Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
United Kingdom Government

Why US Tech Giants Are Threatening to Leave the UK (bbc.com) 181

"It was difficult to maintain a poker face when the leader of a big US tech firm I was chatting to said there was a definite tipping point at which the firm would exit the UK," writes a BBC technology editor: Many of these companies are increasingly fed up. Their "tipping point" is UK regulation — and it's coming at them thick and fast. The Online Safety Bill is due to pass in the autumn. Aimed at protecting children, it lays down strict rules around policing social media content, with high financial penalties and prison time for individual tech execs if the firms fail to comply. One clause that has proved particularly controversial is a proposal that encrypted messages, which includes those sent on WhatsApp, can be read and handed over to law enforcement by the platforms they are sent on, if there is deemed to be a national security or child protection risk...

Currently messaging apps like WhatsApp, Proton and Signal, which offer this encryption, cannot see the content of these messages themselves. WhatsApp and Signal have both threatened to quit the UK market over this demand.

The Digital Markets Bill is also making its way through Parliament. It proposes that the UK's competition watchdog selects large companies like Amazon and Microsoft, gives them rules to comply with and sets punishments if they don't. Several firms have told me they feel this gives an unprecedented amount of power to a single body. Microsoft reacted furiously when the Competition and Markets Authority (CMA) chose to block its acquisition of the video game giant Activision Blizzard. "There's a clear message here — the European Union is a more attractive place to start a business than the United Kingdom," raged chief executive Brad Smith. The CMA has since re-opened negotiations with Microsoft. This is especially damning because the EU is also introducing strict rules in the same vein — but it is collectively a much larger and therefore more valuable market.

In the UK, proposed amendments to the Investigatory Powers Act, which included tech firms getting Home Office approval for new security features before worldwide release, incensed Apple so much that it threatened to remove Facetime and iMessage from the UK if they go through. Clearly the UK cannot, and should not, be held to ransom by US tech giants. But the services they provide are widely used by millions of people. And rightly or wrongly, there is no UK-based alternative to those services.

The article concludes that "It's a difficult line to tread. Big Tech hasn't exactly covered itself in glory with past behaviours — and lots of people feel regulation and accountability is long overdue."
This discussion has been archived. No new comments can be posted.

Why US Tech Giants Are Threatening to Leave the UK

Comments Filter:
  • China (Score:5, Insightful)

    by serviscope_minor ( 664417 ) on Monday August 14, 2023 @02:48AM (#63765222) Journal

    Many of them are happy to operate in China, so there's a fair amount of hypocrisy and bluster going on.

    On the other hand also fuck the Tories. "Taking back control" of as far as they are concerned becoming unencumbered autocrats.

    And post Brexit, we are not quite big enough to call the shotslike we were in the EU.

    Basically everyone sucks here. Curbing the power and reach of the megacorp is a good thing, but doing it do you can spy on your citizens is so much not. And they are all hypocrites.

    • Re:China (Score:5, Insightful)

      by ls671 ( 1122017 ) on Monday August 14, 2023 @03:11AM (#63765250) Homepage

      Many of them are happy to operate in China, so there's a fair amount of hypocrisy and bluster going on.

      You don't need to be able to decrypt messages in transit when you already have spyware apps installed on the devices.

      • THIS!

        And since all internet access in China is via state controlled NATing gateways, they also know if the device's spyware has failed to phone home and they will remedy this for the owner.
    • Many of them are happy to operate in China, so there's a fair amount of hypocrisy and bluster going on.

      Sure, because all Britons want to live in the UK version right wing version of communist China run by the Tory party.

  • by should_be_linear ( 779431 ) on Monday August 14, 2023 @02:52AM (#63765228)
    Corporations are concentrating such power, that they don't hesitate to go directly against nation states, except USA and EU (so far) even UK after Brexit have no capability to enforce anything to them. Corporations are already involved in all major legislature being introduced and media (public opinion). This is far from democracy, and it is only getting worse.
    • This reminds me of the TV series "Cold Lazarus" (watch it after watching Karaoke as it is the sequel to that series).

      Cold Lazarus is set in a future where the megacoprs have replaced all of the worlds governments and the people are ruled by them to an extent that ALL experiences are manufactured and sold to the human population. Smoking a real ciggarette and drinking real coffee is a privalege only the super rich can access.

    • Exactly. They always threaten to do this or that. Like (the cliché of) a hysterical wife.
  • by ZackSchil ( 560462 ) on Monday August 14, 2023 @02:55AM (#63765232)

    This article strikes a tone that suggests the author believes "big tech" is being "petulant" about end to end encryption, and it seems to be trying pretty hard to conflate other issues, like blocked mergers, with the right to privacy and proper implementation of secure communications.

    Signal, mentioned by name in the article, is notably NOT big tech, not even a for-profit company, and they're saying the same thing everyone else is saying: they will exit the market if this regulation goes into effect. That should speak volumes and its stunning that UK politicians have not seemed to notice.

    • by storkus ( 179708 )

      THANK YOU, I'm glad I'm not the only one that noticed, though I got a different impression than you: where are all the BBC defenders who claim they're not biased? This is far from the only story that I've noticed the author is carefully towing the govt's position.

    • This article strikes a tone that suggests the author believes "big tech" is being "petulant" about end to end encryption, and it seems to be trying pretty hard to conflate other issues, like blocked mergers, with the right to privacy and proper implementation of secure communications.

      Signal, mentioned by name in the article, is notably NOT big tech, not even a for-profit company, and they're saying the same thing everyone else is saying: they will exit the market if this regulation goes into effect. That should speak volumes and its stunning that UK politicians have not seemed to notice.

      Yes! The issues with big tech behaving badly doesn't negate the fact that governments want to spy on us. The UK has an awful record and it always starts with the "proverbial children". Can't we just have some privacy. This is the same UK that isn't dealing properly with simple street crime.

    • Re: (Score:2, Interesting)

      by Carewolf ( 581105 )

      End-to-end encryption doesn't actually exist in ANY consumer software. Encryption consists of two parts: Encryption and Authentication. You need both, and when talking to laymen you mean both when you say "encryption". End-to-end encryption as it exists in iMessage, WhatsApp and Signal, is only one of the two components, but still use centralized authentication. That makes the end-to-end part of the encryption worthless as it can be intercepted at any point for any reason. So it is essentially worthless, an

      • by Teun ( 17872 ) on Monday August 14, 2023 @06:13AM (#63765422)

        End-to-end encryption as it exists in iMessage, WhatsApp and Signal, is only one of the two components, but still use centralized authentication. That makes the end-to-end part of the encryption worthless as it can be intercepted at any point for any reason.

        You pretend the encryption/decryption is set by an central authority.
        Interception of the encrypted message is not hard, decrypting it is the problem.

        Also, the big corps like Meta seem not interested in the content of your encrypted messages but they sure keep a record who you are messaging and combine it with things like your and their Facebook profile.

      • by brunes69 ( 86786 ) <slashdot@nOSpam.keirstead.org> on Monday August 14, 2023 @06:51AM (#63765480)

        I don't think you actually know how Signal works. There is no central authority doing authentication. It is done when you set up your device, on the device itself, and after that *is never done again*. So there is no future ability to MiTM communication.

        "But what if the original authentication is MiTM?" - Signal has a solution for that as well. In any Signal conversation, you can perform an authentication ceremony using a third-party channel (ideally, in-person). You and the other party just hit Chat Settings -> View Safety Number, and ensure that you both have the same key on the screen. If you do, then no one has tampered with the conversation.

        Yes, in theory,

        • > Yes, in theory,

          The effort required to defeat Signal isn't worth the effort when they can attack phones out-of-band, so the theory is likely correct.

          There'a a gist on how to set up Signal using Debian and only transiently using a phone, relying on manual authentication steps.

          That Signal makes it so hard to not depend on a phone and phone number is the most suspicious part. The issue to avoid this problem is, what, half a decade old?

          They also know that their Captcha system is very broken on Desktop and

          • In any system there are vulnerable points of attack and no system is perfect. However E2E itself is a sound system when implemented correctly. The OP was spouting nonsense.
      • End-to-end encryption doesn't actually exist in ANY consumer software.

        Well that is an outright lie [wikipedia.org]:

        On November 4, 2014, the Electronic Frontier Foundation (EFF) listed iMessage on its "Secure Messaging Scorecard", giving it a score of 5 out of 7 points. It received points for having communications encrypted in transit, having communications encrypted with keys the provider doesn't have access to (end-to-end encryption), . .

        Encryption consists of two parts: Encryption and Authentication. You need both, and when talking to laymen you mean both when you say "encryption".

        Tell me you do not understand encryption without telling me you do not understand encryption. I am pretty sure messages need to be decrypted. Seems like a huge miss not to have decryption as a part of encryption. And before you say that decryption is part of authentication; authentication is a separate function to decryption.

        End-to-end encryption as it exists in iMessage, WhatsApp and Signal, is only one of the two components, but still use centralized authentication.

        Centralized authentication defeats the purpose of end-to-end encryption. iMessage and Signal [wikipedia.org] do not use centralized authentication:

        The Signal Protocol (formerly known as the TextSecure Protocol) is a non-federated cryptographic protocol that provides end-to-end encryption for voice and instant messaging conversations.

        That makes the end-to-end part of the encryption worthless as it can be intercepted at any point for any reason.

        If messages cannot be de

    • In order to speak volumes you have to have volumes to speak of. Signal is a minor player, you even pointed out it's not big tech. It's not that people don't notice, it's that they ignore them for the minor player they are.

      • Let's be honest, outside of this nerdome, most people don't actually care that much. China's system would work in USA just fine, so long as people could still exchange messages. Criminals may also care but only because they don't want to get caught.

        Oh, sure, they'll complain at first but would quickly get use to it. So long as they could post their drivel on social media, by and large people just don't really care.

        If you aren't an activist and leave governing to the government, you probably get along just f

      • Signal the app is a minor player. The Signal protocol is used by many apps like WhatsApp and Google.
  • which allow people to communicate from country to country.

    Implementing different rules and tech for each side of an international conversation (r195 x 195 possible combinations, for 1-to-1 communication) is impractical fif not impossible or the tech platform companies, and highly functionality inhibiting for users.

    There needs to be a global regulatory body for this kind of tech, if any, and only restrictions that can be agreed upon by a great majority of nations should be imposed on the tech..
    • by Bert64 ( 520050 )

      Well there the problem is that these systems are centralised and proprietary.
      There have been separate national telephone networks for a long time, each with its own set of rules and governance.

      And anyone who's committing any kind of serious crime is fully aware that their communications can be monitored, and will take steps to protect it.

    • which allow people to communicate from country to country. Implementing different rules and tech for each side of an international conversation (r195 x 195 possible combinations, for 1-to-1 communication) is impractical fif not impossible or the tech platform companies, and highly functionality inhibiting for users. .

      And yet my mobile phone from the UK will work anywhere in the world. My mains powered electrical devices that run on the UK 230V system will function in the USA either just by plugging it into a wall socket or flicking a switch on the power supply to change from 230V to 120V. It's software, it's beyond simplistic to implement.

  • by echo123 ( 1266692 ) on Monday August 14, 2023 @03:08AM (#63765246)
    This is simply the classic, "won't someone think of the children", argument in order to legislate encryption back doors. What could possibly go wrong? Brought to you by the same politicians that spread misinformation to get Brexit over the line, and look how well that's turning out. Every tech company on the planet knew the answer to this old fairy tale at least a decade ago, and yes they will in-fact vote with their metaphorical feet. Amsterdam and Frankfurt have only prospered post Brexit by those corporations that fled already. Live and learn.
    • Even Rupert Murdoch knew to cut his UK exposure [wikipedia.org] when it was the best overall option.
    • by mjwx ( 966435 ) on Monday August 14, 2023 @07:31AM (#63765568)

      This is simply the classic, "won't someone think of the children", argument in order to legislate encryption back doors. What could possibly go wrong? Brought to you by the same politicians that spread misinformation to get Brexit over the line, and look how well that's turning out. Every tech company on the planet knew the answer to this old fairy tale at least a decade ago, and yes they will in-fact vote with their metaphorical feet. Amsterdam and Frankfurt have only prospered post Brexit by those corporations that fled already. Live and learn.

      Yep, Brexit was the dumbest thing we could have done.

      But this law will never see the light of day. The House of Lords will just keep sending it back with questions, issues, corrections, et al. Every now and then bureaucracy does us a favour.

      This kind of policy is just the Tories dog whistling to their hard core fans. They've long since given up any pretence of actually governing for the majority and are just trying to pass laws that their base will like, line the pockets of their friends (and themselves) and delay the next election as long as possible.

      • As someone from across the pond, one of the first questions I had when hearing about the Brexiteers demands to control their borders was the plan for dealing with Northern Ireland. I am no expert in the history of Northern Ireland but my impression that a hard border between Ireland and Northern Ireland would be met with . . . disapproval. But fear not, after almost seven years, the solution to the problem is to act as if Brexit never happened in Northern Ireland.
  • Canada (Score:4, Interesting)

    by VeryFluffyBunny ( 5037285 ) on Monday August 14, 2023 @03:16AM (#63765254)
    Haven't some of them already blocked Canada because of new regulations for paying publishers for using their content? Let's see how long that lasts. This just sounds like all the usual hot air of resistance to any kind of regulation that corporations don't like. I say let's call their bluff.

    Personally, I'm more concerned with the authoritarian & corrupt turns some govts are taking, e.g. this law in the UK that they claim is to protect children while at the same time separating migrant children from their parents, which is terrifying for them on top of everything else they've already endured, & putting them up in empty hotels with inadequate support & supervision. This sounds like a horrific recipe for cultivating a high risk of child prostitution brothels to me or at least a whole host of child abuse offences.

    So can our govts give a more convincing reasoning as to why they need invasive surveillance of everyone's private messaging apps?
    • Some? No, only the ones who make stealing news from legitimate news orgs and posting onto their private sites have pulled out of Canada.
      • Yes, that'd be "some." What the word means. Less specific but still appropriate.

        And... Oh, those poor social media sites who aren't allowed to generate ad revenue from other websites' news!
        • I'm sure the news corps will be fine now that nasty social media has taken all their links down. People will go to the news corps websites directly. Not seeing the problem with social media banning the news at all.

          Of course, news websites may see a temporary (or even long term) drop in traffic, as now only people that actively seek out the news will ever come to their site. Before, they had a chance at some click throughs.

          So again, what's the problem with social media banning news from their platform? It's

  • by Opportunist ( 166417 ) on Monday August 14, 2023 @03:17AM (#63765256)

    It's time someone put their foot down and informs their potential customers via webpage if the IP address matches certain countries:

    "Dear hopeful customer, we cannot serve you.

    If you want to use our product, get a sensible government"

    • by Anonymous Coward on Monday August 14, 2023 @03:45AM (#63765274)

      PornHUB beat you to this. They're doing that for various states in the US already.

    • by ac22 ( 7754550 ) on Monday August 14, 2023 @03:59AM (#63765284)

      Yes, several US news websites that didn't want to comply with GDPR took this approach. They consequently lost a lot of traffic, permanently.

      Many EU visitors shut out from US sites as a response to GDPR never came back. By temporarily blocking EU users as a response to this regulation, some US news sites have suffered long-term losses of European visitors

      https://reutersinstitute.polit... [ox.ac.uk]

      • Re: (Score:3, Insightful)

        I love to email US websites that block me based on the fact they would have to follow GDPR rules should I download their HTML and cookies etc.

        I tell them I'm gratefull they are protecting me from their questionable and likley dangerous PII and data practicies.

        • Some smaller web stores don't ship to EU addresses at all anymore. They claim that this is because they need to hold customers' PII between receiving an order and shipping it, yet they can't afford the annual fee for a designated representative pursuant to article 27. How do you treat them?

          • I did some minor searching and found this. https://iapp.org/news/a/repres... [iapp.org]

            From this link:
            For example, a U.S. company without an establishment in the EU that sells products online to consumers in the EU has to comply, because it regularly collects personal data relating to sales of goods; if such a U.S. company uses a service provider to process payments or provide shopping cart functionality, the service provider can also be covered as a "processor."

            So a small store is very likely to be using a service pr

            • So a small store is very likely to be using a service provider to process payments, and would there be covered since the payment processor is the processor.

              A small store that accepts payment through PayPal can avoid seeing billing addresses. It can't so easily avoid seeing shipping addresses.

          • If I really, really want it, I use a remailing service + virtual prepaid card.
            Usually I don't need specifically that, their loss.

    • The solution to location based blocking is a VPN ... ...it's also the solution to governments who try and force people to use broken encryption

    • It's time someone put their foot down and informs their potential customers via webpage if the IP address matches certain countries:

      "Dear hopeful customer, we cannot serve you.

      If you want to use our product, get a sensible government"

      Or just use a VPN which is what they'll do instead.

      • I could picture something like an attached note below:

        "In the meantime, and on a totally unrelated note, we also now offer VPN services at affordable prices, check (link)"

    • Its time to dial back from corporations, and provide services for each other, as the internet was designed to be able to do.

      In my part of Europe, a reliable (albeit dying) way of delivering packages is to wait at a bus station, give a little something (sometimes a piece of cake is enough) to the driver with instructions "someone will pick it up at such stop".

      Do this with online communication. Be the bus driver.
      If you can, run a federated communication server (email, matrix, XMPP... ) . Bring your friends. T

  • Unfortunate (Score:5, Interesting)

    by Stargoat ( 658863 ) <stargoat@gmail.com> on Monday August 14, 2023 @03:41AM (#63765272) Journal

    The Tory government policies are very unfortunate, pigheadedly ignoring basic math and reasoning. Backdoors do not work.

    Several issues come to mind. Where is the City in this? I can't imagine all the financial infrastructure in the UK will be happy about weaker controls over security. What would Lloyds or Coutts say regarding government mandated backdoors?

    UK has set a stronger policy of government support of the private sector with cybersecurity as well. They would be giving that up. NCSC and other governmental organizations and regulators have been remarkably effective at promoting a new path forward for the British economy. This places all their good work in jeopardy.

    I must expect Labour will make hay of this as well. The Tories will be destroying good jobs. Britain cannot afford many more tech positions or firms leaving for the US or Canada.

    • Re:Unfortunate (Score:5, Interesting)

      by serviscope_minor ( 664417 ) on Monday August 14, 2023 @05:53AM (#63765394) Journal

      Where is the City in this?

      "Fuck business", said Boris Johnson before being elevated to PM by the Tory party, and who then proceeded to purge anyone competent remaining who wasn't loyal to him.

      I can't imagine all the financial infrastructure in the UK will be happy about weaker controls over security.

      Fuck business, remember.

      What would Lloyds or Coutts say regarding government mandated backdoors?

      Coutts are owned by NatWest who are owned in part by the government. This means neither are going to be donors, so fuck them.

      UK has set a stronger policy of government support of the private sector with cybersecurity as well.

      We do?

      I must expect Labour will make hay of this as well.

      LOL no. Because Starmer is a conservative. His only policy ideas are to take whatever Tory policy hasn't been ruled literally illegal and shuffle a half step left. He's also an authoritarian and loves the oppressive Tory rules. Sure he voted against the anti-protest laws: that's nice and safe. Looks not Tory and they'd pass anyway. But his policy now is to keep them and see how they work out.

      Fuck Starmer. He's the second worst choice. Still take him in a heartbeat over the Tories.

      The Tories will be destroying good jobs.

      So, what's new?

      Britain cannot afford many more tech positions or firms leaving for the US or Canada.

      They don't care! They are not here to run the country. They are here to enrich themselves with a side order of culture wars. Sunak's a billionaire who likes to fly private jets. He can afford for people in the UK to get poorer. He'll be fine.

      You're approaching this in the old way that there is some semblance of desire to actually run the country for its own sake from the Tories. I laud your optimism and I really wish it were the case but there is none.

    • > I must expect Labour will make hay of this as well.

      Good luck with that. Labour aren't historically very "pro business", and the current crop aren't doing much to buck that trend. If they ever come up with anything that sounds "pro business", it'll be back-filled with something deeply terrible to make up for whatever benefit they might have delivered (usually to placate the unions).

      For whatever reason, the Conservative party has imploded - they aren't doing the things they're good at, they're doing a wh

  • > Their "tipping point" is UK regulation

    Sorry, but we kinda like protecting ourselves from megacorps that think that if they have enough money they can get away with anything.

    In the US I've been told it's almost the other way around, megacorps are practically worshipped while the US likes to attack "big government". The UK could have a good go at tidying up big government too, we have a bit of tidying up to do here and there, but foreign megacoprs already had to be told how to treat our private data wit

    • by serviscope_minor ( 664417 ) on Monday August 14, 2023 @06:06AM (#63765418) Journal

      Sorry, but we kinda like protecting ourselves from megacorps that think that if they have enough money they can get away with anything.

      Except this is 50% of that and 50% dreadful authoritarian bullshit from the party of person oppression.

      Blocking massive M&A: good job!

      Destroying the right to privacy so HMN Govt can spy on your? Fuck them.

      De-regulation stimulates,

      No, this is not generally speaking true. Deregulation can stimulate, but also regulations can stimulate. It depends what's in the way. Deregulation can also do the opposite.

      I mean I can send a text or make a 4G phone call INDISE my local Sainsburys, which is a known âoenot spotâ, while not having any chance of a data connection.

      Good for you. I can't so that in my house because it's a notspot, but internet messaging works fine. I still have a landline because signal strength in my house is so bad.

      Secure comms should be handled by PGP email, most people donâ(TM)t need it (secure comms)

      Why? Security is not binary. PGP with good key exchange is the best, but E2E encrypted is still better than plain text. People have a right to secure comms: the government has a history of spying and aiding spying.

      So what? I'm bloody glad we stopped this merger

      Well indeed.

    • by Teun ( 17872 )
      Sure it would be nice when the large corps would (in a democracy) follow local rules.
      The problem is the size of the UK market is for many of these companies insufficient to follow just any rule.
      Just imagine the UK would set these rules jointly with the much larger EU...
      • The problem is the size of the UK market is for many of these companies insufficient to follow just any rule.

        You underestimate the UK. The UK is the world's 6th largest economy and the second largest economy in Europe. It's GDP is bigger than the combined GDP of 19 EU nations. It's Apple's largest European market with more Apple stores than any other European nation.

    • As a conservative I'm very much for de-regulation as would be expected but the current conservative government is more like labour these days hence we have this regulation coming, some of it is welcome. De-regulation stimulates, regulation then must come in to put the brakes on for a bit while society adjusts and decides where to go next. Note I said “society”, us, not megacorp boss.

      Societies certainly can decide what rules it wants corporations to live under, just as corporations can decide whether or not they want to do business under those rules. Nothing forces them to do business in a country, in the ned it's strictly a business decision.

      One challenge is the "internet" has changed how companies do business in that a company could be in one country and it's services accessed in another makes regulation a real challenge and leaving may be the only option.

    • I used to use Signal. I was with them for over 10 years, not once did I find any other Signal user. Whatsapp was the way to go and I do use that, for some people, such as my cousin who uses it on a disconnected iphone (contract issues) so it still does wifi thus whatsapp, but outdoors she must use a phone I gave her that makes ordinary 3G calls and SMS anyway.
      Then Signal dropped SMS/MMS support. Which meant it was next to useless. The crazy boss at Signal said “SMS isnt secure”. Duh, we know that. What us SMS Signal users were using Signal for was for local SMS backups and as a better replacement for the non-free SMS app that was in the phone and probably vulnerable to unpatched attacks.
      Besides, that part will not go though. The House of Lords will send it back as "it's not in the public interest", like they have done oh so many times before on the same issue.

      This!!! I was quite happy using Signal as my go to messaging app. I occasionally found someone on Signal and my ex wife and a couple friends and family downloaded it to appease me. Once SMS got dropped, it became entirely useless as it was literally just a way to talk to a few people that of course also had sms support.

      It was super nice to have a secure way to send private financial information or password related stuff. Once I got a divorce, it literally just became another app I have zero use for, because

  • Secure communications with backdoors are an oxymoron.
    • by Hodr ( 219920 )

      The companies that rely on their reputation for secure communications would have to exit the market. Once you create a back door for one entity you might as well assume it exists for many others.

      And "do it for the children" is a slippery slope. Once it's in, they expand it to all kidnap victims. Then suspected drug dealing. Oh, and of course terrorism. Maybe domestic "terrorism". And you need to watch community leaders to make sure they aren't organizing riots, or protests against the government. Probabl

  • Why is there such a fuss over the encryption used by the apps? In the end messages have to be decrypted to be read and there are enough backdoors already at the OS and hardware level to slurp the messages after they are decrypted.
    The whole encryption bruhaha is only a smokescreen to give the users a false sense of security when using the apps with "end-to-end encryption".
    Same with messages that are "deleted right away, so they are present for only a very short time" on the servers. As if they cannot be copi

    • by Hodr ( 219920 )

      Haven't been on slashdot very long? How many dozens or hundreds of stories have we had over the years where authority figures have a device (phone or laptop) that they want to access but can't get into. Or how about when people cross borders and the government wants to look at their phone data?

      This isn't a took for their hacking toolbox to help with compromised devices, it covers the situation where they have come into physical possession of a device but can't access the messages on it.

      • Haven't been on slashdot very long? How many dozens or hundreds of stories have we had over the years where authority figures have a device (phone or laptop) that they want to access but can't get into. Or how about when people cross borders and the government wants to look at their phone data?

        Nearly universally they get into them eventually.

        But yeah, I've read enough that I'd want to wipe my phone before going through even my own country's customs.

        Even though I have jack shit to be concerned about with that (Oh my, you regularly call your own family...)

        • IDK, given how backwards some of the US states have become, what if you had a naked picture of your young child in a bathtub or something in a text message from your wife? Now you have child porn.

          If that sounds dumb, I agree it is. That doesn't mean it couldn't potentially get you in trouble.

    • To them a copy of the data is not the same as the original. Maybe bean counters and lawyers can tell the difference between an original digital file and a copy of it.

      GDPR distinguishes a "controller," who holds personal data over the course of the controller's direct business relationship with an individual, from a "processor," who temporarily holds personal data received from a controller while providing to the controller a service related to that data. This distinction between controller and processor may help clarify whose copy of a digital file is considered primary.

  • by bradley13 ( 1118935 ) on Monday August 14, 2023 @05:52AM (#63765392) Homepage

    Regulating acquisition is essentialy, and done by many countries. Capitalism only works as long as their is competition. Preventing big companies from abusing their market positions is essential.

    Regulating end-to-end encryption demonstrates either ignorance or wannabe authoriatarianism on the part of the politicians. If government wants surveillance of encrypted messages, they'll just have to put in the hard work of getting a warrant, and inspecting one of the end-points.

    These two issues have nothing whatsoever in common. The fact that both are potential bills in the UK? They still have nothing in common, and should never be discussed together. That just muddies the water. Encryption must be defended. M&A issues are complete irrelevant to that battle.

  • it is not the internet's job to babysit your kids for you,
  • by NovusPeregrine ( 10150543 ) on Monday August 14, 2023 @06:13AM (#63765426)
    Looks to me like the UK is threatening to violate the privacy of non-UK citizens. Why on earth should any single country think it can get away with demanding backdoors into the private lives of other countries citizens? That's literally the exact same behavior people blast TikTok and it's China affiliations for. It's not any more right for the UK government to have open access to my stuff than it is for China too. Frankly, I legitimately hope the Tech Firms DO pull out if those bills go through. If you want to regulate worldwide backdoors into the Internet, I suggest you go try to make the UN an actual functional entity and then do it through them. Not commit gross privacy violation against people who aren't yours to govern.
  • The article concludes that "It's a difficult line to tread. Big Tech hasn't exactly covered itself in glory with past behaviours â" and lots of people feel regulation and accountability is long overdue."

    Forcing backdoors into cryptosystems is neither regulation nor accountability. It's just authoritarianism and destruction of freedom.

  • by TheDarkMaster ( 1292526 ) on Monday August 14, 2023 @06:34AM (#63765454)
    Someone needs to explain to UK lawmakers that in an end-to-end encryption model the company responsible for the app cannot see the content of messages even if they wanted to.

    And the last thing they're thinking about is the kids. What they want is easy industrial espionage and keeping everyone who doesn't agree with the government under surveillance.
  • One of the many lies told about Brexit was that it would enable the UK to lessen the regulatory burden on companies because they would be free of the "oppressive" EU.

  • Can you see Apple doing a UK only version of Imessage? Not a chance. Not only because its a pain in the rear re: legal, code, which phones are to be be targeted etc but more importantly, once they cave to one Western government, it will be all of them asking for the same thing.

    All Apple would have to do is say "Sorry, no Imessage because UK government wants to snoop on your stuff and we don't want to let them" and the government would about turn so fast that they would break the sound barrier.

    Also it's a certain amount of BS on the governments part because most Police action is intelligence led and secondly, failure to surrender a password makes you liable for up to two years inside. They have the tools to fix this, they just want more power.

    Oh and no one has told them... Major criminal orgs will just create their own encryption using COTS encryption libraries. You cant "undo encryption" and put it back in its bottle.

  • "It's a difficult line to tread. Big Tech hasn't exactly covered itself in glory with past behaviours — and lots of people feel regulation and accountability is long overdue."

    It's a funny thing. You could swap out "Big Tech" for "The Government" in that statement and, it wouldn't seem a bit out of place.

    Yet, here we are with a columnist offering his opinion that the corrupt government can be trusted with all the encryption keys. This would be insane even if it made any sense to use deliberately-broken

  • Rule #1 (Score:5, Insightful)

    by jd ( 1658 ) <imipakNO@SPAMyahoo.com> on Monday August 14, 2023 @09:53AM (#63766032) Homepage Journal

    When making laws, which by definition are applicable to everyone, first decide if there are any exceptions. If there are, then you shouldn't be making laws.

    For example, end-to-end encryption is awfully important in eCommerce, electronic banking, B2B transactions, and for securing extranets within a business. That's a hell of a lot of exceptions.

    If you wouldn't want your credit card details and bank account details/password for sale, then you're going to need end-to-end encryption. There's no escaping that.

    If you don't want the trade secrets of the company that employs you broadcast over the dark web, then your company is going to need end-to-end encryption. There's also no escaping that. (If you don't mind being unemployed, then it's less of a problem.)

    There is no such thing as a back door that operates for one person or one organization. If it exists, then it exists for everyone who finds out about it. Which means your credit card details and bank accounts WILL be public knowledge if this law passes as it stands.

    I don't like child abuse and don't think the government is doing anything like enough to fight it. But effectively selling MY personal information to the highest bidder is a completely unacceptable way to go about it. It's also not going to be remotely effective.

    Is big tech a problem? Yes, it is, and it probably plays a role in protecting child abusers. Mostly, I suspect, through selling personal information to those who are willing to buy. I think you'll find a lot less grooming and a lot less abuse if people were adequately protected against the selling of personally identifying information.

    However, a much larger role is probably played by child protection services as they currently stand. More than a few abuse victims have talked about abuse by such services and/or abuse by adults hanging around such services. This would seem to be a significant amount of low-hanging fruit, if protecting the children was actually of any importance. Which tells me that the children are just pawns and that politicians are using Machiavelli's writings as valid policy statements.

    Sorry, but as much as big tech sickens me (and there's more than a few megacorps that should IMHO be split up), politicians sicken me even more and I find it deeply disturbing that they would seek to manipulate a gullible populace into abandoning ALL actual security in the hopes that some illusory security may be gained.

    You WILL lose your money -- ALL of your money, ALL of your credit -- eventually if this anti-privacy crusade pervades. And that includes your home, your car (if you have one). It means EVERYTHING. Absolutely everything you own, or own through lawful debts, can and WILL be taken from you if this goes ahead. Maybe not next week, maybe not next year, but eventually hackers WILL break any deliberately backdoored system and everything of yours will be for sale on the dark web.

No spitting on the Bus! Thank you, The Mgt.

Working...