225 comments

[ 4.4 ms ] story [ 249 ms ] thread
Good write up, and encompassing a lot of the frustration people that deal with this feel.
I always feel somewhat awkward reading blog articles like this.

While the author is certainly fighting a good cause, their writing style is very self-righteous and shows lack of self-awareness. Is it working in politics that makes one so jaded and fond of their own prose?

The most jaded thing about all of this was your commentary.
relax, it's just color VS colour all over again
As a UK citizen, I feel jaded and bitter about this topic, as the government have been pushing to "ban encryption" in one form or another for... it feels like decades now? And each time they're advised against it or unable to get it into law, they draw up another proposal and try to sneak it in another way. It feels like one of these days, if they keep trying, they'll manage get it past the experts/lawyers somehow and it'll doom our privacy for a long time. So in the writing, I don't detect over-reaching self-righteousness or a lack of self-awareness - more, awareness of just how tiring and arduous this push for "encryption bans" is getting to everyone who understands the implications of it, and how frustrating it is to have to repeatedly deal with this kind of insidiousness in government.
> It feels like one of these days, if they keep trying, they'll manage get it past the experts/lawyers

I felt exactly the same way about Brexit; it was clear that if we voted Remain that Nigel Farage would still be there - alongside Maxwell's Demon - to shove us towards the door at the next opportune moment.

Seems like this is one of the hardest problems in modern politics - populists only have to win once, due to us having a complex system of preferential arrangements and one-way door decisions.

[flagged]
>statists

Oh cry me a river with that cynical view of democracy.

Just because you aren't engaged in democracy doesn't mean everyone wants to be a lame duck.

To use an infamous quote: We have to be lucky every time. They only have to be lucky once.
The quote is a pithy formulation of Blotto game theory, or "front analysis" [0] which I've taught in cybersecurity for some years now as an introductory concept alongside Dolev-Yeo [1]. It is obliquely connected to the "attackers advantage" (here as a business concept [2]) and "terrorists always win in the end".

As the number of fronts to defend grows, in space or time, the uncertainty of how to allocate resources against novel attacks becomes overwhelming, as does the burden of hyper-vigilance. The enemy can afford to sleep and wait.

Security is an essentially conservative project. One is defending existing resources, rights, powers... against an opportunistic insurgent. Security of democracy (as Franklin said, "if you can keep it") against tyrants (who are simply "terrorists" in waiting) is no different.

[0] https://en.wikipedia.org/wiki/Blotto_game

[1] https://en.wikipedia.org/wiki/Dolev%E2%80%93Yao_model

[2] https://www.goodreads.com/book/show/21413841-the-attacker-s-...

Ironically, Thatcher was in fact lucky every time and they never ended up being lucky at all.
> it feels like decades now?

About 3 of them.

What is it with anglophone politicians and encryption?

I understand that the writer makes a lot of presumptions about the reader, but this is to be expected it is a personal blog called "Hi, I'm Heather Burns" and from the title there is a certain narrative with context implied. There is not an inch of objectivity explicitly or implicitly expected here.

Politics are "self-righteous", if you are not "self-righteous" in discussing and arguing for policies - no matter which view or policy we are talking about - you are not really making a good point, you certainly aren't trying to advocate for whatever you believe in, and you are not morally consistent.

That aside, this particular issue has been beaten over and over, and for someone who is an expert and a career policy advocate: they are not going to waste effort and time by repeating the same points almost everyone reading their blog agrees upon.

I'd argue good policy is a matter of compromise, not conviction.
You need both. As there are some things you cannot conpromise on. Like. Idk. Things factually impossible. Or Human Rights.
Maybe I would tend to agree with you in a different context, but here there is no compromise: it is either backdoor communications at mass or encryption.
I agree with all the other points made here around politics; Compromise, check. Realism, check. Popular conviction, check! ... But one simply cannot go up against mathematics armed with wishful thinking.

The reason this is an issue for splitting is that there really are no half-measures. One must choose a path.

The confounding thing about the UK and encryption these past years is that we've had a technically uneducated government and/or advisors that are mischievous. Nowhere have I ever seen the basic humility and falliblism to say;

  "This is a complex issue. We don't really understand the parameters.
   Choosing this or that path could have terrible consequences. What
   do you the people think?"
Of course most will say, the uneducated "people" are the last to have any useful input. At least the elected government have some political chops, if not any technical vision. But we're not asking "the people" to weigh in on the merits of key escrow or weakened PRNGs - the choice is fascism or democracy - because people have a fundamental right to privacy and democracy cannot thrive without that.
One of my favorite quotes:

"Politics has nothing to do with what a person personally advocates for." - Norman Finkelstein

An example he often gives is advocating for a world without borders. You can advocate for it, and create a group of like minded peiple and write blogs about it, but it will be like creating a cult. Politics, according to him, starts with what the people want. It has to have some concrete proposals and practical momentum that are accepted (or at least not resisted) by the general public.

Everything sounds silly if you read it to yourself in a silly voice. The whole thing did not come across self righteous at all to me. Maybe it is because I follow the developments in net politics enough to know that the cynical undertones here are totally warranted.

Like in Germany, where the supreme court told the government twice that storing all communication data of their citicens without any cause or court order is totally illegal. Guess what: they try it again right now.

The UK government demonstrated in similar fashion that they are not just incompetent, but act with incompetent mallice. Acting above them is hard to avoid, because they make it very hard not to.

One could wonder why it is always the people fighting the good causes that have to act perfectly and self-aware, while the bad actors are given all the slack in the world constantly, while they lie, deceive and twist everything that comes in front of them. "Oh you naive fool, you actually want to be GOOD? Let me find a hair in your soup to validate my own fatalistic position!"

It's the result of online culture rewarding snarky hot takes with increased ad revenue

And it's infected the whole web so that even free blogs use the same voice

As someone who did activism work involving working my provincial government in Canada, sorta ya. For a lot of people, you’re basically navigating the nearly kafka-esc political process, but from the perspective of a ‘normal’ person, as opposed to a politician who gets paid to do so 8 hours a day or whatever.

Also surrounding oneselves with like-minded people who all believe they’re, to some extent, ‘saving the world’, does in fact make you a bit pompous(if only temporarily haha)

I love this writing style. I would love to be courageous and impassioned enough about something to write this way.
It takes no courage to write about politics, just enough rage or cynicism.
Even the most milquetoast political opinion attracts an unreasonable amount of hate online. Not everyone can handle this kind of stuff.
> and while the public knows full well that the Conservatives are openly shitting the bed on their way out, knowing it will be someone else’s responsibility to change the sheets, they’re not dumb.

The author really believes that Labour are gonna throw out this overreaching set of powers?

They were the ones arguing that the Online Safety Bill didn't go far enough as to include VPNs...

They never have and never will.. and that is what makes this kind of legislation extremely dangerous.

After all the talk from the Tories around Brexit and "public mandates" - this is controversial regulation being passed by an non-elected Prime Minister of what can only be described as a dead duck government.

They should be calling a General Election not passing legislation like this.

Are you aware that Labour want to "toughen" the Online Safety Bill?

https://www.theguardian.com/technology/2023/jan/01/labour-pl...

A snap General Election would make our situation worse, not better.

We need to ensure the opposition parties (all of them, not just Labour), understand our concerns about weakening encryption.

The toughening discussed in that article entirely applies to protections for children themselves on social media - requiring limits to stop them seeing harmful content.

An interesting debatable question, but not related to the encryption & communication security concerns being discussed here.

Also, from a political POV, they're clearly incentivized to say that what the government is doing is wrong, in all cases - that doesn't necessarily imply that's exactly what they'd actually do in practice (when they too would have to deal with industry backlash directly).

If they have publicly stated somewhere that they'd like to create tougher controls, banning or limiting security tools like encryption I'd be interested to see more information, but I haven't seen any obvious discussion of that.

The author is from Glasgow. My bet would be they don't support Labour either.
pity the british, whose king is already so old that they don't undrestand the smartphone...

no wonder the entire government institution,

from that famous historical island,

is so woefully unprepared to deal with a world where the smartphone is on.

The King doesn't have all that much to do with this. He reads the speech, but he doesn't write it, and he reads it in a flat monotone so that no one knows whether he personally agrees with the government's legislative agenda.

It's just one of his duties, along with welcoming foreign heads of state and opening hospitals. The UK doesn't have a fixed constitution stating who may and may not do what, it has a set of documents and conventions that vaguely add up to a constitution. This has been evolving for the best part of a thousand years, mostly peacefully, and will continue to evolve for the foreseeable future.

The King has a lot to do with human rights issues - it is, after all, in his name that war crimes and other crimes against humanity committed by the state are kept in confidence, away from the publics' prying eyes.

It is because of The King that, for example, Australians are not allowed to investigate their military - a privilege only deigned to be granted by the Sovereign at his whim, and thus rarely if ever actually given.

>mostly peacefully

I beg to differ. Millions of human beings have suffered immense repression from this regime. You may not be one of them, and thus disinclined to observe it, but for those outside the empires citizenship boundaries, this has not been a peaceful situation by any stretch of the imagination.

What The King and his flunkies want to do to the people of the UK, they have been doing to the rest of their Empire for centuries...

> It is because of The King that, for example, Australians are not allowed to investigate their military - a privilege only deigned to be granted by the Sovereign at his whim, and thus rarely if ever actually given.

That is blatantly untrue. It's not because of the monarch themself - the position has little power over that kind of thing. The Aussie govt will be "advising" the crown on what decision to make (i.e. telling), and they could investigate if they wished to, and/or change the law in a heartbeat to allow it.

I'm no royalist, I think it should be abolished. However, it is squarely at the whim of the British and Australian governments when they use this kind of legislation to hide responsibility.

The Australian government can 'advise' the sovereign all they want - but the sovereign still has the right to ignore that advice.

And, it frequently does ignore that advise - see for example the cases of Witnesses J, K, L, M .. whose trials in a Secret Star Court received no civilian oversight on the basis of the national security regime ..

Convention and legality are two entirely different things. Australians cannot call for an investigation into their own military - they can only ask that Parliament advise the sovereign to allow it.

> Australian governments when they use this kind of legislation to hide responsibility.

.. use the 'cover' of the Sovereign to do so.

> I beg to differ. Millions of human beings have suffered immense repression from this regime.

Who exactly has "suffered immense repression from this regime"? Can you give at least a few examples for recent times? Or did you mean historical (e.g. until the abolishment of colonies)?

If we want to talk about relatively recent times, there's the forced removal of the Chagossians from the British Indian Ocean Territories in the late 60s and early 70s, certainly within my lifetime. And in 2010 the British government took further measures to prevent their return despite a High Court judgement saying they should be allowed. The .io TLD should be the national domain for the BIOT residents, but was operated for profit by a British tech company until sold off to an American company.
The 4.561 billion human beings in Asia whose human rights are violated every single day by the NSA and GCHQ: just one set. (Pine Gap, yo.)

The millions of Iraqi citizens who perished during the illegal invasion and destruction of Iraq by a criminal coalition guilty of immense war crimes and crimes against humanity: another set.

The Syrian people, whose sovereign resources are being intentionally denied by an invading, imperial force, such that they cannot rebuild their nation.

The children of Yemen, being genocided on behalf of a totalitarian-authoritarian fascist dictatorship by the repressive Western military apparatus controlled out of Westminster and Washington, DC.

The continent of Africa and the extant interference and meddling that still occur in their democracies by 'our' intelligence agencies, protected by the legal machinations of UK's sovereignty and its operation of a regime of repression in the form of immense denial of human rights at scale.

See also: the UK's own local and immensely repressive surveillance state.

Oh yes. The US with it’s recent youthful presidents.
The UK Home Office has not raised an eyebrow about people shouting "jihad" on the streets of London. The UK government also gave a housing allowance to a leader of Hamas. [1]

The Home Office doesn't seem to care either about child exploitation in Rotherham, Rochdale, Telford, if it is committed by a protected group. [2]

One could suggest that before implementing dragnet surveillance on the public, that the UK government could first investigate what is happening in public view, but is not talked about because it is politically inconvenient.

[1] https://www.thetimes.co.uk/article/hamas-chief-lives-london-... [2] https://www.mattgoodwin.org/p/what-i-told-oxford

Sane, rational people have been calling out these double standard about all sorts of things for many years.

The problem is that certain groups are not allowed to be offended because people are afraid of the backlash. So instead they target only the harmless groups.

Go outside and offend a black person or a muslim.

vs

Go outside and offend a white person or christian.

And you'll see.

It is a symptom of a failing democratic system that is basically a two-party system. There are only two countries in Europe that employ FPTP: the UK....and Belarus.

Labour will need to be pressured into democratic measures that might not be in its best interest as a party.

Tbf, having a coalition system doesn't really solve it either. You avoid some of the more egregious edge case results, but overall having a few large parties that agree on nothing eventually has them unable to form a functional government and the ones that manage to do so fall apart before their term is up.

Having a system with political parties at all is the crux of the issue and we can't move forward without addressing that. We are tribal in nature, and if you give people the slightest excuse to form smaller groups they'll fight other groups forever.

Germany and Sweden both face similar problems with “protected assailants”.
[flagged]
Wikipedia does not corroborate the hysterical claims from the times article.
The home office aren't giving enough funding (and/or organisational change?) to the police either. Bike stolen? Car stolen? House broken into? Mugged on the street? They don't have time to investigate any of it.

This stuff is what actually reduces the quality of life of the average person. Why waste time and money putting this sort of draconian and technically infeasible law through when they're doing nothing about petty (or increasingly less petty) crime?

The Rotherham failings were not so much because of the "wrong type" of perpetrators, but the wrong type of victims. Sexual assault and rape have pretty miserable conviction rates at the best of times, and victims experience substantial misogyny. In the case of Rotherham, most of the victims were young girls who were in the local authority "care" system, many of whom were known to the police already. So the police reacted to their complaints with the old "of course you were raped, you shouldn't have been there / doing that".

(Think about it: do you know the names or faces of any of the Rotherham victims? Are they doing the campaigning? Or is it people using them to grind an axe which has little to do with the actual crimes?)

What is the actual reason for not giving Muhammad Qassem Sawalha, a person with no UK criminal convictions, the rights of any other resident? Are we saying that local authorities should screen people for political views before offering them housing as they are statutorily required to?

> The Rotherham failings were not so much because of the "wrong type" of perpetrators, but the wrong type of victims

> Are they doing the campaigning?

Yes they are

https://youtube.com/watch?v=zRuK5wPd_Fc

And they are saying that the reason why their cases were not investigated was institutional nervousness around race, contrary to what you believe about the situation.

It is a massive burden to place on the victims to also expect them to campaign against the institutions who failed them.

You can also see those such MPs such as Sarah Champion who were ostracised for raising awareness of this issue.

> Are we saying that local authorities should screen people for political views before offering them housing as they are statutorily required to?

Hamas is a designated terrorist organisation in the UK. We should not be offering housing to those connected to terrorist organisations. We should be deporting them.

You very well know Home Office won't go harder on the cases you mentioned, because of fear of backlash.
If UK couldn't see Israel as terrorists group guess they don't do much about Hamas and Jihad.
The important thing here is the one comment by the author, linking to the bill and explanatory notes: "(NB I make no effort to read any of these at the end of a working day.)"
Britain once led the world in computing. I am embarrassed and desolate watching us become weak, tepid imitators of comic-book backward authoritarian regimes. My country will absolutely be "left behind" in the wake of this fiasco.
This is the standard modus operandi for the UK. Yes there are some world class institutions and innovation in the UK - the remaining 99% of the country however ...
"Hanging on in quiet desperation is the English way."
> Britain once led the world in computing.

It's not really a coincidence that our computing pioneer Turing was pushed into suicide by the security services.

since i knew nothing about "the King's speech", outside Colin Firth's movie, here a good layout: https://www.bbc.com/news/uk-politics-32816450

When OP writes "the [...] only one of Rishi Sunak’s time in office", i assume she hopes for it to be the only one.

The overwhelming consensus, confirmed by polling and several byelections held while he was in office, is that the Tories will be resoundingly beaten at the next General Election. They probably won't become the third party (that would be something for the history books - I don't think it has happened for 150 years or so), but they won't produce a Prime Minister. At this point it's basically a self-fulfilling prophecy.
i thought everybody expected the tories to lose in 2019 too ; not according to wikipedia though
Not after Johnson was made PM; and polling was never as bad as it currently is.
I'm extremely relaxed about this sort of legislation in the UK at the moment. The reason is that you need to view our government on 2 axes. The first is authoritarianism, and the second is competence. Whilst the government has been drifting more authoritarian for the last 13 years, it has also collapsed in competence. We've seen bill after bill dragged out for years and never acheived. The last lot wanted to completely re-write our human rights legislation. Needless to say that didn't go well. At this point in the political cycle there is no way serious legislation is going to get through parliament.

What I really worry about is that it looks highly likely post election that the government will be replaced by a much more competent, but still highly authoritarian government. It's easy to forget that last labour party tried to introduce ID cards, and tried to introduce rules to let them lock people up for 90 days without charge. The Labour party has none of the libertarian instincts that part of the tory party has.

So, you are saying that the country is accelerating towards making Brazil a reality. Not a good prospect.

Also, I don't get the obsession against ID cards.

It’s a very Anglo-Saxon objection, they are not mandatory in any of the Five Eyes countries unlike the majority of Western countries. Something to do with preventing government overreach.
> Something to do with preventing government overreach

Which doesn't make any sort of sense, really, if you think about it for more than a few seconds. Any of the governments in question already has at least one, usually multiple databases of their citizens (drivers licenses, births, passports, health systems, social security, taxes etc.) which are easy to correlate for probably 99.99% of people. They wouldn't gain anything from an overreach/surveillance perspective for everyone to have an uniform ID with number and a photo, because they already have all that information anyways. But regular people would gain a ton because they would be easily able to identify themselves uniquely to whoever needs it, without useless intermediaries (like utility bills), and without any risk of identity fraud or errors.

As someone in the last "no2id" campaign: we were against the outcome of introducing ID checks everywhere. It's not good to impose state ID checks on people in their daily life.

What we ended up with is the ID checks were introduced anyway, without the card itself. So you need ID to have a job or a bank account or rent a house, but there's no formal ID system, and deeply ridiculous things like "utility bills" are used instead.

A good example of how stupid the system is: because the British public is anti-immigration, immigrants (and only immigrants) are required to have ID cards. The "biometric residence permit". When you naturalize, one part of the process is .. destroy your ID card.

That's the reason I don't understand the opposition: the government is perfectly able to identify a individual person from its interconnected databases, the lack of an ID card just means you have a hard time identifying yourself.

What you actually want is better control over how government agencies handle your personal information, but I guess people are less spooked by ambiguous worded legislation and databases than by physical pieces of plastic.

Yeah, it's very hard to explain to "normal people" who can see the card but not the database.
> the government is perfectly able to identify a individual person from its interconnected databases

Being somewhat familiar with how this plays out in the NHS, all I can say to this is: that would be very nice. And that's with a system that has an ID number which is legislated to be the primary personal identifier.

Substantially all touch points with the NHS that don't flow through NHS Login require the NHS Number plus two other bits of demographic information, specifically because the interconnected databases can't be relied on to have either one number per person (for which there are valid reasons, but never more than one active), or one person per number (for which some DBA somewhere needs to answer for their crimes against relational consistency).

There is a non-trivial number of medical procedures (some remarkably serious) which are performed on the wrong person every year because they were mis-identified at check-in, or later. Solving this is not as easy as you would think.

I think it's really unfortunate that the ID card legislation didn't go through. Standardising this would have made so many things much easier, especially interacting with government services. Instead we have this convoluted ad-hoc system of proving identity that just frustrates everyone while making fraud more likely. I hope Labour, in the next Parliament, builds upon the voter ID scheme and makes a national ID card for everyone.
As long as you don’t need a residence to have one.
I saw a comment here (that I can't reply to) that brought up the inevitable point:

> The problem with end-to-end encryption is that it is also used to shield from scrutiny the activities of criminals who cause serious harm, including pedophiles and terrorists.

Which is true of course. But walls also are also used to shield criminals from scrutiny. And locks. Tons of things are. That in itself can't be a reason to ban it. Balancing these things against our need for walls and locks has always resulted in the need for walls and locks overriding the need to spy on potential criminals.

The police have the right with suitable warrant to break a lock and breach a wall if necessary
"the police have the right"

I suppose it depends on how your constitution is written ?

I don't know any constitution or law that forbids the police from entering peoples home if there was a serious crime. (A warrant

Btw. landlords also may do this under special circumstances, as well as a firemen.

But the default is, that your home is sacred and the doors my not breached. Just as the default for communication should be, that it is private.

If there is a suspect, the police may hack their computers with a warrant, but they may not hack all of our computers(by implementing backdoors), because it is more comfortable for them.

A wall, not every wall.
So if technology made it possible to "unlock" only a single encrypted connection from a particular suspect, then it would be fine? Because such technology is actually feasible if you accept that the police will never use that to unlock someone's connections without a judicial order (like we seem to assume is the case when the police raids a "wall" or home). That can be enforced by having a system that requires a judge's private key to sign a digital warrant which can the only be used to "unlock" a particular encrypted channel. The judge's private keys would become extremely valuable of course, making the judges high level target: though I suspect they already are.
I don't think many would complain if there was a truly secure way to allow decryption of a single person's communication after the fact.

The problem is partly that end users have no way of knowing when their communication has been decrypted. I know if the cops kicked my door in, I don't know if they're watching my messages with or without a warrant.

Thank God there isn't. My own government scares me more than random hackers do.
> The judge's private keys would become extremely valuable of course, making the judges high level target: though I suspect they already are.

This is the real problem. This introduces a global vulnerability that isn't analogous to anything physical, like breaking down walls. There are almost 50,000 judges in the USA alone. Breaking into any one of their offices or houses, or bribing them, could grant you access to every phone or computer on the planet. A local magistrate doesn't have the authority to issue a warrant to break down every door in the USA, nor would the local police be able to execute such an order even if it could be issued. There are matters of scale here that are novel.

Suitable .. they just come with a warrant of bullshit. Thats enough.
It's visible and rare, when government breaks down the door of your physical home.

These awful new laws make it invisible and routine for the government to break down the door to your digital home.

As much as I like privacy and e2ee, this is an important point.

If there were locks or walls that are entirely impenetrable, would people be disallowed to possess or use them?

I probably wouldn't like it, but it seems less crazy than some people make it out to be.

In practice the analogy doesn't hold up of course, since it's costly and noticeable for cops to raid a house but cheap and easy for the government to spy on everyone (and we know how eager they are to do it).

Why is communication being compared to physical access? E2EE protects my conversations from being "heard" by others. If I was walking at the park talking to my friend, the government wouldn't complain that there's not a microphone nearby. Nobody else is physically able to listen to that conversation, and that's perfectly common and acceptable.
I know it's cliche to bring up 1984 in these kind of talks, but your comment reminded me immediately of that section in the book where Winston goes to that park in order to be away from prying eyes and ears (If I'm remembering it correctly, it's been ages since I've read it).
Winston and Julia go out into the countryside, they each take different trains, then meet at a pre-arranged location in the middle of nowhere, and then go out into the literal woods, to talk (and have sex), and they are still paranoid under every second branch there might be a microphone.
Nobody owns the air around you, whereas the cables and routers and switches your communication propagates through are owned by private corporations and by the state
The fact that nobody owns the air around me is arbitrary. I could make the argument that because I'm in the United States they should be able to listen to any conversation in the United States (by "owning" the air or otherwise).
> In practice the analogy doesn't hold up of course, since it's costly and noticeable for cops to raid a house but cheap and easy for the government to spy on everyone (and we know how eager they are to do it).

The same goes the other way too though - it's cheap for criminals/terrorists to communicate over e2e encrypted software compared to having to travel to meet physically.

What are you talking about?

There are millions of "impenetrable locks" in our society -- things you can do that might give the government less than 100% control over you. You could put your money in crypto where it can never be seized, should crypto be illegal? You could bury your money in a forest where it can never be seized, should shovels be illegal? You can stab somebody with a knife, should knives be illegal? You could fly to a foreign country, should flights be illegal? You could discuss a crime in-person not over the internet, should private conversations be illegal?

The fact is, unless you want a totalitarian state, the agreement is that society functions without perfect control by government, and most of us prefer to live in such regimes. In fact, most of us recognize that regimes that want more and more power over the individual usually end up misusing it.

THe easy boogey-monster is child-porn, but that's bull done by a tiny fraction of the population. The real monster is authoritarian governments, which are the majority of governments in the world.

> You could put your money in crypto where it can never be seized, should crypto be illegal?

Well...

> You could bury your money in a forest where it can never be seized, should shovels be illegal?

Or forests or remote places... obviously not.

> You can stab somebody with a knife, should knives be illegal?

OK, but guns or automatic guns makes this much easily reproducible at scale. And guns are indeed heavily regulated everywhere in the world (well, yeah, there is ONE exception...)

> You could fly to a foreign country, should flights be illegal?

You need a valid passport, pass several checks and you might be on some list and blocked from taking the plane (obviously there are way to hack that, that's not the point). Or denied access to the other country.

> You could discuss a crime in-person not over the internet, should private conversations be illegal?

No, but police can still spy you if they have reasonable (or not...) reasons to do so.

My point is: while I'm not OK with banning encryption or adding some backdoor to it, we cannot deny that the "at scale" differences are important enough to at least have an adult discussion about how the issue should be tackled. Dismissing it like many people in the tech world do is as naive as willing to ban it.

> My point is: while I'm not OK with banning encryption or adding some backdoor to it, we cannot deny that the "at scale" differences are important enough to at least have an adult discussion about how the issue should be tackled. Dismissing it like many people in the tech world do is as naive as willing to ban it.

What? Maybe you're like 20+ years younger than me, because I feel like this boogeyman has been presented for 20 years and routinely shut-down as a bad-faith argument for 20 consecutive years. Maybe without that context it could look like it's never been considered, but it has, and it's been rejected.

The basic summary is this -- You weigh all the positive side-effects of breaking encryption vs all the negative ones and you do the math. And the math is that most governments already are corrupt and take too much power over their citizens and abuse it, and of all the problems in the world child porn and even terrorism are lower on the list than people slipping in the bathtub and it's all FUD.

If there's ANYWHERE we need to trade away privacy to for everybody's wellbeing, it's collecting and exposing information on political corruption, finances, and tax evasion (see US supreme court justices). It's so funny how the people in power forget to mention that auditing of their own behavior could be so valuable... odd...

I'm not disagreeing with you, and not trusting governments or government agencies to not go rogue is a very valid reason. What's not a valid reason is comparing this to other real life examples that are _actually strongly regulated_.
> and of all the problems in the world child porn and even terrorism are lower on the list than people slipping in the bathtub and it's all FUD.

You can also bust the terrorists and child pornographers without breaking everyone else's encryption.

Get a warrant, break into their homes and install a keylogger and snarf all their passwords and break into all their accounts if you have to.

And that's assuming they aren't just stupid and talking about what they're doing on unencrypted channels, which is usually what happens.

Yes, and the adult discussion goes something like this:

We live in the golden age of surveillance. If the authorities want to know where you are, what you buy, who you speak to, what you like, and where you've been, they can get that information. The only thing they cannot do is peek into a conversation if you don't want them to know the contents of your thoughts.

You suggest that perhaps they should be able to do more. This is because you have never lived under a ruthless autocracy, yet.

The level of trust that some people are willing to put into government and its toadies is insane.
I think this -- whether something should be illegal because it could be used to harm others -- isn't a particularly helpful way to frame things. I could drop a refrigerator from a crane onto the jerk who lets his dog poop in my yard, and obviously refrigerators and cranes shouldn't be illegal. OTOH, "you could set off an atom bomb, should atom bombs be illegal?" (Yes, for ordinary folks, obviously.) And "11 year olds could drive a car and have an accident, should 11 year olds driving cars be illegal?" (Yes, obviously.)

I think you have to look at from a broader viewpoint. The government regulates many things for a variety of reasons (public safety, mitigating negative externalities), and aside from libertarian cranks, I don't see anyone shaking their fists at the government for having seatbelt laws or food regulations or speed limits. It's not "because criminals could drive their getaway cars really fast" that we have speed limits.

(Perhaps that's actually what you're implying... not sure.)

A specific lock and a specific wall. They don't have the right to require all locks and walls to be built with fundamental flaws so they can be broken with the tap of a hammer.
If indestructible walls were feasible you bet they'd ban it.
It's useless to get into an escalatory war with the government. Even if you could get an indestructible wall they can just cut off water and power, then siege your home until you come out to get food or something like that.
And they can also arrest or interrogate you without reading your encrypted message. There are plenty of ways to investigate crime that doesn't rely on breaking walls or encryption.
These aren't indestructible wall though. Encryption schemes used by real people in the real world are never implemented and used flawlessly.

The question isn't if you can get at conversation between two law abiding people or two pedophiles - in both cases you can if you through sufficient resources at it. The question is - what's sufficient?

My concern is that if you connive to make it a trivial amount of effort the temptation for Government will be to listen in on every conversation to lessen the chance of missing an important one. Further the more trivial you make it for the Government the better the chance that the not-Government will be able to listen in on any as well.

If on the other hand the effort is non-trivial then the Government will need to carefully consider where to put it's effort. Obviously there's a greater chance that the effort will be misapplied and the two pedophiles will have the freedom to plot or whatever but that tends to worry me less.

Note I'm an American. People run around shooting each other regularly here and I still don't think telling people they can't own a gun is a good idea so I'd take what I say with a grain of salt.

I believe all walls and locks can already be broken by a tap of a hammer.
Except for TSA locks on luggage at the airport. Which are pure placebo pretend locks that don't lock anything from anyone.
The police have the right with suitable warrant to break any encryption.
The police also have all kinds of allowances that aren't afforded to regular citizenry to surveil and pry and monitor and track behaviour and map social contacts and plant listening devices and watching devices and almost any other flavour of surveillance they can get a judge to sign-off.

The problem with all of the above is that it takes human effort, which is costly.

We've all seen the Pandoras Box that the likes of Google and Facebook have opened on automated behavioural decision making. Police want that, their quotas and their budgets neeeeeeeeeeeed iiiiiiiiiiiiiiiiitttt like Renton needs that one last hit.

Outsource our decisions to 'the infallible machine' so that we can answer "computer says no". No culpability, no responsibility, even less need to apply our x million-years-in-the-making built-in logic engines that once (maybe?) were directed and trained in how to be applied to the job of policing in order to better serve the public.

Policing is meant to be difficult, because getting it wrong has great potential to completely fuck people's lives.

If they can't "prove it" without access to the last morsel of individual privacy afforded by E2EE, then it's likely there's nothing to prove.

Earn it you lazy fucks.

Edited to add: A little bit of retrospective guilt in the offensively opinionated ending above, but I'm going to make it a bit worse and spread it a bit wider. It's politicians calling for this because it seems to "play in the electorate". So "earn it you lazy fucks" is directed at all the lazy fucks in the chain from ideas man to lobbyist to number-cruncher to adviser to political mouthpiece to sponsor of legislation to partisan supporters of the bill and even to the somewhat victims as the enforcers of bad legislation. An entire chain in which none of whom seem to have an understanding of the context of what they're promoting outside of "how it plays" or "this says you're doing illegal". Fuck them all out of an airlock.

Not at all, great comment
You cannot have both: privacy and safety, and lawful access for the government. Choose one.

This has consequences: - pegasus was abused by governments to spy and repress people. This is how it is going to be - there is no escape from banning encryption, as governments will do anything in their might to push that through - it introduces backdoors for hackers, and you will be an easy target, because the government want an easy access to your data - paedophiles and terrorist will use other means to communicate, or other protocols, solutions. Therefore lawful access is not to fight with terrorists, and not against paedophiles - what we are left is that it will be used to control population, and have easy access to data

Everything in thread of banning encryption is straight propaganda and naivety of some folks that think banning encryption solves anything.

There was a case in the U.K. where a man was arrested and charged for misgendering a trans person on the street. The very obvious (to me) next step would be facilitating surveillance to track when people commit similar hate crimes (like using the wrong pronouns) online.

We in North America forget that our friends across the pond have a very different relationship with speech than what we enjoy here. I find this bill pretty chilling.

I don't want to believe you. Can you link the case?
I think this is the case being referred to, and it was less misgender, more harassment and public humiliation.

- https://www.bbc.co.uk/news/uk-england-leeds-64905216

The article you've linked doesn't support your interpretation:

> Earlier, the court saw video footage from the preacher's body-worn camera which showed Ms Munir approaching Mr McConnell as he spoke to a small crowd.

> She was seen to ask him: "Does God accept the LBGT community?"

> The video then showed the 42-year-old as he responded to the crowd and referred to her as "this gentleman" and saying: "This is a man."

It appears this trans woman approach a preacher and at best asked a question and got an answer. Without context, I wonder if it were intentionally inflamatory.

Regardless, it hardly fits the bill of 'harassment'.

This is exactly the point I was trying to make, thank you.

I'm unsure why my comment's being received so poorly - for those downvoting - do you disagree with the court's decision? Do you think this does meet the definition for "harassment"?

Nothing to do with disagreeing with the court. That case does not seem particularly relevant to the bill, but is excellent flame bait. And the smug North American comment does nothing to further the discussion either.
(comment deleted)
And that's my point. The court case was about harassment, and (rightfully) quashed on the basis of insufficient harassment. The case was referred to in terms of gender politics. Call me triggered, I came to see what HN'ers thought of the law in relation to these sham end-to-end encryption laws, not G politics.
I see, your point was more a technicality on the legal reason for the charge.

I think the GPs point was not what the charge was, but the reason the person was charged in the first place. Technically the charge may have been harassment, but in reality it was gender politics reasons - it's unlikely a harassment charge would have been laid if the accuser were not a trans person here. The reason this was highlighted was the concept of how other digital laws could be abused in a similar manner.

I think you've misconstrued this case. The preacher was arrested for shouting and harassing a person in a public space.

- https://www.bbc.co.uk/news/uk-england-leeds-64905216

[flagged]
> Not everyone believes in this "gender identity" bullshit, and we shouldn't be forced by the law to accede to the demands of its acolytes.

This feels like a very hateful take. For anyone who needs to hear this: not everyone is like this and a lot of people actually support you in finding your best selves and living happy lives. I'm sorry you have to deal with this.

Debating the extent of the law and how it should be applied is okay, the tone doesn't seem that way to me.

Where is my misconstruction?

> A Christian preacher who was found guilty of harassing a transgender woman by calling her a "man" and "gentleman" has had his conviction quashed.

From what I understand, the 'harassment' claim was based on the misgendering, not the preaching. It sounds as if the court later overturned the claim, but the fact he was charged at all is a tad unsettling to me.

In NYC I walk past preachers at Union Square all the time. I've been called a heretic and a sinner, you just gotta shrug it off. It sounds like in this case, the trans person who felt victimized actually _initiated_ the conversation.

> Earlier, the court saw video footage from the preacher's body-worn camera which showed Ms Munir approaching Mr McConnell as he spoke to a small crowd. She was seen to ask him: "Does God accept the LBGT community?"

So the complementary case here would be if I approached one of the Black Hebrew Israelites in Union Square and asked them how they felt about Catholics, and got the response you'd expect. Do you really think I'd have grounds for a 'harassment' claim?

Like I said, I'm not English, this isn't my country. If the voters of the UK want this type of protection through power of the law, who am I to tell them otherwise. I'm just observing that I'm pleased to live in a country where disagreeing on gender politics isn't enough to land you a criminal record.

> In NYC I walk past preachers at Union Square all the time. I've been called a heretic and a sinner, you just gotta shrug it off.

TBH I'd be totally OK if we de-normalized the passive acceptance of street preachers hurling insults at those who pass by. It feels like they're given a pass because of their "religious" status, while someone acting basically the same but without the religious context stands a good chance of catching a disorderly conduct / disturbing the peace citation.

The overlap between street preacher and ‘person who is disturbed and possibly having some sort of episode’ is unfortunately high where I am. I think that engaging would increase stabbings.
First, the OP was talking specifically about end-to-end encryption. Second, and related to the court case; the arrest happened because of a harassment complaint and the court quashed the complaint on the basis of insufficiently harassing to warrant prosecution. As far as the law was concerned, there was no case related to gender politics but solely harassment. To comment "arrested because of gender politics" is to misconstrue the court case.
People in the UK get arrested just for saying something online about transgender people even if it's not hateful, but 'wrong'. Look at how many people got arrested at the coronation.

Yeah, they don't have free speech like the US, but most countries don't.

Why can you not have both privacy and safety? The notion of privacy isn’t mutually exclusive with finding criminals. Generally, we accept that criminals don’t deserve privacy. Historically, that’s meant that investigators have needed to show someone is likely a criminal before invading their privacy. What’s wrong with that model? Why do we need to change it now?
> You cannot have both: privacy and safety, and lawful access for the government.

Pretty sure GP was putting "privacy and safety" together on one side vs "lawful access for the government" on the other.

I think that it is the best model, but it does require trading some safety for privacy.

The argument goes that police and investigators could intervene faster and stop more criminals if they were not encumbered by probable cause.

Hence, privacy and safety are a tradeoff.

> You cannot have both: privacy and safety, and lawful access for the government. Choose one.

My house seems to. Though I haven’t fallen out with my government so my view is likely naive.

Except of course the counterexample of all of human history. This is the first time ever there's been widely available services that completely commoditize "a lock that law enforcement can't break with effort."

In the universe where a physical analog existed where I could have a safe in my house that was literally impossible for anyone but me to open and was a black-hole of information I can't imagine governments liking that very much. I'm not even some hardened criminal and it's for sure where I would stash my drugs and pirated movies.

This is an identity crisis for law, widespread E2EE means that there are certain kinds of laws that become impossible to enforce. It's the kind of story with Bitcoin and finance. You have a shadow financial system that while you can try and compel the individual participating in it you have no power whatsoever to compel the system as a whole. If a court rules that I am owed money from Bob the best they can do is lock him up, they can't actually go in and transfer the money without the keys.

This existed before, just only for the wealthy. If Bob had that money in a Swiss private bank or distributed over a sprawling network of shell companies in the Carribean, it would be just as tough to get to.

Or for the less wealthy; Bob could have put it all in cash in some hole in the ground that he won't tell the location of. Realistically that's probably more stable of a value store than bitcoin; it's possible that it all gets stolen but given a good location and storage, much less likely than bitcoin dropping 70%. This has physical downsides the aforementioned options lack, hence the real options so far only having been for the wealthy.

Some would say the Royal Family itself is a shield for the activities of pedophiles.

Are we allowed to say that now?

I have a theory that the rich and powerful are more likely to be into more twisted and crazy gross shit because they can afford to have reached various boundaries of human experience, and if they've got that kind of money and power then they're also more likely to be driven to explore such boundaries.

Money and Power are the unpickable locks and impenetrable walls of the conversation above.

> Are we allowed to say that now?

That depends on where you live...

That's a very bad example as all walls and all locks are breakable.
So is encryption with sufficient resources. The point is to make it non-trivial.
The express goal of cryptographers is to make this false.

Currently, no viable attacks on state-of-the-art cryptography are publicly known.

The difference in magnitude of resources required is so immense that it's not meaningful to compare at all.
It's not like police generally go about knocking down walls to find criminals either. Quite often, bypassing walls and locks requires a warrant. And I'm all for police being able to use a warrant to demand that you decrypt a message.

Demanding that people use no or easily breakable encryption amounts to demanding that people use easily pickable locks. Or walls with holes in them. It undermines the security of ordinary people.

It's possible to make encryption where "sufficient resources" is of the order of all the energy in the Sun until the end of time. That's not remotely breakable, even for the government.
I disagree - most breaks in encryption come about not because of poor math but rather poor implementation.
And even those breaks in encryption are overwhelmingly the minority of what gets people caught. Bad OpSec is the worst offender. Metadata too.
But then again, the only reason the balance has landed where it has with respect to physical locks is that physical locks and walls are already breakable by state actors should they need to. There is no truly secure physical lock That's not true for e2ee.
It is also pretty obvious that the lock was broken and it is impossible to break them en-masse, without anybody noticing. That's not true for the government-proposed regulation either.
Yes, exactly. Which is why any comparison of e2ee to physical locks is a ridiculous proposition.
I get caught off guard when people use "physical locks aren't actually that secure because the government can just make it irrelevant, but encryption is dangerously strong" as an argument against encryption, when it should be a tell about how terrifying your government is.
I'm not arguing against encryption. Access to encryption is a generally a good thing. I'm arguing against a specific comparison being made between physical locks and encryption which is ridiculous on many levels, one of which I highlighted in my previous comment.

Broad access to secure encryption is necessary in a free society.

I wasn't necessarily saying you were making that claim. Just in general.
Yes but there are no (non-government) walls that the government can’t itself tear down.
With the added caveat that all throughout history governments have been the biggest perpetrators of children being, well, murdered (for example Anne Frank was a child), to say nothing of the massive land confiscations enacted by the same governments (or at least tacitly supported by them). Which is to say that I’d take the side of the individual rapists and killers each day, every day, if the alternative is of siding with governments who are always two or three foreign policy events away from supporting genocide.

I also blame the same governments for making me take the side of rapists and criminals, not a thing I usually do but that’s what they (the governments) force us to choose.

There is a Douglas Adams quote from 1999 similar to that:

> I don't think anybody would argue now that the Internet isn’t becoming a major factor in our lives. However, it's very new to us. Newsreaders still feel it is worth a special and rather worrying mention if, for instance, a crime was planned by people "over the Internet." They don’t bother to mention when criminals use the telephone or the M4, or discuss their dastardly plans "over a cup of tea," though each of these was new and controversial in their day.

https://douglasadams.com/dna/19990901-00-a.html

Worth remembering that King Charles II banned coffeehouses after returning from exile in Europe because he knew the anti-monarchy opposition groups met and discussed things in coffeehouses.

https://sites.udel.edu/britlitwiki/the-coffeehouse-culture/

I wonder if this explains cafes in Britain? They just don’t work quite right in the UK. Cafes end up being more like tea rooms, and pubs seem to fill the role of ‘place to meet friends, grab foot and a beverage’.

I’m from Auckland, New Zealand. I also completely acknowledge that our pubs aren’t even close to as good as the ones in every single UK town.

Hmm, what's wrong with British cafes? I'm not saying they're great, just that I'm not sure what's missing!

In popular cafes there are usually plenty of people sitting around chatting and/or co-working on Macbooks, if that's what you mean.

Fun fact: the owner of a once very popular UK cafe chain, Lyon's Corner Houses, was a pioneer in computing. They built some of the first digital computers in the UK purely to manage their booming cafe business! https://en.wikipedia.org/wiki/J._Lyons_and_Co.

It’s an controversial topic I know…

Where I am there are broadly two types of cafe. Places that sell coffee and maybe/grudgingly three or four food items in a cabinet. You shouldn’t buy these items as they may be old and you are slowing down the coffee queue. These coffee shops survive on the quality of their coffee. More or less like a bar, but serving coffee. They are often small and grungy. They might have some limited seating. They are usually closed by about 3pm.

The other sort of cafe has a kitchen and makes food to order. They open until late.

Phrasing it carefully, British cafes didn’t make coffee anything like what I’m used to, and were pretty much a tea shop with a coffee machine. I want espresso with a dot of milk. Short, hot and the stronger the better.

I wish we had decent pubs with beer gardens.

In Netherland a cafe is a place you go to drink beer with your friends. I've always assumed that 'pub' was just the British word for 'cafe'. But maybe we're the outlier here.

But if you go to a coffeeshop instead, you also might not find what you're looking for.

I'd put British cafes / coffee shops into, hmm, 4 categories:

- Old-fashioned tea shop with a coffee machine, as you describe. Go for filter coffee if they have it.

- Big chain with OK, very reliable coffee + light food: Starbucks, Costa, Nero etc.

- Hip place with plywood panelling and very good Australian-style coffee. Often very good Danish-style pastries too.

- Brunch-y food place, again I think this style comes via Australia (and the US). Often very good coffee too (but sometimes only OK).

I don't think we really have the "great coffee but bad food" places you describe. Generally if the coffee is good, the cookies/pastries/cakes/sandwiches or whatever they have will be decent too.

The problem is that they are using Macbooks. They should be using real computers instead!
Thank you for sharing this. This is such a deliciously cartoonish fact.

If this weren't true, people would possibly make it up in order joke about how autocratic, out of touch and futile such regulation is.

What the King missed is that it was not to discuss anti-monarchy opposition but simply to get out of that infernal and eternal rain.
I picture him loudly declaring, "That'll do it!" and dusting off his hands
Disappointing, the author spends more column inches in partisan tittle tattle than challenging the substance of these awful laws.

The opposition party (soon to be our govt) want MORE authoritarian control of the Internet:

https://www.theguardian.com/technology/2023/jan/01/labour-pl...

So let's stop indulging in red/blue point-scoring. Less ad-hominems / slurs by association. "Racism" and Trump have no bearing on any of this. Instead, let's focus on the meat and vegetables of bad lawmaking and how we can challenge it. We have an uphill battle, educating our lawmakers and the public about online civil rights issues.

Let's examine the manifestos and pledged positions of the Lib Dems and Reform parties on this issue and, if their stance is sound, lend them our vote. In a FPTP system, our vote won't change the makeup of the Commons, but it will be counted, and it will help inform both Tories and Labour on the direction in which we want to drive our politics.

At present the Lib Dems seem very silent on encryption: https://www.openrightsgroup.org/blog/15101/

And it's nowhere to be found in the Reform Party manifesto either: https://www.reformparty.uk/reformisessential

Lib Dems are on 11% of the popular vote and Reform are on 7% (and growing): https://www.politico.eu/europe-poll-of-polls/united-kingdom/

Either of them could be king-makers at the next General Election, and even if not, the two incumbent parties will be watching the swing to figure out which direction voters are travelling in.

So we need to educate the smaller parties, and get this issue onto their radar. The small, new and hungry parties are more likely to engage directly with us than the old established parties IMO.

Stop raging, start engaging.

I was looking for a country to escape to from mine (EU member ruled by a fascist-in-all-but-its-name government). Sadly, this means I'll have to cross out the UK from the list of potential countries to immigrate to. Since I only really speak English (my German has rusted badly), this leaves only Ireland (but it rains there all the time) and Canada (which is very far).
Come to Ireland! The weather is bad, but not that bad on the east coast, and there are loads of tech jobs
Germany wouldn't have been a smart move, but Austria might be - still a relatively sane, neutral state when it comes to human rights - admittedly surrounded by insanity. Your German will definitely improve.

Ireland? Human Rights > rain. Go for it, mate.

> neutral state when it comes to human rights

Neutrality against oppression is de facto supporting oppression. Having mainstream political parties directly funded by fucking Russia is also hardly conducive to human rights.

Denmark, you can get by without Danish in the Copenhagen tech sector.
Ireland is a pretty good option although Dublin property prices are mad.
(comment deleted)
Inshallah Scotland will get serious about seceding in the near future.
I miss times when people stated their opinions directly and concisely.
Some times the only way to win is by not playing.
> A strange game. The only winning move is not to play.
> Force technology companies to inform the Home Office in advance of security and privacy features they want to add, including encryption, and force them to disable features which the government objects to

This sounds fine to me. The signals intelligence agencies don't want to be blindsided by changes that will hamper their work. Private industry needs to be willing to co-operate for the benefit of everyone, not just their bottom line.

And when a company wants to patch a zero-day exploit being used by criminals to scam customers? What if that impacts the government's surveillance activities?

And what of free/open source software? Does every linux update now need mi6 vetting? Or will we just trust His Majesty's to be nice and not do evil things to us?

Patching an 0-day isn't the same thing as adding a new privacy or security feature.

Linux is different because anyone can very clearly see the roadmap for features by following the LKML.

> Patching an 0-day isn't the same thing as adding a new privacy or security feature

You think that, but where is that written?

> Linux is different because anyone can very clearly see the roadmap for features by following the LKML.

If there's a requirement to inform the HO, posting on LKML is not going to meet that. Also the HO may start vetoing Linux changes.

It's common knowledge. Literally no-one working in this field considers patching a buffer overrun or use-after-free or whatever to be the same as adding a security feature.
Edward Snowden showed that they are not surveilling only because of 'child abuse', but to exert power and control. Why should I help them? Why should anyone help them?

.... but think of the children they scream.

Did you reply to the wrong comment? I didn't mention child abuse.
private industry should belligerently protect customer privacy, even against the wishes of the surveillance state, rugpulling as hard as necessary
"Every single... developer must inform the home office of every security patch".

What would happened if they did that?

Are we talking about individual developers .... or companies? What about if I fix a security issue by accident during a refactor? How is that reported?
Add it to your CI pipeline it will be spamming the fuck out of then on every commit!
I watched the discussion between Musk and Sunak. And at some point they were wondering/discussing about the start-up scene in the UK.

Well... "sure" (in a John Oliver tone). Ask from people to sabotage their own products, and then DO worry why things aren't going the way you want them to (have the pie AND eat it too)

(comment deleted)
Wonder if there is an index to measure the power of government. If there is, would love to see its evolution over time.
The absolute size of taxes over time?
Why aren't these people championing for their own private messages to be fully open to the public to read? Maybe then I could almost take them seriously and I'd even have a bit of respect, but as-is you just know what these pricks want is unfettered access to the plebs private life, but no prying eyes into their own, thank-you-very much.

Wonder how many of the people spouting "but think of the children!" are the actual pedophiles they're always going on about. Knowing politicians, I'd be amazed if 90% of them weren't diddlers themselves, sorta like anti-gay Politicians getting caught in gay scandals or anti-drug politicians getting caught doing coke.

Certainly seems like hypocrisy is the name of the game.
Every one of these politicians should be required to replace all the locks on their homes and offices with TSA luggage locks.
Let's say this passes and the Signal Foundation and Matrix refuse to add surveillance features demanded by the UK. What effect would this have on technology as a whole? Personally I can see it going two ways.

The Matrix.org Foundation operates in the UK would either be shut down, continue in another form elsewhere, or splintered with multiple custodians. I'm not entirely sure about the Signal Foundation, as, on one hand, they are an American org, but on the other hand the US is pushing comparable laws. Regardless I think that "techies" will continue to use and operate Matrix, XMPP, Mastodon, Secure Scuttlebutt and/or other decentralised (P2P/federated) infrastructure outside of the realm of regulation. The form which that takes really depends on whether further repression takes place. Techies are essentially banned from getting compensation or building a business out of providing such platforms and so it may steer towards true P2P and so-called darknets.

Mainstream platforms may find a way around this, like, say, secretly MITM'ing a security number of an encrypted chat. Most of the mainstream platforms are not open source which helps in this regard - the app could even lie about the security verification code to the user. Or perhaps they will be more transparent and simply have all conversations that involve someone that is likely in the UK encrypted for two recipients, one being UK intel. We can only speculate what this might look like, if we would ever even know.

I think this would be a sad outcome for the community and lead to more centralisation towards large, regulated platforms like Facebook, Apple, Google and Microsoft. It would also have a chilling and repressive effect on speech as if that wasn't an issue already. One can only dream of a P2P future but I have some doubts that this would take off without the resources that the big players have.

If that solves the problem with 95% of the cases, the government would deem that good enough I suppose. It's a much better outcome for them than a good encryption by default.

With the price of enforcement going down due to the digitalization of our lives and better LLMs we'll see a lot of "enforcement" in the future.

> I think this would be a sad outcome for the community and lead to more centralisation towards large, regulated platforms like Facebook, Apple, Google and Microsoft.

Your comment made me think... Perhaps it would actually lead to good. If tech people all knew to avoid the 'for-profits' who can be manipulated by a hostile government, we'd all move to something that isn't company run, and drag everyone who relies on us for support along kicking and screaming.

Maybe this is just the kick we need?

> Or perhaps they will be more transparent and simply have all conversations that involve someone that is likely in the UK encrypted for two recipients, one being UK intel.

That's certainly the way it would be implemented — an additional invisible member in every chat, which I've seen openly proposed. There's no way it would be transparent to the users, though. You'd simply have to be tech-savvy enough and well-informed enough to understand implicitly that this is the case.

I feel like legislation has a bloat problem. As people get elected, they all feel the need to "do" something. And all they can do is propose bills.

Over time, doesn't that mean we just end up with more and more legislation about everything?

How do we reign in legislation? How do we say, hey you were elected, but it's possible there isn't any new legislation needed, or barely any?

I’ve always liked Robert Heinlein’s proposal: a two-house legislature, where the lower house only writes new laws and the upper house only repeals existing laws.

> I note one proposal to make this Congress a two-house body. Excellent — the more impediments to legislation the better. But, instead of following tradition, I suggest one house of legislators, another whose single duty is to repeal laws. Let the legislators pass laws only with a two-thirds majority... while the repealers are able to cancel any law through a mere one-third minority. Preposterous? Think about it. If a bill is so poor that it cannot command two-thirds of your consents, is it not likely that it would make a poor law? And if a law is disliked by as many as one-third is it not likely that you would be better off without it?

This is a specific problem with the UK and its establishment.

Back before the internet, the UK Establishment (very much a cozy clique of old-school-chums, exactly as Yes Minister portrayed it) had a decent grip on the country. They could control most of what the media said, which was all of what the average Brit saw as news.

Then all hell broke loose and suddenly any dirty little oik could publish whatever they liked on the internet for anyone to read.

They've been trying to stuff this genie back in the bottle ever since. There's a whole plethora of controls over the internet in the UK [0] which do well for the general problem, but the bugbear is always E2E encryption - they can't read it! Any pleb can still say anything to anyone! This has to be stopped, clearly. So they keep trying.

[0] https://en.wikipedia.org/wiki/Internet_censorship_in_the_Uni...

You make laws expire after X number of years, so the main function of legislature is to reevaluate past laws.