UK Government’s Attack on Encryption: Experts Push Back

The UK government is demanding Apple create a backdoor in its encrypted services—a move that threatens privacy and the integrity of global cybersecurity. Over 100 experts and civil society organizations have signed an open letter urging the UK to back down.

but first...

Mallory on INFLUENCE: How We Reclaim Social Media

This week, Mallory joined Matt Silverman on the INFLUENCE podcast to talk about something big: taking social media back from billionaire control.

Right now, 39 billionaires decide what we see online. Their platforms shape our conversations, elections, and even our mental health—all while maximizing profit. But it wasn’t always this way, and it doesn’t have to be. So how did we get here? And how can we claw it back?

The bad news is it will take a LOT of work, investment, and convincing. The good news is, we already know how to do it - and it’s way easier than you think. Tune in to learn more on Apple, Spotify or wherever you get your podcasts.

The weekest links

• Help shape the Internet Exchange community—answer our poll to tell us where you'd like to connect! https://tally.so/r/mDAOqE

Decentralization,  Platform Governance & Digital Rights

• The Social Web Foundation announces its membership in the World Wide Web Consortium (W3C). https://socialwebfoundation.org/2025/02/11/the-social-web-foundation-announces-its-membership-in-the-world-wide-web-consortium/
• Tumblr to join the Fediverse after WordPress migration completes. https://techcrunch.com/2025/02/11/tumblr-to-join-the-fediverse-after-wordpress-migration-completes/
• John O'Nolan, founder of Ghost—the platform we use to publish this newsletter—delivered a standout talk at FOSDEM last week. https://video.fosdem.org/2025/ud2208/fosdem-2025-4673-networked-journalism-bringing-long-form-publishing-to-the-fediverse.av1.webm
• EFF sues Doge and the Office of Personnel Management to halt the unauthorized collection of federal employees’ personal data. https://www.eff.org/deeplinks/2025/02/eff-sues-doge-and-office-personnel-management-halt-ransacking-federal-data
• The African Declaration on Internet Rights and Freedoms (AfDec) was developed to address digital rights challenges across Africa. This new research explores AfDec’s impact on policy, advocacy efforts, and internet governance across the continent. https://africaninternetrights.org/en/node/2602

AI & Society

• Hugging Face announces AI Energy Score, a new framework for evaluating the environmental impact of AI models. https://huggingface.co/blog/sasha/announcing-ai-energy-score
• Global Center for AI announces a call for papers for the "AI in Society" series at Oxford Intersections. Researchers and practitioners are invited to contribute insights on AI’s societal impact, ethical considerations, and governance frameworks. https://www.globalcenter.ai/news/call-for-papers-ai-in-society-oxford-intersections
• Sherif Elsayed-Ali’s two takeaways from The AI Action Summit. https://www.linkedin.com/posts/sherifea_aiactionsummit-activity-7295504634704527360-Y86g
• Google, OpenAI, Discord, and Roblox launch ROOST, a $27M initiative to develop open-source AI tools for online safety, focusing on detecting and mitigating harmful content. https://www.platformer.news/roost-open-source-trust-safety/
• AI companies’ secrecy around training data, fueled by copyright disputes and legal uncertainty, threatens transparency and accountability—A new report, presented at FOSDEM explores how open-access solutions could change the landscape. https://arxiv.org/abs/2501.08365

Upcoming Events

• DMA and Beyond Conference explored digital markets regulation, data governance, and platform accountability. Read papers presented at the event and gain insights from leading experts in digital competition policy. https://kgi.georgetown.edu/events/dma-and-beyond-conference/
• Watch recordings from the DMA and Beyond Conference live stream, featuring discussions on AI regulation, platform transparency, and antitrust enforcement. https://www.youtube.com/@Knight-GeorgetownInstitute/streams
• Help shape a feminist AI tool. Chayn is creating a new AI tool to support those who have experienced Image-Based Abuse. https://lu.ma/kfkroa0c 
• AI for Good global summit this July. AI for Good is identifying trustworthy AI applications, building skills and standards, and advancing AI governance for sustainable development. The summit brings together experts, policymakers, and industry leaders to explore AI’s role in solving global challenges. https://aiforgood.itu.int/

Careers and Funding Opportunities

• The Center for Democracy & Technology (CDT) is offering an internship focused on technology policy and digital rights. Application deadline: Feb 14. https://cdt.org/job/intern-at-dcs-top-tech-policy-think-tank-this-summer/
• Freedom of the Press Foundation is hiring a Senior Digital Security Trainer. https://freedom.press/careers/job/?gh_jid=4526817005

ICYMI - Mallory participated in a panel discussion on how encryption contributes to a safer internet for young people. Her insights were grounded in an article she published last year for the Observer Research Foundation. https://www.orfonline.org/expert-speak/children-s-rights-at-the-centre-of-digital-technology-standards-by-design

What did we miss? Please send us a reply or write to editor@exchangepoint.tech.

Joint Letter on the UK Government’s use of Investigatory Powers Act to attack End-to-End Encryption

Signed by Mallory Knodel and 109 civil society organizations, companies, and cybersecurity experts, including Global Encryption Coalition members.

Mallory, alongside over a hundred cybersecurity experts and civil society organizations, including from the Global Encryption Coalition, has signed a joint letter urging the UK Home Office to withdraw its demand that Apple create a backdoor into its end-to-end encrypted services. This move, they argue, is a global emergency that endangers the security and privacy of millions, undermines the UK's tech sector, and sets a perilous precedent for global cybersecurity.

If you are a cybersecurity expert or work at an organization or company that would like to sign on to this open letter in support, please fill out this sign-on form before 20th of Feburary.

The full letter is below.

To The Rt Hon Yvette Cooper MP,

The undersigned civil society organizations, companies, and cybersecurity experts, including members of the Global Encryption Coalition¹, call on the UK Home Office to rescind its demand that Apple create a backdoor into its end-to-end encrypted services. This demand jeopardizes the security and privacy of millions, undermines the UK tech sector, and sets a dangerous precedent for global cybersecurity.

Reports indicate that the UK Government has issued a technical capability notice (or TCN) to Apple under the Investigatory Powers Act 2016 s.253 (IP Act). If all had gone according to plan, the UK government would have forced Apple to build a backdoor into its end-to-end encrypted cloud services. The world’s second-largest provider of mobile devices would be built on top of a systemic security flaw, putting all of its users’ security and privacy at risk, not just in the UK but globally.

The consensus among cybersecurity experts could not be clearer: there is no way to provide government access to end-to-end encrypted data without breaking end-to-end encryption, thus putting every user’s security and privacy at risk.

Strong encryption keeps information and communication confidential. In a digital society, encryption is critical to safeguarding citizens both online and off, to protecting the digital economy, and to ensuring national security. In late January, the UK’s National Audit Office released a report that the “cyber threat to the UK government is severe.”² As Ciaran Martin, former Director and founder of the UK Government’s National Cybersecurity Center notes “E2EE [end-to-end encryption] must expand, legally unfettered, for the betterment of our digital homeland.”³ With cyberattacks becoming ever-more frequent and sophisticated⁴,  the reliance of the UK government, citizens, and businesses on end-to-end encryption to keep themselves safe and secure has never been greater. 

The UK Government has stressed the importance of digital technologies to the UK’s economic growth, but by forcing a company to secretly undermine the security of their product, the UK government risks foreign companies leaving the market and casting doubt on the security of products from UK tech companies. For some global companies, they may choose to leave the UK market rather than face the global reputational risks that breaking the security of their products would entail. UK companies will also suffer reputational damage, as foreign investors and consumers will consider whether their products are riddled with secret UK government-mandated security vulnerabilities. 

International human rights bodies have recognised the importance of end-to-end encryption to protect the right to privacy and to promote the exercise of other rights. This is because being able to communicate safely and securely can be a precondition to being able to communicate and express one’s views. The case law of the European Court of Human Rights (ECtHR) recognises the importance of anonymity in “promoting the free flow of ideas and information in an important manner” including by protecting people from reprisals for their exercise of freedom of expression⁵. In February 2024, the ECtHR found that Russia’s order issued to Telegram requiring it to disclose “technical information” including encryption keys breached human rights law, as it was not proportionate⁶.

Undermining the confidentiality of cloud services would have the most harmful impact on those already at greatest risk: families, domestic violence survivors⁷, LGBTQ+ individuals⁸, and many more who rely on the safety and privacy provided by end-to-end encrypted services. For these and other at-risk groups, the confidentiality guaranteed by end-to-end encryption can be critical in preventing harassment and physical violence.

Similarly, encrypted communications protect the UK’s national security. Government services benefit from encryption and providing backdoors in one instance can lead to encryption being weakened across the ecosystem of the public sector, as well. For national security professionals and government employees, access to end-to-end encrypted services allows them to safeguard their personal life. Ensuring the security and privacy of government officials is vital for helping prevent extortion or coercion attempts, which could lead to greater national security damage.

To ensure the national and economic security of the United Kingdom, the Home Office must end its technical capability notice forcing Apple to break its end-to-end encryption.

See full list of signatories.