Apple has expressed its criticism of certain provisions in the Online Safety Bill, which could potentially compel encrypted messaging platforms like iMessage, WhatsApp, and Signal to scan messages for child abuse material. This objection from Apple comes amidst a collective effort by 80 organizations and tech experts who have written to Technology Minister Chloe Smith, urging a reconsideration of these powers.
According to Apple, the bill should be revised to safeguard encryption. The government asserts that companies must take measures to prevent child abuse on their platforms.
End-to-end encryption (E2EE) ensures that only the sender and recipient can access message content. However, law enforcement agencies, the government, and some child protection charities argue that this technology, employed by apps like WhatsApp and Apple’s iMessage, hinders their ability to identify the sharing of child sexual abuse material.
Apple has stated that “end-to-end encryption is a critical capability that protects the privacy of journalists, human rights activists, and diplomats.” The company warns that the Online Safety Bill poses a significant threat to this protection, potentially placing UK citizens at greater risk. Apple calls on the government to amend the bill to safeguard robust end-to-end encryption for the benefit of everyone.
The government, on the other hand, states that “companies should only implement end-to-end encryption if they can simultaneously prevent abhorrent child sexual abuse on their platforms. We will continue to work with them to seek solutions to combat the spread of child sexual abuse material while maintaining user privacy.”
The Online Safety Bill, currently undergoing parliamentary proceedings, contains provisions that could empower the communications regulator Ofcom to direct platforms to utilize accredited technology for scanning message contents. The government emphasizes that these powers would only be utilized as a last resort and when stringent privacy safeguards are met.
Apple’s stance aligns with other widely used encrypted messaging apps that oppose this aspect of the bill. The government contends that it is feasible to develop technological solutions enabling the scanning of encrypted message contents for child abuse material. However, critics argue that the only way to achieve this would be through the installation of software that scans messages on the device itself, known as client-side scanning. Such an approach, critics claim, would fundamentally compromise message privacy.
In 2021, Apple announced plans to scan photos on users’ iPhones for abusive content before they were uploaded to iCloud, but these plans were abandoned due to backlash. Apple’s recent statement makes it clear that the company opposes any measure that weakens the privacy of end-to-end encryption.
The Open Rights Group, a digital civil liberties advocacy organization, sent an open letter to Minister Chloe Smith expressing their concerns. The letter, signed by over 80 national and international civil society organizations, academics, and cybersecurity experts, highlights the risk of the UK becoming the first liberal democracy to mandate routine scanning of private chat messages, including those protected by end-to-end encryption.
There is an increasing anticipation that amendments may be introduced to the bill, addressing the provisions that critics argue could mandate scanning. These changes could be included in a set of amendments expected to be disclosed in the coming days. However, the specifics of these changes and whether they will address the concerns of campaigners remain uncertain.