Signal Warns UK Device Scanning Plan ‘Endangers Us All’

Signal has accused the UK government of proposing a dangerous form of surveillance after ministers announced plans that could require technology companies to prevent children from taking, sharing, or viewing nude images on smartphones and tablets.

What Is The Government Proposing?

The announcement came from Prime Minister Keir Starmer during London Tech Week, where he said the UK would become “the first country in the world to make it impossible for children to take, share or view nude images.”

Under the proposals, technology companies including Apple and Google would be expected to activate existing safety features or introduce new technical measures that detect and block nude images on devices used by children. Adults would still be able to access such content after completing age verification checks.

Three-Month Deadline

The government has given technology companies three months to develop suitable solutions. If they do not, ministers have indicated they are prepared to introduce legislation, financial penalties, and potentially other enforcement measures.

The government argues that stronger intervention is needed because online child sexual abuse, exploitation, and exposure to harmful content remain widespread. Home Office figures cited alongside the announcement indicate that 91 per cent of online child sexual abuse reports recorded in 2024 contained self-generated content from children themselves.

Why Is Signal Opposing The Plan?

Signal, one of the world’s best-known encrypted messaging platforms, has responded forcefully to the proposals. In a public statement, the company said the government’s approach “will not safeguard children. It endangers us all.”

The company’s main concern is not the goal of protecting children, but the technology required to achieve it. Signal argues that forcing devices to scan content before it is viewed, shared, or stored would create a new form of surveillance infrastructure capable of examining private information on users’ devices.

According to Signal, “Forcing all UK residents to prove their age and/or have all their content scanned, simply to exercise their fundamental right to communicate, is a perilous proposition.”

The company also warned that once such capabilities exist, they rarely remain limited to their original purpose. Signal stated: “We know that mass surveillance and censorship capabilities, however sincere-sounding the promises of those who initiate them are, never remain narrowly scoped.”

The Debate Around Client-Side Scanning

At the centre of the controversy is a technology known as client-side scanning.

Unlike traditional content monitoring, which takes place on external servers, client-side scanning operates directly on the user’s device. Supporters argue this provides a compromise between privacy and safety because images do not need to be sent elsewhere for inspection.

Advocates say the approach can prevent harmful content from being created, viewed, or shared while keeping personal information on the device itself.

Critics, however, argue that the distinction is not as clear-cut as it appears.

Although images may never leave the device, the device is still examining content on behalf of a third party. Privacy groups have long argued that this changes the fundamental trust relationship between users and their devices.

Signal’s concern is that the same scanning infrastructure could potentially be expanded in future to identify other forms of content beyond child protection material. Whether or not such powers were ever used, critics argue that the capability itself creates new risks around surveillance, censorship, security vulnerabilities, and public trust.

A Wider Privacy Battle

The disagreement reflects a much broader debate that has been developing for years.

Previous UK legislation, including the Investigatory Powers Act and aspects of the Online Safety Act, has generated similar disputes between governments seeking stronger online protections and privacy advocates concerned about the long-term consequences of expanding monitoring powers.

Technology companies have also faced these questions before. Apple, for example, previously proposed a system for detecting child sexual abuse material on devices before ultimately abandoning the project following widespread criticism from privacy and security experts.

Supporters of the government’s latest proposals argue that child protection must take priority. Organisations including the NSPCC, Internet Watch Foundation, Barnardo’s, and the Children’s Commissioner for England have publicly welcomed the plans.

NSPCC chief executive Chris Sherwood described the proposal as “a major step forward in our fight against online child sexual abuse.”

What Does This Mean For Your Business?

The wider significance of this dispute isn’t really about nude image detection. It is about where governments, technology companies, and citizens draw the line between child protection and personal privacy, particularly when proposals involve technology capable of examining content directly on people’s devices.

The debate also highlights a growing tension that businesses are increasingly encountering across cyber security, compliance, artificial intelligence, and digital regulation. Governments are seeking stronger protections against genuine harms, while technology providers and privacy advocates are warning about the unintended consequences of expanding monitoring capabilities.

The larger issue here is not simply whether children should be protected online, as few would disagree with that objective. The real debate is whether it is possible to achieve those protections without creating technologies that examine private content on personal devices. As governments around the world continue to grapple with that question, the outcome is likely to influence the future of privacy, encryption, and digital communications far beyond the UK.