Why US Tech Giants Are Threatening to Leave the UK (bbc.com) 181
"It was difficult to maintain a poker face when the leader of a big US tech firm I was chatting to said there was a definite tipping point at which the firm would exit the UK," writes a BBC technology editor:
Many of these companies are increasingly fed up. Their "tipping point" is UK regulation — and it's coming at them thick and fast. The Online Safety Bill is due to pass in the autumn. Aimed at protecting children, it lays down strict rules around policing social media content, with high financial penalties and prison time for individual tech execs if the firms fail to comply. One clause that has proved particularly controversial is a proposal that encrypted messages, which includes those sent on WhatsApp, can be read and handed over to law enforcement by the platforms they are sent on, if there is deemed to be a national security or child protection risk...
Currently messaging apps like WhatsApp, Proton and Signal, which offer this encryption, cannot see the content of these messages themselves. WhatsApp and Signal have both threatened to quit the UK market over this demand.
The Digital Markets Bill is also making its way through Parliament. It proposes that the UK's competition watchdog selects large companies like Amazon and Microsoft, gives them rules to comply with and sets punishments if they don't. Several firms have told me they feel this gives an unprecedented amount of power to a single body. Microsoft reacted furiously when the Competition and Markets Authority (CMA) chose to block its acquisition of the video game giant Activision Blizzard. "There's a clear message here — the European Union is a more attractive place to start a business than the United Kingdom," raged chief executive Brad Smith. The CMA has since re-opened negotiations with Microsoft. This is especially damning because the EU is also introducing strict rules in the same vein — but it is collectively a much larger and therefore more valuable market.
In the UK, proposed amendments to the Investigatory Powers Act, which included tech firms getting Home Office approval for new security features before worldwide release, incensed Apple so much that it threatened to remove Facetime and iMessage from the UK if they go through. Clearly the UK cannot, and should not, be held to ransom by US tech giants. But the services they provide are widely used by millions of people. And rightly or wrongly, there is no UK-based alternative to those services.
The article concludes that "It's a difficult line to tread. Big Tech hasn't exactly covered itself in glory with past behaviours — and lots of people feel regulation and accountability is long overdue."
Currently messaging apps like WhatsApp, Proton and Signal, which offer this encryption, cannot see the content of these messages themselves. WhatsApp and Signal have both threatened to quit the UK market over this demand.
The Digital Markets Bill is also making its way through Parliament. It proposes that the UK's competition watchdog selects large companies like Amazon and Microsoft, gives them rules to comply with and sets punishments if they don't. Several firms have told me they feel this gives an unprecedented amount of power to a single body. Microsoft reacted furiously when the Competition and Markets Authority (CMA) chose to block its acquisition of the video game giant Activision Blizzard. "There's a clear message here — the European Union is a more attractive place to start a business than the United Kingdom," raged chief executive Brad Smith. The CMA has since re-opened negotiations with Microsoft. This is especially damning because the EU is also introducing strict rules in the same vein — but it is collectively a much larger and therefore more valuable market.
In the UK, proposed amendments to the Investigatory Powers Act, which included tech firms getting Home Office approval for new security features before worldwide release, incensed Apple so much that it threatened to remove Facetime and iMessage from the UK if they go through. Clearly the UK cannot, and should not, be held to ransom by US tech giants. But the services they provide are widely used by millions of people. And rightly or wrongly, there is no UK-based alternative to those services.
The article concludes that "It's a difficult line to tread. Big Tech hasn't exactly covered itself in glory with past behaviours — and lots of people feel regulation and accountability is long overdue."
China (Score:5, Insightful)
Many of them are happy to operate in China, so there's a fair amount of hypocrisy and bluster going on.
On the other hand also fuck the Tories. "Taking back control" of as far as they are concerned becoming unencumbered autocrats.
And post Brexit, we are not quite big enough to call the shotslike we were in the EU.
Basically everyone sucks here. Curbing the power and reach of the megacorp is a good thing, but doing it do you can spy on your citizens is so much not. And they are all hypocrites.
Re:China (Score:5, Insightful)
Many of them are happy to operate in China, so there's a fair amount of hypocrisy and bluster going on.
You don't need to be able to decrypt messages in transit when you already have spyware apps installed on the devices.
Re: (Score:2)
And since all internet access in China is via state controlled NATing gateways, they also know if the device's spyware has failed to phone home and they will remedy this for the owner.
Re: (Score:2)
Many of them are happy to operate in China, so there's a fair amount of hypocrisy and bluster going on.
Sure, because all Britons want to live in the UK version right wing version of communist China run by the Tory party.
Re:China (Score:5, Insightful)
Yep. With money from 1 billion people, you can afford to build entirely separate software and hardware stacks just for China.
Moreover, the rules in China are actually easier to follow. The government simply tells you what to do, so all you have to do is follow their orders. They don't make some vague rules and come after you with billion dollar fines when you fail to follow their interpretation of those rules.
Re: China (Score:4, Interesting)
Re: (Score:3)
Re: (Score:2)
>If the message is stored and hits servers based in China, you can bet the Gov can read the message.
I'll take that bet. How much are you wagering? I'm sure that there is, among the billions of people in China, someone who uses a VPN to get around the Great Firewall. I'm also sure that at least one of the people that do so uses Signal. I'm also sure that the Chinese government hasn't broken the Signal protocol or encryption methods.
So, wanna bet?
Re: (Score:3)
You don't need to backdoor anything.
I bet whatsapp could send out a push request to get a phone to send them the encryption key. If the push request needs to be signed then there's no "backdoor" - it's cryptography working perfectly.
Re: (Score:2)
So long as they are reelected, the question is moot.
Re: (Score:2)
Because iMessage messages are backed up to iCloud in most cases, and the Chinese government has access to them that way. There's also a provision about companies having to assist law enforcement with access in China, so it's possible, even likely, that Apple can selectively collect iMessage communications in real-time from specific targets.
Re: (Score:2)
iMessage works in China and is end to end encrypted. China has not stopped that.
Could that be an indication that the handsets themselves are compromised in the China market? End-to-end encryption doesn't work if one of the ends is compromised. (which could just be the simple "$5 wrench" compromise - this is China, after all)
Re:China (Score:5, Insightful)
To be fair, the UK doesn't fine you billions of dollars based on a disagreement over interpretation of the rules either. If there is disagreement that cannot be settled out of court, the courts don't usually impose fines unless the company doesn't comply after the ruling has been made. The principle is that you can legitimately argue if the rules are unclear, but once clarified you have no excuse for not obeying them.
The EU doesn't either, by the way. The cases where the rules have been disputed tend to revolve around very novel interpretations of them, and companies that failed to engage with regulators. It mostly seems to happen to US companies that think if they simply ignore the rules for long enough they will be allowed to get away with it, or the rules will be changed to reflect "the market reality". The EU doesn't work that way, rules are actually enforced and the regulators can't be so easily bought.
Re:China (Score:5, Interesting)
No its hypocrisy, full stop.
You identified it the difference is the dollars. However being willing to subject a billion Chinese to an enhanced state run panopticon you are directly providing inputs, where you know 100% because they don't even deny it be used to punish political dissent; while being unwilling to work with the UK to ostensibly at least stop exploitation of children and other serious crimes - that is hypocrisy if you claim its about privacy advocacy.
Now if you come out and say its about $$ and we just don't feel like dealing with Downing street - fine.
Re: (Score:2)
No its hypocrisy, full stop.
No it's not. Businesses exist exclusively to make money. The fact you recognise the difference is dollars shows there's no hypocrisy. If you feel otherwise I invite you to open a dictionary some time.
Policies and lobbying to governments exist for the purposes of furthering the goal for dollars. Taking a hard line on one government (to appease people and make money) while taking a soft line on another (to get access to people and make money) is not hypocrisy. You're just gullible enough to read the message r
Re:China (Score:5, Insightful)
The idea one country can set the rules for a multi national group like the EU is faulty.
Sure, a good idea will likely be adopted by others but there is no guarantee all will agree.
So now the UK is slowly finding out what others new al this time, as a group you are stronger, even when you don't always get your own way.
Fighting very large (US) corporations is for the strongest a difficult battle, for a single country it is so much more difficult.
Re:China (Score:5, Informative)
Whe didnt "call the shots" in the EU,
Actually we largely speaking did. The UK was incredibly successful at getting what it wanted passed into legislation. And once it was in, the EU is big enough that everyone has to comply.
End result, in the EU we could call the shots. Now we can say and pass whatever laws we like but certainly don't call the shots.
thats why we chose to leave.
And how's that working out?
Re:China (Score:5, Insightful)
The classic "bendy bananas" myth.
"The EU is imposing silly rules about the curvature of bananas on us!" they whined. In fact, the rules were British. They were the law here, and other countries adopted them so they became a de-facto standard. The EU decided to adopt them formally to make importing and trading bananas easier and cheaper.
Many people know less than nothing about the EU. Everything they believe is a lie, so they have a negative amount of knowledge about it.
Re:China (Score:5, Informative)
It's one of those ones that's wrong on so many levels.
1. Lots of fruit and veg are sold by appearance (class 1, 2, etc) and people demonstrably want this because they pay more for class 1. This just means you can buy class 1 apples from Poland as easily as from the local farm.
2. The rules just specified "not abnormal", so the images of a eurocrat measuring a banana with a ruler are just stupid. It's basically the same as for all class 1 fruit: not deformed.
3. and as you point out the rules were British and we imposed them on the continent.
Re: (Score:2)
We kinda did. Most of the EU laws on privacy and human rights are copies of British laws, as defined by British politicians to the EU parliament. A good chunk of the Maastricht treaty was either written by the British or shaped by the British. The British were incredibly powerful in the EU, far more so than their status in the union would normally allow.
Re: (Score:3)
Re: (Score:3)
The latest faux outrage is about ETIAS. Starting in 2024, British people will have to pay €7 for a 3 year visa to visit the EU. The horror! Brexiteers feel it is unfair for the EU to single them out with an outrageously high amount as revenge punishment for them leaving.
[Spoiler warning] ETIAS was first proposed in 2016
It was supported by the UK government at the time.
It applies to all non-EU countries like the US and Canada.
Re:China (Score:4, Informative)
Whe didnt "call the shots" in the EU, thats why we chose to leave.
That is not entirely true. As a member of the EU, the UK had a vote in what the EU did. In fact the UK was one the main countries that pushed for many regulations. There has been a lot of outright lies that Brexiters told as justification of a dumb idea.
Re: (Score:2)
Not only the UK had a vote. As a founding member the UK had a veto power. And it also had a bunch of exceptions, for example to the use of the single currency or the freedom of movement. But that wasn't enough, so they decided to take their ball and leave, but taking care of stabbing the ball as well.
Corporations vs. people (Score:3)
Re: (Score:2)
This reminds me of the TV series "Cold Lazarus" (watch it after watching Karaoke as it is the sequel to that series).
Cold Lazarus is set in a future where the megacoprs have replaced all of the worlds governments and the people are ruled by them to an extent that ALL experiences are manufactured and sold to the human population. Smoking a real ciggarette and drinking real coffee is a privalege only the super rich can access.
Re: Corporations vs. people (Score:2)
Read "snow crash" and then "the diamond age" instead.
Re: Corporations vs. people (Score:2)
Re: (Score:3)
Re: (Score:3)
Outlawing encryption has been a constant fight since the 1990s. France outlawed encryption for a bit, and the US had encryption export restricted via ITAR for a number of years. The entire cypherpunks movement rallied around Phil Zimmermann and PGP, and eventually things like the Clipper Chip and other GAK (government access to keys) methods were set aside.
It was a miracle that we have encryption at all, other than in DRM.
Governments love the benefits of no encryption. Easier to catch the diaper snipers,
Clearly written by a non-technical person (Score:5, Insightful)
This article strikes a tone that suggests the author believes "big tech" is being "petulant" about end to end encryption, and it seems to be trying pretty hard to conflate other issues, like blocked mergers, with the right to privacy and proper implementation of secure communications.
Signal, mentioned by name in the article, is notably NOT big tech, not even a for-profit company, and they're saying the same thing everyone else is saying: they will exit the market if this regulation goes into effect. That should speak volumes and its stunning that UK politicians have not seemed to notice.
Re: (Score:3)
THANK YOU, I'm glad I'm not the only one that noticed, though I got a different impression than you: where are all the BBC defenders who claim they're not biased? This is far from the only story that I've noticed the author is carefully towing the govt's position.
Re: (Score:2)
This article strikes a tone that suggests the author believes "big tech" is being "petulant" about end to end encryption, and it seems to be trying pretty hard to conflate other issues, like blocked mergers, with the right to privacy and proper implementation of secure communications.
Signal, mentioned by name in the article, is notably NOT big tech, not even a for-profit company, and they're saying the same thing everyone else is saying: they will exit the market if this regulation goes into effect. That should speak volumes and its stunning that UK politicians have not seemed to notice.
Yes! The issues with big tech behaving badly doesn't negate the fact that governments want to spy on us. The UK has an awful record and it always starts with the "proverbial children". Can't we just have some privacy. This is the same UK that isn't dealing properly with simple street crime.
Re: (Score:2, Interesting)
End-to-end encryption doesn't actually exist in ANY consumer software. Encryption consists of two parts: Encryption and Authentication. You need both, and when talking to laymen you mean both when you say "encryption". End-to-end encryption as it exists in iMessage, WhatsApp and Signal, is only one of the two components, but still use centralized authentication. That makes the end-to-end part of the encryption worthless as it can be intercepted at any point for any reason. So it is essentially worthless, an
Re:Clearly written by a non-technical person (Score:5, Interesting)
End-to-end encryption as it exists in iMessage, WhatsApp and Signal, is only one of the two components, but still use centralized authentication. That makes the end-to-end part of the encryption worthless as it can be intercepted at any point for any reason.
You pretend the encryption/decryption is set by an central authority.
Interception of the encrypted message is not hard, decrypting it is the problem.
Also, the big corps like Meta seem not interested in the content of your encrypted messages but they sure keep a record who you are messaging and combine it with things like your and their Facebook profile.
Re:Clearly written by a non-technical person (Score:5, Informative)
I don't think you actually know how Signal works. There is no central authority doing authentication. It is done when you set up your device, on the device itself, and after that *is never done again*. So there is no future ability to MiTM communication.
"But what if the original authentication is MiTM?" - Signal has a solution for that as well. In any Signal conversation, you can perform an authentication ceremony using a third-party channel (ideally, in-person). You and the other party just hit Chat Settings -> View Safety Number, and ensure that you both have the same key on the screen. If you do, then no one has tampered with the conversation.
Yes, in theory,
Re: (Score:2)
> Yes, in theory,
The effort required to defeat Signal isn't worth the effort when they can attack phones out-of-band, so the theory is likely correct.
There'a a gist on how to set up Signal using Debian and only transiently using a phone, relying on manual authentication steps.
That Signal makes it so hard to not depend on a phone and phone number is the most suspicious part. The issue to avoid this problem is, what, half a decade old?
They also know that their Captcha system is very broken on Desktop and
Re: (Score:2)
Re: (Score:2)
End-to-end encryption doesn't actually exist in ANY consumer software.
Well that is an outright lie [wikipedia.org]:
On November 4, 2014, the Electronic Frontier Foundation (EFF) listed iMessage on its "Secure Messaging Scorecard", giving it a score of 5 out of 7 points. It received points for having communications encrypted in transit, having communications encrypted with keys the provider doesn't have access to (end-to-end encryption), . .
Encryption consists of two parts: Encryption and Authentication. You need both, and when talking to laymen you mean both when you say "encryption".
Tell me you do not understand encryption without telling me you do not understand encryption. I am pretty sure messages need to be decrypted. Seems like a huge miss not to have decryption as a part of encryption. And before you say that decryption is part of authentication; authentication is a separate function to decryption.
End-to-end encryption as it exists in iMessage, WhatsApp and Signal, is only one of the two components, but still use centralized authentication.
Centralized authentication defeats the purpose of end-to-end encryption. iMessage and Signal [wikipedia.org] do not use centralized authentication:
The Signal Protocol (formerly known as the TextSecure Protocol) is a non-federated cryptographic protocol that provides end-to-end encryption for voice and instant messaging conversations.
That makes the end-to-end part of the encryption worthless as it can be intercepted at any point for any reason.
If messages cannot be de
Re: (Score:2)
In order to speak volumes you have to have volumes to speak of. Signal is a minor player, you even pointed out it's not big tech. It's not that people don't notice, it's that they ignore them for the minor player they are.
Re: (Score:2)
Let's be honest, outside of this nerdome, most people don't actually care that much. China's system would work in USA just fine, so long as people could still exchange messages. Criminals may also care but only because they don't want to get caught.
Oh, sure, they'll complain at first but would quickly get use to it. So long as they could post their drivel on social media, by and large people just don't really care.
If you aren't an activist and leave governing to the government, you probably get along just f
Re: (Score:2)
These are global services (Score:2)
Implementing different rules and tech for each side of an international conversation (r195 x 195 possible combinations, for 1-to-1 communication) is impractical fif not impossible or the tech platform companies, and highly functionality inhibiting for users.
There needs to be a global regulatory body for this kind of tech, if any, and only restrictions that can be agreed upon by a great majority of nations should be imposed on the tech..
Re: (Score:2)
Well there the problem is that these systems are centralised and proprietary.
There have been separate national telephone networks for a long time, each with its own set of rules and governance.
And anyone who's committing any kind of serious crime is fully aware that their communications can be monitored, and will take steps to protect it.
Re: (Score:2)
which allow people to communicate from country to country. Implementing different rules and tech for each side of an international conversation (r195 x 195 possible combinations, for 1-to-1 communication) is impractical fif not impossible or the tech platform companies, and highly functionality inhibiting for users. .
And yet my mobile phone from the UK will work anywhere in the world. My mains powered electrical devices that run on the UK 230V system will function in the USA either just by plugging it into a wall socket or flicking a switch on the power supply to change from 230V to 120V. It's software, it's beyond simplistic to implement.
Re:These are global services (Score:4, Insightful)
If an international standards body was to create a standard to which these providers would work with (interoperability being one, I should not care if I'm on Signal or Whatsapp, messages should pass between both regardless)
Once my Signal comms is shared with WhatsApp I'm out, the moment Meta (or Google or Apple etc.) get their grubby hands on my communications my privacy is out of the window.
Not because the Meta's can read my messages but because they would milk the links that become apparent.
"won't someone think of the children" argument (Score:5, Insightful)
Re: (Score:2)
Re:"won't someone think of the children" argument (Score:5, Insightful)
This is simply the classic, "won't someone think of the children", argument in order to legislate encryption back doors. What could possibly go wrong? Brought to you by the same politicians that spread misinformation to get Brexit over the line, and look how well that's turning out. Every tech company on the planet knew the answer to this old fairy tale at least a decade ago, and yes they will in-fact vote with their metaphorical feet. Amsterdam and Frankfurt have only prospered post Brexit by those corporations that fled already. Live and learn.
Yep, Brexit was the dumbest thing we could have done.
But this law will never see the light of day. The House of Lords will just keep sending it back with questions, issues, corrections, et al. Every now and then bureaucracy does us a favour.
This kind of policy is just the Tories dog whistling to their hard core fans. They've long since given up any pretence of actually governing for the majority and are just trying to pass laws that their base will like, line the pockets of their friends (and themselves) and delay the next election as long as possible.
Re: (Score:2)
Re: (Score:2, Insightful)
Inflation up above our EU neighbours, trade reduced, employment down, poverty up, food bank use increased, major employers leaving the country. All while our national infrastructure is performing terribly (rivers flooded with sewage, railways not operating...) while owned and run for external profits - that's what you call "pretty well"...
Re: (Score:2)
Guess voting has consequences.
Re: (Score:2)
This long deserved regulation of foreign megacorps being a case in point!
And yet according to TFA and TFS The EU is who have managed to regulate these foreign megacorps while the UK have failed. That you managed to miss the entire premise of the news article is astonishing.
Canada (Score:4, Interesting)
Personally, I'm more concerned with the authoritarian & corrupt turns some govts are taking, e.g. this law in the UK that they claim is to protect children while at the same time separating migrant children from their parents, which is terrifying for them on top of everything else they've already endured, & putting them up in empty hotels with inadequate support & supervision. This sounds like a horrific recipe for cultivating a high risk of child prostitution brothels to me or at least a whole host of child abuse offences.
So can our govts give a more convincing reasoning as to why they need invasive surveillance of everyone's private messaging apps?
Re: (Score:2)
Re: (Score:2)
And... Oh, those poor social media sites who aren't allowed to generate ad revenue from other websites' news!
Re: (Score:2)
I'm sure the news corps will be fine now that nasty social media has taken all their links down. People will go to the news corps websites directly. Not seeing the problem with social media banning the news at all.
Of course, news websites may see a temporary (or even long term) drop in traffic, as now only people that actively seek out the news will ever come to their site. Before, they had a chance at some click throughs.
So again, what's the problem with social media banning news from their platform? It's
I'm honestly waiting for the first organization (Score:3)
It's time someone put their foot down and informs their potential customers via webpage if the IP address matches certain countries:
"Dear hopeful customer, we cannot serve you.
If you want to use our product, get a sensible government"
Re:I'm honestly waiting for the first organization (Score:4, Informative)
PornHUB beat you to this. They're doing that for various states in the US already.
Re:I'm honestly waiting for the first organization (Score:5, Informative)
Yes, several US news websites that didn't want to comply with GDPR took this approach. They consequently lost a lot of traffic, permanently.
Many EU visitors shut out from US sites as a response to GDPR never came back. By temporarily blocking EU users as a response to this regulation, some US news sites have suffered long-term losses of European visitors
https://reutersinstitute.polit... [ox.ac.uk]
Re: (Score:3, Insightful)
I love to email US websites that block me based on the fact they would have to follow GDPR rules should I download their HTML and cookies etc.
I tell them I'm gratefull they are protecting me from their questionable and likley dangerous PII and data practicies.
Needing PII to ship an order (Score:2)
Some smaller web stores don't ship to EU addresses at all anymore. They claim that this is because they need to hold customers' PII between receiving an order and shipping it, yet they can't afford the annual fee for a designated representative pursuant to article 27. How do you treat them?
Re: (Score:2)
I did some minor searching and found this. https://iapp.org/news/a/repres... [iapp.org]
From this link:
For example, a U.S. company without an establishment in the EU that sells products online to consumers in the EU has to comply, because it regularly collects personal data relating to sales of goods; if such a U.S. company uses a service provider to process payments or provide shopping cart functionality, the service provider can also be covered as a "processor."
So a small store is very likely to be using a service pr
Billing addresses vs. shipping addresses (Score:2)
So a small store is very likely to be using a service provider to process payments, and would there be covered since the payment processor is the processor.
A small store that accepts payment through PayPal can avoid seeing billing addresses. It can't so easily avoid seeing shipping addresses.
Re: (Score:2)
Re: (Score:2)
If I really, really want it, I use a remailing service + virtual prepaid card.
Usually I don't need specifically that, their loss.
Re: (Score:2)
The solution to location based blocking is a VPN ... ...it's also the solution to governments who try and force people to use broken encryption
Re: (Score:2)
It's time someone put their foot down and informs their potential customers via webpage if the IP address matches certain countries:
"Dear hopeful customer, we cannot serve you.
If you want to use our product, get a sensible government"
Or just use a VPN which is what they'll do instead.
Re: (Score:2)
I could picture something like an attached note below:
"In the meantime, and on a totally unrelated note, we also now offer VPN services at affordable prices, check (link)"
Re: (Score:2)
Its time to dial back from corporations, and provide services for each other, as the internet was designed to be able to do.
In my part of Europe, a reliable (albeit dying) way of delivering packages is to wait at a bus station, give a little something (sometimes a piece of cake is enough) to the driver with instructions "someone will pick it up at such stop".
Do this with online communication. Be the bus driver.
If you can, run a federated communication server (email, matrix, XMPP... ) . Bring your friends. T
Unfortunate (Score:5, Interesting)
The Tory government policies are very unfortunate, pigheadedly ignoring basic math and reasoning. Backdoors do not work.
Several issues come to mind. Where is the City in this? I can't imagine all the financial infrastructure in the UK will be happy about weaker controls over security. What would Lloyds or Coutts say regarding government mandated backdoors?
UK has set a stronger policy of government support of the private sector with cybersecurity as well. They would be giving that up. NCSC and other governmental organizations and regulators have been remarkably effective at promoting a new path forward for the British economy. This places all their good work in jeopardy.
I must expect Labour will make hay of this as well. The Tories will be destroying good jobs. Britain cannot afford many more tech positions or firms leaving for the US or Canada.
Re:Unfortunate (Score:5, Interesting)
Where is the City in this?
"Fuck business", said Boris Johnson before being elevated to PM by the Tory party, and who then proceeded to purge anyone competent remaining who wasn't loyal to him.
I can't imagine all the financial infrastructure in the UK will be happy about weaker controls over security.
Fuck business, remember.
What would Lloyds or Coutts say regarding government mandated backdoors?
Coutts are owned by NatWest who are owned in part by the government. This means neither are going to be donors, so fuck them.
UK has set a stronger policy of government support of the private sector with cybersecurity as well.
We do?
I must expect Labour will make hay of this as well.
LOL no. Because Starmer is a conservative. His only policy ideas are to take whatever Tory policy hasn't been ruled literally illegal and shuffle a half step left. He's also an authoritarian and loves the oppressive Tory rules. Sure he voted against the anti-protest laws: that's nice and safe. Looks not Tory and they'd pass anyway. But his policy now is to keep them and see how they work out.
Fuck Starmer. He's the second worst choice. Still take him in a heartbeat over the Tories.
The Tories will be destroying good jobs.
So, what's new?
Britain cannot afford many more tech positions or firms leaving for the US or Canada.
They don't care! They are not here to run the country. They are here to enrich themselves with a side order of culture wars. Sunak's a billionaire who likes to fly private jets. He can afford for people in the UK to get poorer. He'll be fine.
You're approaching this in the old way that there is some semblance of desire to actually run the country for its own sake from the Tories. I laud your optimism and I really wish it were the case but there is none.
Re: (Score:2)
> I must expect Labour will make hay of this as well.
Good luck with that. Labour aren't historically very "pro business", and the current crop aren't doing much to buck that trend. If they ever come up with anything that sounds "pro business", it'll be back-filled with something deeply terrible to make up for whatever benefit they might have delivered (usually to placate the unions).
For whatever reason, the Conservative party has imploded - they aren't doing the things they're good at, they're doing a wh
As a brit I say "GREAT!" to much of it (Score:2, Interesting)
> Their "tipping point" is UK regulation
Sorry, but we kinda like protecting ourselves from megacorps that think that if they have enough money they can get away with anything.
In the US I've been told it's almost the other way around, megacorps are practically worshipped while the US likes to attack "big government". The UK could have a good go at tidying up big government too, we have a bit of tidying up to do here and there, but foreign megacoprs already had to be told how to treat our private data wit
Re:As a brit I say "GREAT!" to much of it (Score:5, Informative)
Sorry, but we kinda like protecting ourselves from megacorps that think that if they have enough money they can get away with anything.
Except this is 50% of that and 50% dreadful authoritarian bullshit from the party of person oppression.
Blocking massive M&A: good job!
Destroying the right to privacy so HMN Govt can spy on your? Fuck them.
De-regulation stimulates,
No, this is not generally speaking true. Deregulation can stimulate, but also regulations can stimulate. It depends what's in the way. Deregulation can also do the opposite.
I mean I can send a text or make a 4G phone call INDISE my local Sainsburys, which is a known âoenot spotâ, while not having any chance of a data connection.
Good for you. I can't so that in my house because it's a notspot, but internet messaging works fine. I still have a landline because signal strength in my house is so bad.
Secure comms should be handled by PGP email, most people donâ(TM)t need it (secure comms)
Why? Security is not binary. PGP with good key exchange is the best, but E2E encrypted is still better than plain text. People have a right to secure comms: the government has a history of spying and aiding spying.
So what? I'm bloody glad we stopped this merger
Well indeed.
Re: (Score:2)
The problem is the size of the UK market is for many of these companies insufficient to follow just any rule.
Just imagine the UK would set these rules jointly with the much larger EU...
Re: (Score:2)
The problem is the size of the UK market is for many of these companies insufficient to follow just any rule.
You underestimate the UK. The UK is the world's 6th largest economy and the second largest economy in Europe. It's GDP is bigger than the combined GDP of 19 EU nations. It's Apple's largest European market with more Apple stores than any other European nation.
Re: (Score:3)
As a conservative I'm very much for de-regulation as would be expected but the current conservative government is more like labour these days hence we have this regulation coming, some of it is welcome. De-regulation stimulates, regulation then must come in to put the brakes on for a bit while society adjusts and decides where to go next. Note I said “society”, us, not megacorp boss.
Societies certainly can decide what rules it wants corporations to live under, just as corporations can decide whether or not they want to do business under those rules. Nothing forces them to do business in a country, in the ned it's strictly a business decision.
One challenge is the "internet" has changed how companies do business in that a company could be in one country and it's services accessed in another makes regulation a real challenge and leaving may be the only option.
Re: (Score:2)
I used to use Signal. I was with them for over 10 years, not once did I find any other Signal user. Whatsapp was the way to go and I do use that, for some people, such as my cousin who uses it on a disconnected iphone (contract issues) so it still does wifi thus whatsapp, but outdoors she must use a phone I gave her that makes ordinary 3G calls and SMS anyway.
Then Signal dropped SMS/MMS support. Which meant it was next to useless. The crazy boss at Signal said “SMS isnt secure”. Duh, we know that. What us SMS Signal users were using Signal for was for local SMS backups and as a better replacement for the non-free SMS app that was in the phone and probably vulnerable to unpatched attacks.
Besides, that part will not go though. The House of Lords will send it back as "it's not in the public interest", like they have done oh so many times before on the same issue.
This!!! I was quite happy using Signal as my go to messaging app. I occasionally found someone on Signal and my ex wife and a couple friends and family downloaded it to appease me. Once SMS got dropped, it became entirely useless as it was literally just a way to talk to a few people that of course also had sms support.
It was super nice to have a secure way to send private financial information or password related stuff. Once I got a divorce, it literally just became another app I have zero use for, because
Secure communications are already hard (Score:2)
Re: (Score:3)
The companies that rely on their reputation for secure communications would have to exit the market. Once you create a back door for one entity you might as well assume it exists for many others.
And "do it for the children" is a slippery slope. Once it's in, they expand it to all kidnap victims. Then suspected drug dealing. Oh, and of course terrorism. Maybe domestic "terrorism". And you need to watch community leaders to make sure they aren't organizing riots, or protests against the government. Probabl
What's the fuss? (Score:2)
Why is there such a fuss over the encryption used by the apps? In the end messages have to be decrypted to be read and there are enough backdoors already at the OS and hardware level to slurp the messages after they are decrypted.
The whole encryption bruhaha is only a smokescreen to give the users a false sense of security when using the apps with "end-to-end encryption".
Same with messages that are "deleted right away, so they are present for only a very short time" on the servers. As if they cannot be copi
Re: (Score:2)
Haven't been on slashdot very long? How many dozens or hundreds of stories have we had over the years where authority figures have a device (phone or laptop) that they want to access but can't get into. Or how about when people cross borders and the government wants to look at their phone data?
This isn't a took for their hacking toolbox to help with compromised devices, it covers the situation where they have come into physical possession of a device but can't access the messages on it.
Re: (Score:2)
Haven't been on slashdot very long? How many dozens or hundreds of stories have we had over the years where authority figures have a device (phone or laptop) that they want to access but can't get into. Or how about when people cross borders and the government wants to look at their phone data?
Nearly universally they get into them eventually.
But yeah, I've read enough that I'd want to wipe my phone before going through even my own country's customs.
Even though I have jack shit to be concerned about with that (Oh my, you regularly call your own family...)
Re: (Score:2)
IDK, given how backwards some of the US states have become, what if you had a naked picture of your young child in a bathtub or something in a text message from your wife? Now you have child porn.
If that sounds dumb, I agree it is. That doesn't mean it couldn't potentially get you in trouble.
Controller vs. processor (Score:3)
To them a copy of the data is not the same as the original. Maybe bean counters and lawyers can tell the difference between an original digital file and a copy of it.
GDPR distinguishes a "controller," who holds personal data over the course of the controller's direct business relationship with an individual, from a "processor," who temporarily holds personal data received from a controller while providing to the controller a service related to that data. This distinction between controller and processor may help clarify whose copy of a digital file is considered primary.
Wild mix of issues (Score:3)
Regulating acquisition is essentialy, and done by many countries. Capitalism only works as long as their is competition. Preventing big companies from abusing their market positions is essential.
Regulating end-to-end encryption demonstrates either ignorance or wannabe authoriatarianism on the part of the politicians. If government wants surveillance of encrypted messages, they'll just have to put in the hard work of getting a warrant, and inspecting one of the end-points.
These two issues have nothing whatsoever in common. The fact that both are potential bills in the UK? They still have nothing in common, and should never be discussed together. That just muddies the water. Encryption must be defended. M&A issues are complete irrelevant to that battle.
hey UK government (Score:2)
Well, that's a bit backwards (Score:4, Insightful)
Re: (Score:2)
one thing is not the other (Score:2)
Forcing backdoors into cryptosystems is neither regulation nor accountability. It's just authoritarianism and destruction of freedom.
Thinking about the children you are not (Score:3)
And the last thing they're thinking about is the kids. What they want is easy industrial espionage and keeping everyone who doesn't agree with the government under surveillance.
But Brexit (Score:2)
One of the many lies told about Brexit was that it would enable the UK to lessen the regulatory burden on companies because they would be free of the "oppressive" EU.
UK Imessage suddenly unavailable would focus minds (Score:3)
Can you see Apple doing a UK only version of Imessage? Not a chance. Not only because its a pain in the rear re: legal, code, which phones are to be be targeted etc but more importantly, once they cave to one Western government, it will be all of them asking for the same thing.
All Apple would have to do is say "Sorry, no Imessage because UK government wants to snoop on your stuff and we don't want to let them" and the government would about turn so fast that they would break the sound barrier.
Also it's a certain amount of BS on the governments part because most Police action is intelligence led and secondly, failure to surrender a password makes you liable for up to two years inside. They have the tools to fix this, they just want more power.
Oh and no one has told them... Major criminal orgs will just create their own encryption using COTS encryption libraries. You cant "undo encryption" and put it back in its bottle.
"A difficult line to tread" (Score:2)
"It's a difficult line to tread. Big Tech hasn't exactly covered itself in glory with past behaviours — and lots of people feel regulation and accountability is long overdue."
It's a funny thing. You could swap out "Big Tech" for "The Government" in that statement and, it wouldn't seem a bit out of place.
Yet, here we are with a columnist offering his opinion that the corrupt government can be trusted with all the encryption keys. This would be insane even if it made any sense to use deliberately-broken
Rule #1 (Score:5, Insightful)
When making laws, which by definition are applicable to everyone, first decide if there are any exceptions. If there are, then you shouldn't be making laws.
For example, end-to-end encryption is awfully important in eCommerce, electronic banking, B2B transactions, and for securing extranets within a business. That's a hell of a lot of exceptions.
If you wouldn't want your credit card details and bank account details/password for sale, then you're going to need end-to-end encryption. There's no escaping that.
If you don't want the trade secrets of the company that employs you broadcast over the dark web, then your company is going to need end-to-end encryption. There's also no escaping that. (If you don't mind being unemployed, then it's less of a problem.)
There is no such thing as a back door that operates for one person or one organization. If it exists, then it exists for everyone who finds out about it. Which means your credit card details and bank accounts WILL be public knowledge if this law passes as it stands.
I don't like child abuse and don't think the government is doing anything like enough to fight it. But effectively selling MY personal information to the highest bidder is a completely unacceptable way to go about it. It's also not going to be remotely effective.
Is big tech a problem? Yes, it is, and it probably plays a role in protecting child abusers. Mostly, I suspect, through selling personal information to those who are willing to buy. I think you'll find a lot less grooming and a lot less abuse if people were adequately protected against the selling of personally identifying information.
However, a much larger role is probably played by child protection services as they currently stand. More than a few abuse victims have talked about abuse by such services and/or abuse by adults hanging around such services. This would seem to be a significant amount of low-hanging fruit, if protecting the children was actually of any importance. Which tells me that the children are just pawns and that politicians are using Machiavelli's writings as valid policy statements.
Sorry, but as much as big tech sickens me (and there's more than a few megacorps that should IMHO be split up), politicians sicken me even more and I find it deeply disturbing that they would seek to manipulate a gullible populace into abandoning ALL actual security in the hopes that some illusory security may be gained.
You WILL lose your money -- ALL of your money, ALL of your credit -- eventually if this anti-privacy crusade pervades. And that includes your home, your car (if you have one). It means EVERYTHING. Absolutely everything you own, or own through lawful debts, can and WILL be taken from you if this goes ahead. Maybe not next week, maybe not next year, but eventually hackers WILL break any deliberately backdoored system and everything of yours will be for sale on the dark web.
Re: (Score:2)
The UK hasn't had any UK car manufacturing for years ... ARM is still as British as a surprisingly large number of US companies (not very) ...
We currently have a government trying to disconnect us from the world ... they don't have our approval ...
Re: (Score:2)
You had a simple majority vote this in. Voting has consequences!
Re: (Score:2)
False by every measure:
https://www.thebalancemoney.co... [thebalancemoney.com]
Japan holds more US debt than China does, and even then, at right around a trillion, it's nowhere near the majority of $31T of total debt.
Re: (Score:2)
That is not [statista.com] true, unless you consider less than 3% a majority. In fact, less than 25% of US government debt is held by all countries outside the US.