GCHQ warns over Google and Mozilla plans for encrypted browsers 

The National Cyber Security Council (NCSC), an arm of GCHQ, said the move could disrupt Government organisations’ agreement with UK company Nominet, which blocks malicious websites, as the protections could be bypassed by the encrypted browsers.

A spokesman said: “The NCSC is concerned about filtering for prevention of cyber attacks.

“The part that particularly concerns us is that of browsers installed by the user on their own equipment bypassing a particular (internet provider) service, therefore potentially exposing public sector networks to more vulnerabilities.”

The move could also impact police investigations as more requests for internet records would have to go abroad rather than to domestic companies.

The National Crime Agency: “Whilst we look to support capabilities that seek to deliver security and privacy to the UK online, we are concerned about unintended consequences these changes could have.”

The internet companies have argued the changes will enhance security, but the move would also potentially give them access to users’ browsing history - a highly valuable cache of data.  

Google and Mozilla have said they have no immediate plans to roll out the encrypted browsers to the UK, although neither would ruled it out.

A spokesman for Google said: “We’re always looking for ways to enhance privacy and protect users from online threats such as phishing, and as part of this we’re exploring additional ways to provide secure connections. Contrary to reports, these secure connections would not disable the existing content controls of your current provider, including any existing protections for children.”

A spokesman for Mozilla, which has a commercial relationship with Google, said users would be able to "opt-out" of the encrypted options for new browsers and that the company would disable the features for organisations such as schools and libraries.

They added: “We don't have immediate plans to implement DNS-over-HTTPS (DoH) in Firefox outside of North America.

“We are currently exploring potential DoH partners in Europe to bring this important security feature to users there. It is available for users who wish to enable it in the settings menu.  

“Mozilla is working to fix part of a DNS ecosystem that simply isn’t up to the modern, secure standards that every Internet user should expect. This technology will enhance the security of UK citizens and businesses, at a time when the threat landscape continues to widen.”

The changes have also been criticised by internet providers who say the new browsers could undermine the parental internet filters they provide, putting children at risk.

Till Sommer, Head of Policy at Internet Services Providers' Association, which represents providers like Sky, BT and TalkTalk, said: “The browser manufacturers would be able to give you a highly technical answer about why they want to bring in these changes.

“But most people do not care about technical internet standards. They care about keeping their children safe online, and the reality is that if the current changes go ahead then children could be exposed to harmful content without their parents even realising it, and there will be nothing that current parental control filters can do to stop it. This is a step too far.

“Serious changes therefore need to be made to DoH for it to be even near fit for purpose in the UK, and until that happens the Government needs to send a strong message to browsers such as Mozilla and Google that these changes cannot go ahead.”