13 February 2023

The Online Safety Bill risks putting Hong Kong refugees in danger

By Mark Sabah

It’s always, they tell you, ‘well-intentioned’. That’s the thing to know about surveillance. It’s always conducted for your safety, your security, for community cohesion.

China has become synonymous with surveillance. In Xinjiang, in Hong Kong, and all across the territories in the control of the Chinese Communist Party, surveillance is part of everyday life. People assume their messages are being read, their conversations listened to, and they try to get on with ‘normal’ life under these circumstances. 

For many it’s no more than a minor irritation in their day-to-day lives. But at the back of their minds, they know that they are totally at the mercy of the state. The state owns your secrets. Your own life is part of the apparatus that can be used against you should you ever – deliberately or accidentally – step out of line.

Understanding what freedom means entails understanding what it is like to lose it. For the thousands who fled Hong Kong after the regime’s brutal crackdown on the democratic rights to speak, publish and protest, arriving in the UK – though tinged with sadness at being forced to leave their home – can still feel like a release. While they may still fear to contact friends and fellow activists at home in Hong Kong, they can still at least speak and write freely here in Britain.

But the government which was so welcoming may now be unwittingly making the country less safe for Hong Kongers in the UK, and thousands of others who have come to this country to escape persecution.

The Online Safety Bill, which returns to the House of Lords for more deliberation this week, has had a lengthy and controversial gestation. 

Free speech campaigners rightly pointed out that its demand that ‘legal but harmful’ content be removed from the web turned social media platforms into censors. Entrepreneurs expressed alarm that the bill placed onerous duties on startups who may not be able to afford the big legal and moderation teams that the bill appeared to require for all online platforms (and how many new businesses these days are not, at least in part, online platforms?). 

A report by Matthew Ryder KC for Index on Censorship, published in November 2022, claimed that parts of the bill as it stands amounts to ‘state-mandated surveillance because they install the right to impose technologies that would intercept and scan private communications on a mass scale’. Ryder went on to note that the powers demanded by the bill would currently only be available to the state ‘if there is a threat to national security’.

Companies will be forced to turn to client-side scanning (CSS). This broadly refers to systems that scan message contents (text, images, videos, files) for matches against a database of objectionable content before the message is sent to the intended recipient. This proactive monitoring will pre-emptively find ‘harmful’ content, over-censoring without nuance.

What the UK government wants, ultimately, is to be able to weaken the end-to-end encryption that makes our daily interactions secure. The reasons given appear well intentioned – child safety, combating cybercrime and tracking terrorism.

But the arguments against the Government’s proposals are compelling and should be heard. As a basic principle, we have a right to communicate in private – and to feel secure in our belief that our communications are private. Undermining encryption deals a fatal blow to that idea.

On the level of security, creating means by which secure messages can be intercepted is an easy way to open a world of trouble. You simply cannot create a back door and expect it not to be abused by cybercriminals.

On the commercial front, the idea that the UK’s communications infrastructure is less secure than that of, say, the EU, is bound to put the country at a disadvantage when it comes to foreign investment, particularly in tech. Meta is apparently already sufficiently alarmed by the idea of damage to encryption that it has publicly suggested it would withdraw WhatsApp services from the UK if the bill goes through in its current form.

For the thousand of democracy activists, dissidents, and members of minority groups who have been grateful for the home the UK has offered them, threats to privacy take on a global element. 

A back door into our communications would undoubtedly be exploited by China, Russia, Iran and other states with sophisticated cyberwar and foreign intelligence operations. We’ve already seen, with incidents such as the Salisbury poisoning and the recent assault of a protester at the Chinese consulate in Manchester that autocratic states are increasingly aggressive in their attitude toward dissidents in the UK. The Online Safety Bill will just make it easier for them to access our communications, track our actions and ultimately spread fear by whatever means they deem suitable.

I don’t think the UK government intends to set up a surveillance state for its own citizens, and I don’t think it intends to put Hongkongers and others seeking refuge at risk. But I would urge them to consider legitimate worries when the Online Safety Bill returns to the debating chambers of Westminster. The risks to life, liberty and, yes, security are far too serious for this law to be simply waved through.

Click here to subscribe to our daily briefing – the best pieces from CapX and across the web.

CapX depends on the generosity of its readers. If you value what we do, please consider making a donation.

Mark Sabah is Director of UK & EU Advocacy and Public Affairs at The Committee for Freedom in Hong Kong Foundation.

Columns are the author's own opinion and do not necessarily reflect the views of CapX.