British encryption law is not enforced because ‘encryption scanning is not possible’

A British bill that should make it possible to scan encrypted chats for child abuse material has been significantly weakened. The government says it will not enforce the law until it is ‘technically possible’ to scan chats. That is not possible now, policymakers also acknowledge.

The bill was debated in the British House of Commons yesterday. In that meeting according to the Financial Times At the eleventh hour an adjustment was made to the criticized Online Safety Bill, which effectively makes the law unenforceable. The law states that regulator Ofcom can only order companies to scan messages if this is ‘technically possible’ and ‘with technology that demonstrably meets minimum standards of accuracy and only scans for child abuse material’. The responsible minister, Stephen Parkinson, added that ‘if such technology does not exist, Ofcom cannot enforce its use on tech companies’.

Instead, Ofcom should use its power to demand that companies ‘do their best’ to find solutions to that problem. However, there are no further sanctions or specific requirements that the government will impose.

According to the Financial Times, policymakers have now also acknowledged to tech companies that such technology does not exist. That is in line with what experts have been saying for years; that there is no way to read encrypted communications for only certain users or only for specific messages.

This seems to make the controversial law practically dead. The Online Safety Bill required companies to scan chats encrypted with end-to-end encryption. However, this met with a lot of resistance from those companies. Apple, WhatsApp and Signal, among others, previously threatened to withdraw from the United Kingdom if the law were to be enforced.