There's a lot of chatter on here about weakening encryption...
but, thinking it through out loud here, I suspect that any legislation will be along the lines of:
It will be prohibited for any software, hardware or other digital computer mechanism to be supplied for use within the UK (excepting where such sale or supply has taken place under a contract approved by the home secretary) whereby such mechanism is either i) designed to prevent or ii) coincidentally through the manner of its operation prevent, compliance with requests from the security services of the UK, made under warrant, for the supply of human readable information processed, transmitted or otherwise handled by said mechanism.
The practical upshot of this will be some means of having the software return whatever key can be used to decrypt any message or transaction, probably itself in an encrypted form, along with that transaction, to be stripped off and stored at whatever intermediary server it passes through before it is relayed to the end point. Of course, due to territorial limitations on statutes, an asymmetric key used to encrypt a reply to an actor outside the UK would not necessarily have the corresponding private key sent with the reply, so presumably the client end would have to be designed to create a second, encrypted using the vendor's public key or the now known keys of the sender, version of the message to leave at the interception point.
Next would be a test case brought where software was bought or obtained overseas and brought in on a phone purchased outside the UK's legislative territory. So the legislation would be rewritten to prohibit the USE of a mechanism falling under that definition.
Then there would be a test case of a company that only triggered the "key leaking" routines of their software AFTER a surveillance warrant was issued for a subject. Packet inspection of the transmitted messages would then reveal the extra payload and flag up that the surveilled was on a warranted watch list.
The legislation would then mutate again such that either the storage of and supply of the data was warehoused until a warrant was issued, OR that the mechanism employed to ensure compliance with the act was undetectable to the sender or recipient, so dummy padding out of the payload.
And then it all becomes so messy that people will just hang up the lot of it, get fed up and ... do what? Anyway, it's ALL WRONG, May. Just forget it.