The U.K. government has updated its stance about a controversial bill that could require encrypted messaging apps to be scanned for illegal user content.

Arts and Heritage Minister Lord Stephen Parkinson detailed the update in a statement to the U.K. parliament, the Financial Times reported today.

In 2021, the U.K. parliament proposed a law called the Online Safety Bill that would grant the government new powers to regulate online platforms. The law includes clauses that would require tech companies to take action against illegal user content hosted on their platforms. Failure to comply with that requirement can lead to fines of up to £18 million or 10% of a company’s annual revenue, whichever is higher.

The clauses in question have drawn widespread scrutiny. According to critics, the bill could require tech companies to scan messaging apps that feature end-to-end encryption technology for harmful user content. This requirement, they argue, would effectively outlaw the technology.

End-to-end encryption software works by scrambling a message before rather than after it’s sent over the network. The message can only be decrypted once it arrives on the recipient’s device. As a result, not even the operator of the messaging app that processes the data can read it.

Privacy advocates have argued that complying with the content scanning rules in the Online Safety Bill may require messaging apps to weaken their end-to-end encryption. Alternatively, such apps may have to implement a monitoring technology known as client-side scanning. According to Wired, that technology would scan users’ messages on their devices before they send them.

In today’s statement, Parkinson said that the U.K. would only require tech firms to scan messages when it becomes “technically feasible” to do so. But the clauses that would grant Ofcom, the U.K.’s technology regulator, powers to implement this requirement won’t be removed from the Online Safety Bill. It’s believed that the bill will “likely” be passed into law.

“A notice can only be issued where technically feasible and where technology has been accredited as meeting minimum standards of accuracy in detecting only child sexual abuse and exploitation content,” Parkinson said.

Parkinson’s statement may help assuage major messaging providers’ concerns about the Online Safety Bill. Earlier this year, Meta Platform Inc.’s WhatsApp unit and the Signal Foundation indicated they would rather exit in the U.K. than weaken their respective messaging apps’ end-to-end encryption.

The Signal Foundation welcomed Parkinson’s statement. “Of course, this isn’t a total victory,” Meredith Whittaker, the organization’s president, wrote in a post on X today. “We would have loved to see this in the text of the law itself. But this is nonetheless huge, and insofar as the guidance for implementation will have the force to shape Ofcom’s implementation framework, this is, again, very big and very good.”

Photo: Unsplash