Following the statement of Signal to ‘walk out’ of the UK should the Online Safety Bill pass, the encrypted email
service Tutanota, says: “We will not ‘walk out’ of UK. We will also not comply with any requests to backdoor the encryption.”
Signal would walk, but we will not
Three days ago, the encrypted messaging app Signal said
they would ‘walk’ from UK if the Online Safety Bill undermined encryption.
However, ‘walking out’ is not the solution here.
We at Tutanota say the opposite: We will not ‘walk’ from the UK. If Prime Minister Rishi Sunak and his government want to stop people in the
UK to use strong encryption – like provided by our secure email service Tutanota – he must block access to
Tutanota – just like Russia and Iran are already doing.
By doing so, the UK would put itself on the same level as authoritarian regimes like Russia, Iran, North Korea and China
who are known for setting up Great Firewalls to limit their people’s access to the internet and to online services. These countries
actively block access to encrypted services, cutting off their citizens from having a private and confidential communication online.
Status of the Online Safety Bill
The Online Safety Bill has already been passed by the House of Commons in the UK Parliament. Now it is up for decision
in the House of Lords.
Matthias Pfau, co-founder of Tutanota, comments:
“It is really worrying what is going on in the UK – once the greatest democracy in the world. The British government still believes they can have a ‘magical key’ to access encrypted
communication – completely ignoring the technical background and what cryptography experts have said again and
again: You can’t backdoor encryption and make sure that this backdoor is not going to be
abused by malicious actors.”
A backdoor for the good guys only is simply not possible. Encryption is either securing everyone or it is broken for everyone.
We have repeatedly criticized the Online Safety Bill because we understand the threats
resulting from undermining encryption.
Tutanota will not implement a backdoor
That’s why we at Tutanota will never implement a backdoor to our encryption.
The code of Tutanota is open source. The encryption is published transparently so that everybody can check that all data stored
in Tutanota is encrypted on the user’s device before it is being sent to the server. This is what strong encryption is supposed to do, and we will not undermine this.
If the UK government really wants to follow through with their plans, they need to set up a Great Firewall – just like China –
to block their citizens from accessing encrypted services like Tutanota.
Crypto wars
As worrying as the situation in the UK is right now, to us the Online Safety Bill is just another chapter in the
ongoing crypto wars. Many politicians in the EU, the USA, UK and Australia would like to force encrypted services to backdoor their encryption – which would give
access to law enforcement, but also to malicious attackers.
What many do not see is that these “malicious attackers” can be very powerful. They can be state actors like China and Russia trying
to get their hands on sensitive government or trade secrets in the Western world.
When we undermine encryption ourselves, we open our doors wide to highly capable attackers – instead of defending our digital world
from these attackers.
To understand the risks when we undermine encryption, we should take a look at the biggest backdoor fails
in history.
The question with backdoors is not just “will they help to catch criminals”. The question we must look at very
carefully is also: “Will they help criminals?”
When backdooring encryption, we take away the opportunity to use the internet securely for everyone. This is a risk,
we at Tutanota are not willing to take.
It is simply not possible to get more security by weakening security.
Leave A Comment