Online Safety Bill
Discussion
A brief search didn't find a thread about it...
https://www.bbc.co.uk/news/technology-66240006
This is currently going through Parliament, and the big contention is clauses that will force technology companies that provide encrypted messaging services to implment scanning technology to scan for child abuse material.
The companies concerned are strongly opposed, and Signal even suggests they would rather withdraw their services from the UK market rather than implement the technology.
There are significant concerns that the technology used could be used for other purposes once implemented.
The critics say that while it starts with CSA material, it could be easily expanded to include any kind of material, and would have significant impacts for journalists and activists who would find it even harder to securely communicate material that Governments would rather they did not.
I'm not sure how I feel about it. The goal is very laudable... but the implementation means that the technology company is actively "reading" messages before they are sent, and I can see how that can be misused.
https://www.bbc.co.uk/news/technology-66240006
This is currently going through Parliament, and the big contention is clauses that will force technology companies that provide encrypted messaging services to implment scanning technology to scan for child abuse material.
The companies concerned are strongly opposed, and Signal even suggests they would rather withdraw their services from the UK market rather than implement the technology.
There are significant concerns that the technology used could be used for other purposes once implemented.
The critics say that while it starts with CSA material, it could be easily expanded to include any kind of material, and would have significant impacts for journalists and activists who would find it even harder to securely communicate material that Governments would rather they did not.
I'm not sure how I feel about it. The goal is very laudable... but the implementation means that the technology company is actively "reading" messages before they are sent, and I can see how that can be misused.
Ian974 said:
frisbee said:
If WhatsApp is withdrawn from the UK the government would cease to function.
There would be some delicious irony if this government managed to implement some incredibly strong anti corruption tools entirely unintentionally 
You think they'll use it to stop Foreign Secretaries arranging to wander off from Conferences to meet privately with 'former' KGB agents?
Rivenink said:
I've encountered wishful thinking before... but nothing on this level.
You think they'll use it to stop Foreign Secretaries arranging to wander off from Conferences to meet privately with 'former' KGB agents?
No, they wouldn't, and I agree with a lot of the concerns around government meddling on these things. Just a comment on the generally low level of parliamentary competence we've sadly been getting used toYou think they'll use it to stop Foreign Secretaries arranging to wander off from Conferences to meet privately with 'former' KGB agents?
Ian974 said:
Rivenink said:
I've encountered wishful thinking before... but nothing on this level.
You think they'll use it to stop Foreign Secretaries arranging to wander off from Conferences to meet privately with 'former' KGB agents?
No, they wouldn't, and I agree with a lot of the concerns around government meddling on these things. Just a comment on the generally low level of parliamentary competence we've sadly been getting used toYou think they'll use it to stop Foreign Secretaries arranging to wander off from Conferences to meet privately with 'former' KGB agents?
And the real sting in it all is that it will be ineffective. All it would take is for the contents of the message to be encryped before it is seen by the messaging service.
https://www.bbc.co.uk/news/technology-66256081
Apple now saying they will entirely remove services such as Facetime and iMessage from the UK rather than acquiesce to proposed law changes that go beyon the Online Safety bill, and includes demands that:
- Companies have to tell the Home Office of any changes to product security features before they are released
- the requirement for non-UK-based companies to comply with changes that would affect their product globally - such as providing a backdoor to end-to-end encryption (which would open up a risk that others would also be able to use that backdoor; including criminals and hackers)
- having to take action immediately if a notice to secretly disable or block a feature is received from the Home Office, rather than waiting until after the demand has been reviewed or appealed against
These are some quite extreme demands from the UK government.. that could impact not only UK citizens but everyone worldwide.
Apple now saying they will entirely remove services such as Facetime and iMessage from the UK rather than acquiesce to proposed law changes that go beyon the Online Safety bill, and includes demands that:
- Companies have to tell the Home Office of any changes to product security features before they are released
- the requirement for non-UK-based companies to comply with changes that would affect their product globally - such as providing a backdoor to end-to-end encryption (which would open up a risk that others would also be able to use that backdoor; including criminals and hackers)
- having to take action immediately if a notice to secretly disable or block a feature is received from the Home Office, rather than waiting until after the demand has been reviewed or appealed against
These are some quite extreme demands from the UK government.. that could impact not only UK citizens but everyone worldwide.
Oliver Hardy said:
How can UK laws cover companies that are based abroad and offer their services from there?
The Data Protection Act does this. The precedent is there.
But DPA is just GDPR in UK law. The question is, can the UK Government enforce its will?
Apple and Signal have already indicated that they would rather withdraw from the UK market than follow the proposed UK laws.
The question then becomes, how does the UK ensure its citizens do not access these services. Will they next ban VPN's to prevent UK users accessing banned services?
Looks like the proposals will reduce in less protection for U.K. population in terms of security, Apple and Signal threatening to stop iMessage and FaceTime in U.K. market, I’m sure I read a while back that WhatsApp will pull out of the U.K. if this goes ahead.
This from the Guardian article on it:
“If the government push on regardless then Apple will simply join the growing band of vendors that would leave the UK. British users could end up as one of the most isolated, and insecure, groups in the world. In that scenario nobody wins.”
Another fine mess you’ve got us into Stanley….
This from the Guardian article on it:
“If the government push on regardless then Apple will simply join the growing band of vendors that would leave the UK. British users could end up as one of the most isolated, and insecure, groups in the world. In that scenario nobody wins.”
Another fine mess you’ve got us into Stanley….
Rivenink said:
The Data Protection Act does this.
The precedent is there.
But DPA is just GDPR in UK law. The question is, can the UK Government enforce its will?
Apple and Signal have already indicated that they would rather withdraw from the UK market than follow the proposed UK laws.
The question then becomes, how does the UK ensure its citizens do not access these services. Will they next ban VPN's to prevent UK users accessing banned services?
Not sure how many U.K. users of iPhones would actually know how to do that…. My Mrs struggles sending a message as it is out of the box! The precedent is there.
But DPA is just GDPR in UK law. The question is, can the UK Government enforce its will?
Apple and Signal have already indicated that they would rather withdraw from the UK market than follow the proposed UK laws.
The question then becomes, how does the UK ensure its citizens do not access these services. Will they next ban VPN's to prevent UK users accessing banned services?
steveatesh said:
Rivenink said:
The Data Protection Act does this.
The precedent is there.
But DPA is just GDPR in UK law. The question is, can the UK Government enforce its will?
Apple and Signal have already indicated that they would rather withdraw from the UK market than follow the proposed UK laws.
The question then becomes, how does the UK ensure its citizens do not access these services. Will they next ban VPN's to prevent UK users accessing banned services?
Not sure how many U.K. users of iPhones would actually know how to do that…. My Mrs struggles sending a message as it is out of the box! The precedent is there.
But DPA is just GDPR in UK law. The question is, can the UK Government enforce its will?
Apple and Signal have already indicated that they would rather withdraw from the UK market than follow the proposed UK laws.
The question then becomes, how does the UK ensure its citizens do not access these services. Will they next ban VPN's to prevent UK users accessing banned services?
Rivenink said:
steveatesh said:
Rivenink said:
The Data Protection Act does this.
The precedent is there.
But DPA is just GDPR in UK law. The question is, can the UK Government enforce its will?
Apple and Signal have already indicated that they would rather withdraw from the UK market than follow the proposed UK laws.
The question then becomes, how does the UK ensure its citizens do not access these services. Will they next ban VPN's to prevent UK users accessing banned services?
Not sure how many U.K. users of iPhones would actually know how to do that…. My Mrs struggles sending a message as it is out of the box! The precedent is there.
But DPA is just GDPR in UK law. The question is, can the UK Government enforce its will?
Apple and Signal have already indicated that they would rather withdraw from the UK market than follow the proposed UK laws.
The question then becomes, how does the UK ensure its citizens do not access these services. Will they next ban VPN's to prevent UK users accessing banned services?
As I posted elsewhere, the opposite of liberal is illiberal. This isn’t new; don’t forget Aldous Huxley was British.
Many have criticised me on here over many years for backing a proper British constitution, separation of powers, PR, constitutional court, etc and for believing our freedoms were better-protected within the EU.
This is why. Whenever there’s a lack of protection, a lack of rights, that will be exploited and abused. Every time. This is why principles matter - when it gets to this stage, it is usually too late.
Criminals, of course, will be unaffected - satellite comms, jailbroken phones, illegal software. This isn’t about them, just as so much legislation doesn’t really achieve anything.
This is no more or less chilling than China’s great firewall. The clever part? Doing it in a democracy!
We have no rights. We need to get some in a hurry. Revolution isn’t too much to hope for.
Be very wary when governments or securocrats use the threat of terrorism or child abuse to justify their measures. Those are the justifications but they’ll end up scanning everyone’s messages.
“If you’ve nothing to hide you’ve nothing to fear” is a pernicious lie. You don’t know now what you’ll need to hide in the future.
Furthermore, if there’s a back door for the British security services then it’ll only be a matter of time before the Chinese, Russian, Israeli and American security services find it, if they’re not beaten to it by non-state hackers.
“If you’ve nothing to hide you’ve nothing to fear” is a pernicious lie. You don’t know now what you’ll need to hide in the future.
Furthermore, if there’s a back door for the British security services then it’ll only be a matter of time before the Chinese, Russian, Israeli and American security services find it, if they’re not beaten to it by non-state hackers.
Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff