Signal CEO: We “1,000% won’t participate” in UK law to weaken encryption
The UK's Safety Online Bill would require Signal to police user messages.
arstechnica.com
The UK's Safety Online Bill would require Signal to police user messages.
DAN GOODIN - 2/24/2023, 6:48 PMThe nonprofit responsible for the Signal messenger app is prepared to exit the UK if the country requires providers of encrypted communications to alter their products to ensure user messages are free of material that’s harmful to children.
“We would absolutely exit any country if the choice were between remaining in the country and undermining the strict privacy promises we make to the people who rely on us,” Signal CEO Meredith Whittaker told Ars. “The UK is no exception.”
Whittaker’s comments came as the UK Parliament is in the process of drafting legislation known as the Online Safety Bill. The bill, introduced by former Prime Minister Boris Johnson, is a sweeping piece of legislation that requires virtually any provider of user-generated content to block child sexual abuse material, often abbreviated as CSAM or CSA. Providers must also ensure that any legal content that can be accessed by minors—including self-harm topics—is age appropriate.
E2EE in the crosshairs
Provisions in the bill specifically take aim at end-to-end encryption, which is a form of encryption that allows only the senders and recipients of a message to access the human-readable form of the content. Typically abbreviated as E2EE, it uses a mechanism that prevents even the service provider from decrypting encrypted messages. Robust E2EE that’s enabled by default is Signal’s top selling point to its more than 100 million users. Other services offering E2EE include Apple iMessages, WhatsApp, Telegram, and Meta's Messenger, although not all of them provide it by default.
Under one provision of the Online Safety Bill, service providers are barred from providing information that’s “encrypted such that it is not possible for [UK telecommunications regulator] Ofcom to understand it, or produces a document which is encrypted such that it is not possible for Ofcom to understand the information it contains,” and when the intention is to prevent the British watchdog agency from understanding such information.
An impact assessment drafted by the UK’s Department for Digital, Culture, Media & Sport explicitly says that E2EE is within the scope of the legislation. One section of the assessment states:
The Government is supportive of strong encryption to protect user privacy, however, there are concerns that a move to end-to-end encrypted systems, when public safety issues are not taken into account, is eroding a number of existing online safety methodologies. This could have significant consequences for tech companies’ ability to tackle grooming, sharing of CSA material, and other harmful or illegal behaviours on their platforms. Companies will need to regularly assess the risk of harm on their services, including the risks around end-to-end encryption. They would also need to assess the risks ahead of any significant design changes such as a move to end-to-end encryption. Service providers will then need to take reasonably practicable steps to mitigate the risks they identify.
The bill doesn’t provide a specific way for providers of E2EE services to comply. Instead, it funds five organizations to develop “innovative ways in which sexually explicit images or videos of children can be detected and addressed within end-to-end encrypted environments, while ensuring user privacy is respected.”
A wide array of technologists and privacy and civil liberties advocates have long criticized such proposals on the grounds that the same innovative methods allowing providers or government regulators to police E2EE content can be exploited by government spies or criminal hackers. In 2021, Apple backed away from plans to scan images stored on iPhones for CSAM. The reversal occurred following a torrent of criticism from customers, advocacy groups, and researchers.
With the UK Parliament poised to pass the Online Safety Bill, Signal is going on record to say it will walk away rather than make any changes to its current E2EE method, which auditors and security experts say is among the most secure in the world.
“Signal will never, would never, 1,000 percent won’t participate, in any sort of adulteration of our technology that would undermine our privacy promises,” Whittaker said in a phone interview on Friday. “The mechanisms available and the laws of physics and reality of technology are the approaches that have been tried are deeply flawed both from a human rights standpoint and from a technological standpoint.”
While the precise means of monitoring E2EE content aren’t spelled out in the UK legislation, mechanisms proposed in similar frameworks in the past typically fall into two categories. The first is implementing a mechanism that allows for a decryption key to be stored in escrow that’s available only to law enforcement or regulatory bodies. Such an arrangement, of course, completely nullifies E2EE because, by definition, E2EE prevents anyone other than the conversation participants from decrypting messages. Technologists further note that any key that’s available to law enforcement is also vulnerable to hacks that defeat the escrow mechanism and provide unauthorized access. Critics further argue that governments often abuse their authority.
A second method that’s often proposed for policing E2EE communications is to scan content on an end user device before encryption takes place. This arrangement is what Apple was planning in 2021 before backtracking. The reason it’s so unpopular is that it subjects user devices to extremely broad monitoring through means that are currently undefined. As is the case with key escrows, on-device monitoring is subject to hacks that allow spies, criminals, or malicious insiders to gain unauthorized access to users’ content.
Whittaker said the Online Safety Bill doesn’t take the risks into account. She said:
It is a very troubling piece of legislation. The proactive requirement for services such as Signal to police expression and content would effectively require some form of surveillance capabilities and some sort of rubric around which expression is accepted or not. What they’ve done is to say this is the outcome we want but leaves it to the innovators, the technologists, to figure out how to do this.
The outcome they want presupposes mass surveillance capabilities, presupposes a regime that polices acceptable vs. unacceptable expression, and it presupposes either breaking into the E2EE in ways that would totally undermine privacy or undermine the point of E2EE by conducting surveillance outside of encryption itself.
UK government officials weren’t available for comment on late Friday, but in a statement provided to the Guardian, a spokesperson for the Home Office defended the bill.“The online safety bill does not represent a ban on end-to-end encryption but makes clear that technological changes should not be implemented in a way that diminishes public safety—especially the safety of children online. It is not a choice between privacy or child safety—we can and we must have both.”
It’s unclear what Signal exiting the UK would look like. Apple and Google could block Signal downloads to UK-based IP addresses at Signal’s request, but it’s almost certain some UK residents would work around such restrictions.