‘While the proposal does not specify what technical changes would require notification, these may include changes in the architecture of software that would interfere with the U.K.’s current surveillance powers. As a result, an operator of a messaging service wishing to introduce an advanced security feature would now have to first let the Home Office know in advance.
Device manufacturers would likely also have to notify the government before making available important security, updates that fix known vulnerabilities and keep devices secure. Accordingly, the Secretary of State, upon receiving such an advance notice, could now request operators to, for instance, abstain from patching security gaps to allow the government to maintain access for surveillance purposes.