The UK’s uneasy relationship with encrypted messaging has taken another sharp turn, after a government watchdog suggested that building apps like WhatsApp or Signal could technically amount to “hostile activity”.
The warning comes from Jonathan Hall KC, the Independent Reviewer of State Threats and Terrorism Legislation, in a new report examining the scope of powers granted under the Counter-Terrorism and Border Security Act and the National Security Act.
According to Hall, developers whose technology makes it harder for UK intelligence agencies to monitor communications could, in theory, fall within the legal definition of hostile actors, even if no foreign state is directly involved.
That framing is likely to raise eyebrows across the tech industry. Hall argues that end-to-end encryption may indirectly benefit hostile states by limiting surveillance capabilities, writing that this could still be considered aligned with foreign interests “even if the foreign state has never contemplated this potential advantage.”
The report also notes that journalists handling sensitive or embarrassing material could face similar scrutiny under the same broad legal definitions.
While the language is striking, it doesn’t exist in isolation. Encrypted services have increasingly come under pressure from UK lawmakers, particularly under legislation such as the Online Safety Act. Although the Act is best known for its age-verification requirements, critics have long warned that its more aggressive provisions could undermine encryption altogether.
Apple’s recent clash with the government illustrates the stakes. After receiving a technical capability notice demanding access to encrypted iCloud data, Apple chose to disable Advanced Data Protection in the UK rather than weaken its security. It’s a precedent that has unsettled privacy advocates and tech firms alike.
During a recent parliamentary debate on the Online Safety Act, MPs called for tougher enforcement and even floated reviewing other encrypted tools, including VPNs. Concerns about the security risks of measures like client-side scanning were largely sidelined, frustrating digital rights groups who argue that weakening encryption creates vulnerabilities that hackers are only too happy to exploit.
For lawmakers, encryption is often framed as an obstacle. For security experts, journalists, activists, and abuse survivors, it’s a safeguard. With services like Signal and WhatsApp previously stating they would rather leave the UK than compromise user privacy, the report signals that the standoff between government and encrypted platforms is far from over, and may only intensify in the year ahead.
The post UK watchdog slams WhatsApp and Signal encryption appeared first on Trusted Reviews.
