Summary
The UK Parliament has passed the Online Safety Bill (OSB), claiming it will enhance online safety but actually leading to increased censorship and surveillance. The bill grants the government the authority to compel tech companies to scan all user data, including encrypted messages, to detect child abuse content, effectively creating a backdoor. This jeopardizes privacy and security for everyone. The bill also mandates the removal of content deemed inappropriate for children, potentially resulting in politicized censorship decisions. Age-verification systems may infringe on anonymity and free speech. The implications of how these powers will be used are a cause for concern, with the possibility that encrypted services may withdraw from the UK if their users’ security is compromised.
But how would they even enforce that? It’s E2E, and I doubt anyone would add backdoors to every app, website, and service that uses it.
They won’t need to. Signal, WhatsApp, Session and iMessage (Apple) have already said they’ll withdraw their products from the UK market. Meta are making similar noises regarding Facebook Messenger.
Personally, I don’t trust or use anything Meta because I very well recall what Zuck said when fb was still university only.
Bet they’ll try to come up with their own “private” messenger as an alternative too for the public
They don’t need to backdoor end-to-end encryption when they can instead snoop at the endpoints (e.g. the apps).
Governments can force service providers to either do that or no longer operate in their jurisdiction.
This won’t stop especially knowledgeable people (including criminals) from using encrypted comms, but it will make it much harder to access for everyone else, thereby robbing the general population of an essential safety tool, among other things. It’s terrible for democracy and dangerous to vulnerable populations. The article is worth reading.
I suspect that the UK will just say “either you add the backdoor or you don’t operate here”
Which from a cynical perspective is just an easy check for hackers to see if a particular target is vulnerable by seeing if they’re allowed to operate in the UK
I mean, kinda sounds like the companies beat it to the punch or are threatening to. Which is the real path forward. Buh-bye Whatsapp and Signal disappearing and fully encrypted messages you parliamentarians and government folks are so fond of to avoid public transparency and “priveleged” info. They will last 5 seconds before the bill is scrapped.
Regarding iMessage, I believe they are honestly safer and better off without out it. Fight me(!), aha
Of course, what this means in reality is that all Brits will start using VPNs all the time, so they can get their secure apps from international app stores.
At that point everyone has plausible deniability and the security theatre is complete.
You mean you didn’t hear about that new encryption standard that keeps your data completely private from everyone except for the good guys?
Double Rot-13? I hear it’s state of the art.