords on Wednesday.

Ofcom would need to consider how the scanning of encrypted messages in each circumstance would impact privacy and freedom of expression prior to requiring a company to introduce the technology necessary to read encrypted messages. Further, the regulator would be bound by human rights laws.

But it still remains unclear how end-to-end encryption scanning technology will be rolled out, and how the regulator will balance privacy concerns amid an alarming rise in child sexual abuse content in the UK.

Two other amendments which attempted to impose stricter parameters to Ofcoms encryption scanning notices were dropped in the House of Lords in favour of the newly adopted one.

The first, introduced by conservative Lord Moylan, would have put an outright ban on Ofcom imposing any requirements on weakening or removing of encryption, a move which has been called for by many tech companies like WhatsApp and Signal.

Labour Peer Lord Stevensen of Balmacaras amendment was also dropped, which would have required an independent judicial commissioner to review if an encryption scanning notice would be proportionate prior to its issue by Ofcom.

There still remains a lack of consensus in government on what this bill would mean for privacy and encryption.

The bill excludes text messages, Zoom, and email from the encryption measures, as well as messages sent by law enforcement, the public sector, and emergency responders.

The exclusion of the public sector and law enforcement from scans, especially amid reports of rampant sexual abuse by law enforcement in the UK has pulled into question the effectiveness of this part of the online safety bill, as well as where it is pointed.

Lord Parkinson, however, has assured that scanning encrypted messages would be a last resort if companies were found to not properly manage their risks if child sexual abuse material is continually found on a platform, Ofcom will be able to direct the company to use accredited technology to remove the content.

Even with the extra step, civil groups are saying the protections do not go far enough to ensure privacy and freedom of expression.

Related

See the rest here:
Online Safety Bill: Where is encryption now? - DIGIT.FYI

Related Posts
Posted in Encryption

Comments are closed.