Dear Mr. Sunak, will you block access to encryption, just like Russia & Iran?

Tutanota: We will not 'walk out' of UK like Signal. Nor will we comply with any request to bypass our encryption.

2023-02-28
UK Online Safety Bill will undermine encryption.
Following the statement of Signal to 'walk out' of the UK should the Online Safety Bill pass, the encrypted email service Tutanota, says: "We will not 'walk out' of UK. We will also not comply with any requests to backdoor the encryption."
SIGN UP

Signal would walk, but we will not

Three days ago, the encrypted messaging app Signal said they would 'walk' from UK if the Online Safety Bill undermined encryption.

However, 'walking out' is not the solution here.

We at Tutanota say the opposite: We will not 'walk' from the UK. If Prime Minister Rishi Sunak and his government want to stop people in the UK to use strong encryption - like that provided by our secure email service Tutanota - he must block access to Tutanota - just like Russia and Iran are already doing.

By doing so, the UK would put itself on the same level as authoritarian regimes like Russia, Iran, North Korea and China who are known for setting up Great Firewalls to limit their people's access to the internet and to online services. These countries actively block access to encrypted services, cutting off their citizens from having a private and confidential communication online.

The UK wants to undermine encryption. Edward Snowden: "If you weaken encryption, people will die."

Status of the Online Safety Bill

The Online Safety Bill has already been passed by the House of Commons in the UK Parliament. Now it is up for decision in the House of Lords.

Matthias Pfau, co-founder of Tutanota, comments:

"It is really worrying what is going on in the UK - once the greatest democracy in the world. The British government still believes they can have a 'magical key' to access encrypted communication - completely ignoring the technical background and what cryptography experts have said again and again: You can't backdoor encryption and make sure that this backdoor is not going to be abused by malicious actors."

A backdoor for the good guys only is simply not possible. Encryption is either securing everyone or it is broken for everyone.

We have repeatedly criticized the Online Safety Bill because we understand the threats resulting from undermining encryption.

Tutanota will not implement a backdoor

That's why we at Tutanota will never implement a backdoor to our encryption.

The code of Tutanota is open source. The encryption is published transparently so that everybody can check that all data stored in Tutanota is encrypted on the user’s device before it is being sent to the server. This is what strong encryption is supposed to do, and we will not undermine this.

If the UK government really wants to follow through with their plans, they need to set up a Great Firewall - just like China - to block their citizens from accessing encrypted services like Tutanota.

Crypto wars

As worrying as the situation in the UK is right now, to us the Online Safety Bill is just another chapter in the ongoing crypto wars. Many politicians in the EU, the USA, UK and Australia would like to force encrypted services to backdoor their encryption – which would give access to law enforcement, but also to malicious attackers.

What many do not see is that these "malicious attackers" can be very powerful. They can be state actors like China and Russia trying to get their hands on sensitive government or trade secrets in the Western world. When we undermine encryption ourselves, we open our doors wide to highly capable attackers - instead of defending our digital world from these attackers.

To understand the risks when we undermine encryption, we should take a look at the biggest backdoor fails in history.

The question with backdoors is not just "will they help to catch criminals". The question we must look at very carefully is also: "Will they help criminals?"

When backdooring encryption, we take away the opportunity to use the internet securely for everyone. This is a risk, we at Tutanota are not willing to take.

It is simply not possible to get more security by weakening security.

SIGN UP
Author
Black and white picture of Matthias thinking and looking to the right side.
Matthias is co-founder and developer of Tuta, focusing on backend development, architecture and email processing. He writes code and political comments to fight for our human right to privacy. He wants to create an encrypted cloud collaboration platform which is so easy to use and so secure that it locks out all the spies. We all deserve a better internet - one where privacy is the default.
Top posts
Threat Modeling In 2024: Your Guide For Better Security
10 Best Private Email Services in 2024
Google Pays 1150 Times More for Its Search Monopoly Than for Lobbying in the EU & US
Why Use A Password Manager - And Our Top 3!
Anonymous email: Create an email address without a phone number.
The Illusion Of "Swiss Privacy" Being The Best
10 best free email accounts in 2024
Latest posts
Google Search Is A Problem: How Google Is Crushing Tuta.
The XZ Backdoor and the importance of Open Source Software
Apple is finally giving you the choice: Take it and install a private browser right now!
The Russian Hacker Group Sandworm is Back: New Kapeka Malware Secretly Infecting Systems Since 2022
Terminate subscription
Company
Community
Team
Jobs
Terms
Privacy
Legal notice
Development
Changelog
Roadmap
Security
Encryption
Open Source
GitHub
Features
Secure Email
Encrypted Calendar
Business
Support
Forum
Press
Support
Language
English
Translate