Tech Groups Fear New Powers Will Allow UK To Block Encryption (ft.com) 40
Tech groups have called on ministers to clarify the extent of proposed powers that they fear would allow the UK government to intervene and block the rollout of new privacy features for messaging apps. FT: The Investigatory Powers Amendment Bill, which was set out in the King's Speech on Tuesday, would oblige companies to inform the Home Office in advance about any security or privacy features they want to add to their platforms, including encryption. At present, the government has the power to force telecoms companies and messaging platforms to supply data on national security grounds and to help with criminal investigations.
The new legislation was designed to "recalibrate" those powers to respond to risks posed to public safety by multinational tech companies rolling out new services that "preclude lawful access to data," the government said. But Meredith Whittaker, president of private messaging group Signal, urged ministers to provide more clarity on what she described as a "bellicose" proposal amid fears that, if enacted, the new legislation would allow ministers and officials to veto the introduction of new safety features. "We will need to see the details, but what is being described suggests an astonishing level of technically confused government over-reach that will make it nearly impossible for any service, homegrown or foreign, to operate with integrity in the UK," she told the Financial Times.
The new legislation was designed to "recalibrate" those powers to respond to risks posed to public safety by multinational tech companies rolling out new services that "preclude lawful access to data," the government said. But Meredith Whittaker, president of private messaging group Signal, urged ministers to provide more clarity on what she described as a "bellicose" proposal amid fears that, if enacted, the new legislation would allow ministers and officials to veto the introduction of new safety features. "We will need to see the details, but what is being described suggests an astonishing level of technically confused government over-reach that will make it nearly impossible for any service, homegrown or foreign, to operate with integrity in the UK," she told the Financial Times.
Re: (Score:2)
The biggest group used as the political fear mongering talking points at the time seemed to be eastern European, such as Poles.
Re:Yay Brexit! (Score:5, Insightful)
Re: (Score:2)
The UK is & always has been a highly multiracial & multicultural country.
lmfao
Re: (Score:2)
Re: (Score:1)
The UK always has been a highly multiracial & multicultural country.
How many non-whites lived in Bradford 100 years ago? Now the UK is 80% white, 30 years ago it was 95% white (according to the census numbers), 100 years ago the UK was almost entirely white.
Re: (Score:2)
They were actually white...
We have it better in the U.S.! (Score:2)
Re: (Score:2)
Re: We have it better in the U.S.! (Score:5, Insightful)
You can't actually know that. All you know for sure is you never noticed the effects.
Re: (Score:2)
Why would they do that when they already know everything about you?
Why? (Score:3)
End game? (Score:2)
So would the end game be for the UK government to then try and restrict it's citizens from being allow to use such off shore services? Would they then need to follow China and Russia in cutting itself off from the Internet and running their own UK intern
Re:End game? (Score:5, Interesting)
Re: (Score:2)
Sounds like China.
Re: (Score:2)
Re: (Score:2)
> Sounds like China.
LOL
Google are in china and activley pander to the will of the government.
Re: (Score:2)
Re: (Score:2)
Impossible to operate with integrity (Score:2)
Feature, not bug. You're a subject of the Crown, not the other way around. Why would they want to enable you to hide anything from them?
Only big tech should be covered (Score:2)
There is something perverse about a company like Meta or Apple creating a semi-centralized or fully centralized messaging system that requires the company's services and property to operate and then deliberately designs it so that criminals can use their services and property with minimal prospects of complying with normal legal standards.
This is a completely different thing from hamstringing decentralized protocols or centralized systems that are open source and can be deployed by private parties.
When Big
Re: (Score:3)
because... reasons...
Those "reasons" are because offering end-to-end encryption to their users while offering every TLA agency access are mutually exclusive. If there's a "master key" in existence your encryption is not secure, no matter who is entrusted to keep that key safe. The incidents at LastPass, while not exactly the same, are a close enough example as to why a "master key" is a terrible idea.
Re: Only big tech should be covered (Score:2)
"There is something perverse about a company like Meta or Apple creating a semi-centralized or fully centralized messaging system that requires the company's services and property to operate"
Just stop there, it's a great spot.
Thing is the UK doesn't care who makes the system. The US doesn't care as much because PRISM. You might say aha but what about give w Eyes, but you think the UK trusts the US to give them all the information they ask for?
Re: (Score:2)
Safes are deliberately designed so that criminals can use them. Clearly we must require all safe manufacturers to register the combinations with the government!
Re: (Score:1)
Re: (Score:2)
There is something perverse about a company like Meta or Apple creating a semi-centralized or fully centralized messaging system that requires the company's services and property to operate and then deliberately designs it so that criminals can use their services and property with minimal prospects of complying with normal legal standards.
This is a completely different thing from hamstringing decentralized protocols or centralized systems that are open source and can be deployed by private parties.
When Big Tech says "we can't do anything" that's just pure bullshit because they own the infrastructure and direct the evolution of the whole tech stack. That's barely different than Verizon saying "sorry, we can't be expected to comply with CALEA and related laws because... reasons..."
Dear sir and/or ma'am and/or other,
Please to be looking up the very definition of end-to-end encryption. We'll wait.
Anybody arguing that you can safely leave a back door in end-to-end encryption is not only misinformed, but it seems highly likely that they have been indoctrinated to believe that some $benign_entity is truly blessed with god-like powers to guarantee any backdoor is only used by them, and only for the purest of reasons. I'm not a big fan of these giant tech conglomerates, but one thing is ab
Sounds nasty but unlikely to happen (Score:5, Interesting)
For non UK readers ...
We are in the last year of this government - they must go for an election by December 2024 and they know that they are unpopular and not regarded as being particularly competent.
As such, the focus will be on crowd pleasing initiatives, playing to the perceived prejudices of their supporters and their faithful right wing newspaper editors.
There's a ton of other, bigger problems to solve (to be fair, Covid, Ukraine and Israel aren't the government's fault - though their responses to these issues is) plus the continuing presence of Brexit (the gift that keeps on giving to disaster capitalists and hedge fund managers, and which wreaks more havoc on our economy and everyday life week in week out).
The current bunch of incompetents [and the other parties are little better] know that they have to work wonders on inflation, unemployment and a dozen other "real issues"; they know that they have no real plan so distraction measures like this are the go-to approach.
Realistically, by the time that special committees, expert witnesses, industry consultations and the million and one lawyers and civil servants get going, this will be another thing that ran out of time. The right will blame "lefty woke lawyers", the left will conveniently ignore their past planned measures and the public will have moved onto something else.
Oh, and to clarify for overseas readers - the king has no say in the contents of the speech. He's a glorified [and expensive] puppet whose constitutional role dictates that he rubberstamps government output. It's widely known that his personal views differ considerably from some of the statements in the speech.
In effect, we have one overprivileged, unelected man reading out the words of another rich and unelected (by the populace or indeed his own party) man.
Aint politics great !
Re: (Score:2)
Re: (Score:1)
The Tories have already signalled that they intend to make the next election a mixture of culture war and fearmongering about immigration and crime. It's going to be fucking awful.
The worst part is that Labour have lurched to the right to avoid being accused of being too soft on those issues.
Re: (Score:2)
He's a glorified [and expensive] puppet whose constitutional role dictates that he rubberstamps government output.
The UK has a 'constitution'?
Quantum Doom (Score:2)
Won't matter in the future anyway, when the quantum AI spies just walk right through it and tell your boss that you are secretly a non-conformist.
A simple solution (Score:2)
Apple iOS, Telegram, Signal can have a little icon on the address-bar and a "unencrypted for your safety" message on the status-bar. (Technically, transport encryption, that is, point-to-server encryption, will still be used.)
Not a simple solution (Score:2)
>>"A simple solution"
That is not a solution.