Meta will now be able to take another step forward in its full messaging encryption plan, with the UK Government removing a much-debated clause from its proposed Online Safety Bill relating to the capacity to scan people’s messages for illegal content.
The controversial “spy clause” within the proposed bill would have implemented a requirement for online platforms to facilitate “client-side scanning” for child sexual abuse material (CSAM), in an effort to maintain detection in broad-reaching communications. But with full messaging encryption enacted, this would not be possible, because not even the host platform itself is able to access encrypted content.
UK senators had pushed hard for a level of monitoring to be maintained within the bill, but it’s now conceded the point that it either allows encryption or blocks it as a result of this element. So it’s opted to go with the former, which will clear the path for Meta to implement full encryption by default in all of its messaging tools, while also enabling the creation of a universal chat inbox, integrating all of your messages across Messenger, Instagram, and WhatsApp.
Though it remains a contentious point.
In September last year, then UK Home Affairs Secretary Priti Patel called on Meta to reconsider its plans for expanded messaging encryption, as it could impede the ability of police to investigate and prevent child abuse. Patel labeled the shift to full encryption as ‘catastrophic’.
Meta’s own stats on the detection and removal of child abuse material reinforce such concerns. Throughout 2021, Meta detected and reported 22 million pieces of child abuse imagery to the National Centre for Missing and Exploited Children (NCMEC). In 2020, NCMEC also reported that Facebook was responsible for 94% of the 69 million child sex abuse images reported by U.S. technology companies.
Clearly, Meta’s platforms facilitate some level of this activity, and with full encryption enabled, that’ll effectively hide such from view, reducing the capacity to combat CSAM instances.
The numbers show that this is a serious concern, but Meta has countered that end-to-end encryption is critical for maintaining user privacy and safety.
As per Meta:
“Around the world, businesses, individuals and governments face persistent threats from online fraud, scams and data theft. Malicious actors and hostile states routinely challenge the security of our critical infrastructure. End-to-end encryption is one of the strongest possible defenses against these threats, and as vital institutions become ever more dependent on internet technologies to conduct core operations, the stakes have never been higher.”
At one point, Meta threatened to pull its messaging services from the UK entirely if the bill were to go through, but now, its full services will remain in operation for UK users.
Is that a win for privacy, or for criminals?
That depends on your perspective, and there are arguments to be made on both sides, but the end result, in this case, is that it will make it easier for Meta to push ahead with its messaging integration plan, which it first announced back in 2019.
Meta delayed its encryption push by a year in order to address such concerns, and ensure that “we get this right”, so it has been a long-running and heavily debated update. As such, all sides have had opportunity to present their case, and in that sense, you would presume that the most beneficial outcome, on balance, will be the final result.
But again, the numbers are concerning, though Meta has continued to update its own detection measures in other elements as well.
So, soon, all of your Messenger, IG, and WhatsApp messages will be encrypted, providing more assurance in your communications process. It is also worth noting that the UK isn’t the only government opposed to the change, but it was a major consideration in the broader plan, which should enable Meta to now proceed.