Today The UK Parliament Undermined The Privacy, Security, And Freedom Of All Internet Users::The U.K. Parliament has passed the Online Safety Bill (OSB), which says it will make the U.K. “the safest place” in the world to be online. In reality, the OSB will lead to a much more censored, locked-down internet for British users. The bill could empower the government to undermine not just the…

  • just another dev@lemmy.my-box.dev
    link
    fedilink
    English
    arrow-up
    39
    ·
    1 year ago

    A clause of the bill allows Ofcom, the British telecom regulator, to serve a notice requiring tech companies to scan their users–all of them–for child abuse content.This would affect even messages and files that are end-to-end encrypted to protect user privacy. As enacted, the OSB allows the government to force companies to build technology that can scan regardless of encryption–in other words, build a backdoor.

    • Steeve@lemmy.ca
      link
      fedilink
      English
      arrow-up
      37
      ·
      1 year ago

      I am willing to bet that the overwhelming response from tech to “build a back door into every internet user’s E2EE communication globally for us to use” is going to be a big fat “No”. The UK market isn’t big enough to be making these kinds of demands.

      • tony@lemmy.hoyle.me.uk
        link
        fedilink
        English
        arrow-up
        36
        arrow-down
        1
        ·
        1 year ago

        The reaction is more likely ‘It’s still impossible. Just like we told you all the other times. Idiots.’

        • Steeve@lemmy.ca
          link
          fedilink
          English
          arrow-up
          20
          ·
          edit-2
          1 year ago

          It’s technically not impossible, it would just get rid if the entire point of E2EE, which is mentioned in the open response from WhatsApp, Signal, and others:

          if implemented as written, could empower Ofcom to try to force the proactive scanning of private messages on end-to-end encrypted communication services, nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users

          • Dr. Bluefall@toast.ooo
            link
            fedilink
            English
            arrow-up
            17
            ·
            1 year ago

            …this would make E2EE effectively meaningless, because no amount of encryption will protect against getting scanned at the entrance and exit.

            • darth_helmet@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              11
              ·
              1 year ago

              And then some incompetent contractor will put the backdoor key onto their GitHub and completely destroy everyone’s privacy

            • Steeve@lemmy.ca
              link
              fedilink
              English
              arrow-up
              3
              ·
              1 year ago

              Yeah exactly, it’s very, very stupid and not something any service that actually bothered to enable E2EE in the first place would ever seriously consider.

            • phx@lemmy.ca
              link
              fedilink
              English
              arrow-up
              3
              ·
              1 year ago

              AND it would probably break laws in other countries that actually value privacy or security. It’s not like they’d be making a UK-only client for every fucking app or device that uses encrypted communications