Recently announcing a ban on the use of Chinese social media app TikTok on UK government devices, Oliver Dowden was clear: the security of sensitive government information must come first, which is why we are today banning this app on government devices.

What’s wrong with TikTok? Well, there are a few. Its terms and conditions require the app to be able to access data on a user’s device, which is then shared with the app’s parent company. Meanwhile, TikTok itself has admitted to using its own app to spy on journalists – tracking their physical movements in a bid to track down whistleblowers.

The fundamental concern of governments in the UK, US and Europe is that data shared with TikTok owner Bytedance is not safe from the clutches of the Chinese government. And yet, as the UK government advises its employees to avoid using vulnerable apps, we are at the same time debating legislation that could make widely used messaging apps such as WhatsApp and Signal less secure.

The future of the UK as a global technology center and as a safe place to communicate online depends on getting this [bill] LAW

The Online Safety Bill is laudable in its intent, but raises a number of questions. There is broad consensus on protecting children from pornography and ensuring that neither they nor vulnerable adults are exposed to illegal content. However, while most of us want our daily communications, now almost entirely done over the internet, to be secure, an unintended consequence of the bill may make apps more vulnerable to attack or interception by bad actors. .

Section 110 of the bill provides that platforms use “accredited technology” to identify content related to terrorism and child sexual abuse. The most likely way to do this is to use what is known as “client-side analysis”. This means identifying potentially illegal content by matching it against an existing database – with the analysis performed by software either on a user’s phone, tablet or laptop, or on a remote server.

As a global campaign group, the Internet Society has pointed out: “This fundamentally defeats the purpose of [end-to-end] encryption. Private and secure E2E encrypted communications between two parties, or within a group, are meant to remain private.

They believe that “adding client-side scanning functionality increases the ‘attack surface’ by creating additional ways to interfere with communications by manipulating the database of objectionable content. […] By taking advantage of a system’s blocking features, criminals might even choose to block users from sending specific content. This could be targeted to impact legitimate uses, potentially impeding communications by law enforcement, emergency response, and national security personnel.

Where the criminals can go, there is no doubt that rogue and criminal states such as Russia, Iran and North Korea – all states that already pursue aggressive cyber warfare policies – will follow.

Leading firms including Meta and Signal have already expressed fears of forced client-side analysis, even going so far as to say they could be forced to pull services out of the UK rather than weaken their platforms. As well as a security risk, this part of the bill presents a potential threat to the UK’s leadership in technology. Can we really afford to alienate global tech companies or put our own tech start-ups at risk by compromising their security?

And while some believe these are just big business ‘cries wolf’, we certainly cannot ignore the concerns of UK-based journalists and activists working with dissidents in regime countries. totalitarians who fear for the safety of their contacts and wonder how they will be able to support them in the future.

As the Bill is due back in Parliament this month, peers from across the political spectrum have tabled amendments to protect children and vulnerable adults, while safeguarding online privacy and freedom of expression, and keeping our dynamic technology sector at the forefront of global innovation.

Although the Online Safety Bill has made somewhat tortuous progress in Parliament so far, it is not yet a workable bill. This requires further consideration and discussion of trade-offs and unintended consequences.

With so much of our lives online, it is perhaps no exaggeration to say that the future of the UK as a global technology hub and as a safe place to communicate online depends on our success.

Lord Kamall, Conservative Peer

