Freely subscribe to our NEWSLETTER

Despite three years of drafting and consultation, the Online Harms proposal is still fatally flawed. It threatens to put citizens, businesses and national security at risk while failing to meet its stated aims.

The problem at the core of the proposal is that it still leaves doubt about what is allowed and what is not. It even sets out to penalise behaviour that is “legal but harmful”, while failing to define what a “harm” is. As a result, everyone this proposal claims to serve will be less secure. Law-abiding citizens won’t know if their online activities are being inspected, or by whom. This undermines vital trust in the Internet, when it is more important than ever to our daily lives. Businesses won’t know if their services are legal or not, which will discourage investment, innovation, and access to the full benefits of the Internet.

National security will also be compromised, because the proposals (without admitting it) imply that all encrypted data can be unlocked at will. There is no way “to require companies to use technology to monitor, identify and remove” content on end-to-end encrypted services without compromising the security of everyone using that service. The proposals require companies to find encryption technology that serves both goals, even though such technology simply does not - and cannot - exist.

What’s more, communications like encrypted email are exempt from these rules - leaving malicious actors and criminals with an easy alternative if they want to communicate in secret. The Online Harms bill won’t prevent online harms, it will just move them around.

As UK businesses and citizens rely on the Internet more than ever in the midst of a global pandemic, weakening end-to-end encryption will do far more harm than good. It would also stifle innovation and further weaken the economy, at a time when the government is claiming Brexit will make British businesses - both domestic and international - more free and able to innovate.