Today The UK Parliament Undermined The Privacy, Security, And Freedom Of All Internet Users::The U.K. Parliament has passed the Online Safety Bill (OSB), which says it will make the U.K. “the safest place” in the world to be online. In reality, the OSB will lead to a much more censored, locked-down internet for British users. The bill could empower the government to undermine not just the…

    • just another dev@lemmy.my-box.dev
      link
      fedilink
      English
      arrow-up
      39
      ·
      1 year ago

      A clause of the bill allows Ofcom, the British telecom regulator, to serve a notice requiring tech companies to scan their users–all of them–for child abuse content.This would affect even messages and files that are end-to-end encrypted to protect user privacy. As enacted, the OSB allows the government to force companies to build technology that can scan regardless of encryption–in other words, build a backdoor.

      • Steeve@lemmy.ca
        link
        fedilink
        English
        arrow-up
        37
        ·
        1 year ago

        I am willing to bet that the overwhelming response from tech to “build a back door into every internet user’s E2EE communication globally for us to use” is going to be a big fat “No”. The UK market isn’t big enough to be making these kinds of demands.

        • tony@lemmy.hoyle.me.uk
          link
          fedilink
          English
          arrow-up
          36
          ·
          1 year ago

          The reaction is more likely ‘It’s still impossible. Just like we told you all the other times. Idiots.’

          • Steeve@lemmy.ca
            link
            fedilink
            English
            arrow-up
            20
            ·
            edit-2
            1 year ago

            It’s technically not impossible, it would just get rid if the entire point of E2EE, which is mentioned in the open response from WhatsApp, Signal, and others:

            if implemented as written, could empower Ofcom to try to force the proactive scanning of private messages on end-to-end encrypted communication services, nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users

            • Dr. Bluefall@toast.ooo
              link
              fedilink
              English
              arrow-up
              17
              ·
              1 year ago

              …this would make E2EE effectively meaningless, because no amount of encryption will protect against getting scanned at the entrance and exit.

              • darth_helmet@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                11
                ·
                1 year ago

                And then some incompetent contractor will put the backdoor key onto their GitHub and completely destroy everyone’s privacy

              • Steeve@lemmy.ca
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 year ago

                Yeah exactly, it’s very, very stupid and not something any service that actually bothered to enable E2EE in the first place would ever seriously consider.

              • phx@lemmy.ca
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 year ago

                AND it would probably break laws in other countries that actually value privacy or security. It’s not like they’d be making a UK-only client for every fucking app or device that uses encrypted communications

    • gravitas_deficiency@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      VPNs: exist

      At more length: the internet is incredibly complicated and interrelated. It’s actually extremely difficult to draw clear national boundaries in terms of one web service or another, and the result is honestly never going to be 100% accurate.