British re-elected prime-minister Cameron is continuing his life’s mission of invading the British people’s privacy and severely restricting their freedoms.
Internet and social media companies will be banned from putting customer communications beyond their own reach under new laws to be unveiled on Wednesday.
Companies such as Apple, Google and others will no longer be able to offer encryption so advanced that even they cannot decipher it when asked to, the Daily Telegraph can disclose.
Measures in the Investigatory Powers Bill will place in law a requirement on tech firms and service providers to be able to provide unencrypted communications to the police or spy agencies if requested through a warrant.
How on earth did you Brits manage to not only elect this dangerous man, but also re-elect him?
I’m not a brit, but I’m guessing it’s similar to how we got Obama twice in a row… or Dubyuh, for that matter. People just don’t give a shit as long as they can keep watching TV and eating. Seems to be a universal truth no matter what country. Don’t worry Thom, it’ll hit the Netherlands before you know it, too.
P.s. Yes, I’m being fatalistic. It’s hard not to be.
What a horrible way to spell “realistic.”
Words of Truth… People only care about what they are promised compared to the reality. Sad
Regarding the ‘just make my problems go away and don’t tell me how’ demographic:
I was talking to a Dutch woman a couple of years ago, and she commented on how nice it was to have government health care, saying that she just paid $100 euros a month and didn’t have to worry about the details. Since she seemed to be contrasting it with the US, I pointed out to her that my home state (Minnesota) actually had very comprehensive and free health care for the poor and an affordable high risk pool for the wealthy, and that by leaving most domestic policy to the states, the US system had originally made it a bit harder for the officials who control the military to use domestic issues to divide or intimidate voters while consolidating power.
(That’s happening, by the way: A lot of US Democrats opposed the Iraq war for pacifist reasons, and a lot of Republicans opposed it for isolationist reasons, but those Republicans didn’t challenge Bush in the primaries in 2004 because they were so afraid of Kerry’s domestic agenda, and despite Obama’s expansion of the drone war, those Democrats didn’t challenge him in the 2012 primaries because they were afraid of Romney’s domestic agenda.)
Anyway, the Dutch woman’s eyes glazed over so quickly that there was no point in finishing the argument.
(I have plenty of problems with the US system, but I think that strong checks on government are worth considering for the same reason that strong privilege separation is worth considering in a computer.)
All existing communications providers should just pull out of the UK. Block them. Take away their Twitter, Facebook, and iMessage and maybe then the damn voters would notice something.
Indeed. Let Cameron snoop over snail mail.
Yeah, the postal mail system has already been infiltrated by the government (at least in the US):
http://www.nytimes.com/2013/07/04/us/monitoring-of-snail-mail.html?…
The worrying thing is that this lot are far better than the one that came before.
Unfortunately though they don’t have a clue when it comes to technology. I don’t know how widespread it is, but I assume you don’t get the stupid cookie warnings every time you visit a site, which is a legal requirement over here.
I get them on most websites whose parent entity has a presence in the UK, whether I’m on the UK version of the site or the US version. I definitely get them on .uk sites.
And to my fellow Americans, it won’t be long before strong encryption is outlawed here as well. It’s not an Obama thing, it’s not a Democrat or Republican thing, it’s the inevitable consequence of technology outpacing the ability of our governments to manage and control the populace.
Philosophically, government exists to serve the people, but as is always the case throughout history, the people always end up serving the government instead. I don’t care how enlightened we become, I don’t see that ever changing as long as there is one person alive who wants power over others.
The US is pretty (congress/FBI at least) scared of encryption:
http://www.theverge.com/tldr/2015/3/27/8299577/john-carter-the-inte…
But wasn’t that a EU regulation?
I had to go and check…
This page has the details:
http://www.cookielaw.org/the-cookie-law/
It is an EU directive, but each country applies its own laws to comply.
Exactly, but the UK was one of the first to implement it.
Most site administrators that do it that way haven’t actually read and understood when they have to do this.
That would require those companies valuing digital rights more highly than making money. That is never going to happen.
Some companies have or are moving to mainland Europe instead of remaining in the UK.
I know of at least one company:
https://ind.ie/
https://ar.al/notes/so-long-and-thanks-for-all-the-fish/
This is something the security forces have been pressing for for years, since Labour was in power, and for which there is some support in both parties, though not total. The Tories only have a majority of 12, so with united opposition it might well fail because of a few Tory rebels who still value civil liberties; but some Labour MPs (and certainly unionists in Northern Ireland) might support it.
The thread title is a bit misleading – they are not actually banning encryption. They were going ban encryption (yes, really!) until someone pointed out it was a monumentally stupid idea.
This isn’t much better, but it almost certainly violates European human rights law.
Encryption any idiot inside the company and the government has access to is not encryption at all. It’s like a lock to which every criminal has a key.
So yes, they are effectively banning encryption.
I’m not sure if this Nicholas’ point, but my reading of the article is that they’re planning to ban companies from offering effective encryption of communication via their servers. If this is the case, then besides companies being allowed to offer ineffective encryption through their servers, individuals would still be allowed to use effective peer-to-peer encryption.
Sure, but how many average joes would be willing or able to do that? Your mail, messaging etc. should all be safe from government prying *out of the box*.
Pretty much every single group that the government is claiming this will help to track.
If you outlaw non-reversible encryption, only outlaws will have non-reversible encryption.
I don’t disagree with that. I was only saying that, from my reading of the article, I don’t think the proposal is for a blanket ban on effective encryption, as I think Thom took it to be.
As understood, only effective change is prohibition of one pass, sender to receiver strong encryption. Two Pass, sender to provider and provider to receiver strong encryption not only allowed, but recommended.
Maybe I am wrong, Thom.
On providing one pass strong encryption, Information Entities are implicitly providing also Anonymity Services also.
Not because Clients could be anonymous, but because they could act as carriers of Third Actors. Willingly or not their part. Remember rogue software? Zombie Networks?
Maybe they’re doing this so people vote to stay in the EU. Bar-stewards.
that there are more topics that determine peoples political preferences? Not everybody considers income politics, welfare, foreign policy, education to be of less importance than digital rights and privacy.
Secondly, security agencies are able to decrypt all encryption methods currently in use, so why should internet privacy determine who you are voting for.
This is just not true.
I agree with Thom. This is idiotic and they are completely missing the point…
This cannot work, because like it or not the ability to do true end-to-end encryption is not rocket science. Even if Apple and Google and everyone else stopped offering it, criminals can still do it, legally even (since no 3rd party would be involved).
This law would do nothing to stop them. We just end up with a situation where the positive benefits of encryption are made difficult and complicated for law abiding citizens to take advantage of, while doing nothing in reality to stop criminals from using it.
Funny. This is exactly what happens when you pass anti-gun laws too…
The irony is thick in the liberal worldview.
Yeah, because Australia is succumbing to regular massacres of school children.
Funny how you claim this encryption ban is a “liberal worldview” when it is the conservative party doing this. But facts never matter to conservatives. They even blame liberals for their own actions, like in this case.
I’m not saying that this encryption law is a liberal policy, far from it. I’m saying that it serves the same function as a gun control policy. It is a form of the government regulating the actions of its population to control crime. But one is ok to you and the other isn’t…
I am a conservative. I am not opposed to gun regulation per se, but I am opposed to UK style handgun bans (which are simply stupid and don’t work). Most conservatives are not opposed to reasonable gun regulation in the US (waiting periods, background checks, etc.) We are simply opposed to pointless gun regulation. We are in fact very opposed to it.
This law would fall into the pointless category for me, so I would be against it too.
I just find it ironic that most of the regulars on this site, who routinely spout off about how we have such a horrible gun problem in the US and just don’t understand how anyone could be against gun control, are at the same time violently opposed to governments having the ability to invade their privacy. Oh the horror!
You do realize the two cannot be separated, don’t you? Its the same thing… Law enforcement, by definition, is power given to the government to bypass citizen rights. Encryption that the government cannot break is probably a greater threat to security than an armed population ever was, but you are quite content to hand over the guns, just don’t take away my privacy!
Its absurd. You can’t have it both ways.
You encrypt yourself in the foot there.
Encryption that government cannot break is BETTER for national security. Security experts have repeatedly said this over and over again. And you make it seem like privacy is a small thing, when in fact it is THE primary means of protecting freedom of expression. And freedom of expression is THE primary means of keeping a nation, like America, secure.
Having governments intrude on freedom of expression is a much greater threat to national security. That other argument for guns is completely pointless if government can suppress expression. The fantasy that a ragtag army of rednecks can overthrow government oppressions is stupid once you realize that all it takes is one stupid redneck to brag on Twitter about the plan and the government tracks down the people and stops any.
I’m not content to hand over guns. I don’t own guns. I don’t have a fetish for them. I’m quite content to let government stop kids from being killed.
Free speech and education are the primary drivers for national security and crime reduction.
* By the way, still waiting on gun nuts to overthrow the government like they always claim they would over government oppression. But it seems they like the NSA and would rather use their guns on Snowden.
I would argue that your definition of “personal lives” doesn’t at all jive with mine. I would argue that my right to have a firearm to protect myself, or to hunt, or to just go down to the range and fire occasionally, is my “personal life”. I have 3 kids and live in a good area, so I don’t even have a gun in my house – I don’t feel any need to. However, if I didn’t have kids and I lived in an area with crime problems you can bet your ass I would…
In fact that is more my “personal life” than what I text to friends on my phone, because I don’t text about anything that I would give a crap about the government seeing…
But I certainly understand your heart felt position about the government intruding upon privacy rights, even though it doesn’t directly affect me much. Liberty is liberty. Yet you are more than happy to take a position that stomps all over my rights with glee.
That is the irony I am talking about.
That is not irony. Some rights are more important than others. Freedom of expression has more power to stop tyrannical governments than guns because it can stop it before it forms. In fact looking at ISIS, I would say if the government were to become tyrannical, I would trust the gun nuts even less.
Again, this isn’t just privacy. It’s a big step towards openly censoring different opinions and verified facts, which is something that does directly affects you. We can just look at what Texas schools are now teaching to see where this would go.
It doesn’t work too well after the fact though…
No. But neither does an armed populace. Prevention or cure, take your pick. I’d rather try and keep something than lose it and have to fight and die for it.
That deserves a prize.
Always this absurd assumption it is impossible to acquire real weapons if you are going to start a revolution.
Good thing, most of our morons have at least 3 weapons…
Seriously, you are missing my point. I’m not opposed to reasonable gun regulation, I’m just so sick and tired of hearing smug Europeans mouth off about how f*cked up the US is when they are picking and choosing their statistics.
Sure, its popular to focus on mass shooting in the US, mostly that is because it is just about the only thing you can point at that is actually getting worse…
And can we be realistic please? Sure, every life matters, but it’s still far more likely to die from being struck by lightning in the US than from being killed in a mass shooting.
Violent crime incidents overall have dropped more in the US since 1990 than in just about any other country in the world. And it is still dropping.
But all we hear about from our European friends is the crazy gun culture. How violent we are. You ignore that our crime rate has dropped 50%, that the homicide rate has dropped 50%, that the non-fatal firearm crime rate has dropped 75%, property crime rates have dropped about 30%. All of that happened without any extreme actions like mandatory gun forfeitures or handgun bans…
There is not a single country in the world that can demonstrate that kind of improvement over that period of time. None.
So sure, its easy to get better when you start out so bad – I get that. I’m just saying you should at least look at the whole picture before ridiculing us for our problems. I’m not saying we don’t have any, but its not all bad over here.
That is because we keep seeing news about it (we live in a global world). And when we do we are puzzled. In a country like Denmark, the entire concept of a school shooting is virtually unthinkable and so are the videos about police officers shooting people in panic too.
Don’t get me wrong though. I love America and especially Americans for their hospitality. I’ve been there often enough to know the situation is a little bit more complex than simply “ban the guns”.
I think where you and I disagree is mostly on what we consider reasonable changes to the gun laws.
* edited to fix a typo
Edited 2015-11-03 11:15 UTC
Well… Two different society’s. One is more millitaery oriented than the other. Guess wich…
Hi,
What is absurd is a person living in a country like America where both corporations and politicians have eroded the populations freedom and privacy since the beginning of this century; who thinks guns “help” protect the freedom and privacy that citizens have lost (and will continue losing) faster than any other civilized country on Earth.
– Brendan
In practice it is very difficult to own a gun unless you are a farmer or belong to a target shooting club.
I don’t know anybody who still owns a a weapon. I got rid of my own .22 rifle in 1996 during the amnesty.
– All semi-automatic rifles and shotguns are banned.
– All military style weapons are banned
– Pump action shotguns have a maximum capacity of three rounds.
– Hand guns cannot be used or stored outside a licenced pistol club.
– The number of weapons owned by an individual is severely restricted.
– Criminal and mental health background checks are mandatory.
– Weapons must be stored in an approved gun safe at all times.
– A current shooters licence must be produced to purchase weapons or ammunition.
Edited 2015-11-03 08:42 UTC
Edited 2015-11-03 09:29 UTC
Homicides by firearms:
Australia: 0.11/100,000
USA: 3.55/100,000
The US homicide rate due to firearms is 32x as high as Australia.
https://en.wikipedia.org/wiki/List_of_countries_by_firearm-related_d…
And in 1990 ours was nearly 7/100,000. In Australia it was about the same as it is now…
If you look at the numbers objectively, what we are doing is already working, in Australia not so much.
Australia doesn’t need to improve though…
They didn’t need to improve much back in 1995 either…
Then they made their citizens forfeit most of their guns, and it didn’t have any effect, other than it being really hard to own a gun legally there. Meanwhile our homicide rate dropped drastically during the same period of time.
We are supposed to look to that as a model of what to do here? Really?
http://www.nytimes.com/2014/09/25/us/25shooters.html
https://en.wikipedia.org/wiki/List_of_massacres_in_Australia
galvanash,
There’s so much drama over citizens’ right to own guns, but statistically cars are much more dangerous than guns. So objectively I find this drama difficult to rationalize, why isn’t the uproar more proportional to the dangers? I don’t quite know why, but I think sometimes we tend to project beliefs onto the world rather than learning from our observations. Even intelligent people can be afflicted by this sort of “dogma”.
Edited 2015-11-03 19:23 UTC
Eh, murder rates correlate better with lead use in petrol than with whatever you think you’re doing.
This is a really bad comparison. First of all the left in the US is not trying to ban guns so the comparison is a straw man at best. Second, increased gun laws have lowered fire arm deaths. There was a great study about the how the laws in CT reduced gun deaths by 40%. It was really a comprehensive study comparing similar states and their laws and the relative reduction of gun deaths. Second, it is just true in general that ANYTHING you make illegal is going to make it harder for everyone to get, including criminals.
Encryption is a totally different animal. You can’t use encryption and accidentally kill someone. You can’t commit suicide with encryption. You can’t slaughter dozens of children in a school with encryption. Can encryption be used to assist in breaking the law? Sure but that is not it’s primary purpose. A gun’s purpose is to kill. It’s not some side effect of a technology that is helpful in many other ways.
Once the legit of Internet traffic comply, remaining noise is simply filtered out.
Or do you prefer to remain with a (Come on! Feel the Noise! \Music_Tag)back-door at boot, worst even, back-doors at several layers of the stack?
By the way, you are not provided with keys for those back-doors. You have to bring in your trusted key master if wanting to use them.
Except 90% of the population are communicating via 3rd party services Facebook messenger, Whatsapp, iMessage etc and this is much more about requiring app maker or webpage communication service providers storing and making available session keys and more – and not (or at least less) about prohibiting end point to point encryption.
I’m sure they’d like to outlaw tools for such from retail channels/ app stores too.
> How on earth did you Brits manage to not only elect this dangerous man, but also re-elect him?
An absolutely terrible electoral system where a party gets a majority of the seats with the support of 24.4% of the electorate
Not saying your way is great or anything, but try ours where there are only two parties, 43% of the electorate belong to neither, and because of geography and the electoral college the presidency is generally decided by the same 8% of the population – in every election…
Its lovely really. Join the club!
Oh we have the geography problem / tiny percentage deciding the result as well. Except the current lot, despite it being weighted in their favour, are set to rig it even more.
Also brits like being watched.
Mostly aren’t especially bothered by being watched – which is completely different.
Yes, but saying that wouldn’t have the innuendo.
It is part of the stereotypes.
– Germans have no problem being naked in public, but don’t want anyone watching them at home at all.
– English are scared of being nude in public, but turned on by being watched at home.
Of course. Like all stereotypes, they probably not completely true.
Edited 2015-11-03 12:50 UTC
Besides encryption what else are these politicians going to ban?
Sunny days?
People with higher IQs than normal?
Healthy people?
People who live too long?
I think those are already banned in the UK.
I realize you’re joking, but that actually happens. Higher than average intelligence can get you rejected when applying for many law enforcement and even some federal government jobs. The supposed reasoning (in law enforcement circles) is that if you’re smart enough to be an engineer/doctor/scientist making $100k+ per year, why are you going for a dangerous job just above the poverty level, that you will be bored with in a few months?
The sensible answer to that question is a desire to serve one’s community and make a difference in your little corner of the world, but the agencies see it differently. They see someone who is going to think outside the box, who may struggle with a split second life or death decision, and who may question authority. They don’t want thinkers, they want doers.
Howard Buffett (son of Warren) is a Deputy Sheriff. I doubt he is in it for the money and I’m pretty sure he is of above average IQ.
Dr Richard H. Carmona, a former Surgeon General also worked as a part time deputy sheriff in Pima Arizona.
Two high-profile examples out of the nearly 1 million sworn officers in the US. I could also give you examples of highly intelligent deputies where I work, though one was just promoted to an IT management position giving up his gun and badge. In fact, my agency goes against the trend in that they prefer intelligent, motivated employees. It’s one of the great things about working there and was part of my decision to return to that field.
What I am speaking of is a trend across the nation, not an absolute, which is why I said “many”, not “all”.
They are sorting out healthy people by selling off the NHS to American “Health Care” companies.
I have pretty low expectations. However, I don’t expect people to read my mail unless they come to me with a court order…
I expect security to be as secure as possible for obvious reasons, it seems like every day now we hear about some company getting breached and everything getting taken by criminals.
Wasn’t there a Swiss email company with high minded promises a while back.
Are they any PGP email clients that are relatively easy to use? I might take a look later…
If the government was really smart or devious they would have the Post Office create a government email system and assign each citizen an email address. It would probably save the post office with the ad revenue. The ads could also spread public service announcements and regional alerts to citizens. Spam should take a hit because you could more easily tie email back to people (if they can solve spoofing). The government could require a government issued email to be used when interacting with the government.
On the other hand it would probably kill anonymity because sites could and probably would require you to use your “official” email for site registration. Also they could cut out the middle man in all this spying…
I think you need to lower your expectations further.
Mozilla Thunderbird with Engimail plug-in makes it really simple to use PGP encryption.
Windows, Linux, FreeBSD and OSX also have many tools that sit in the system tray (icon) that makes encrypting/decrypting from/to any program really simple.
I just wish more people would actually use PGP in email communications. I have nothing to hide, but also like my privacy. Just like my bank sends me post in a sealed envelope, instead of a postcard.
My public PGP key: http://tinyurl.com/graeme-pgp
Edited 2015-11-03 17:23 UTC
GPGTools provides a nice Mail.app extension for OSX.
Hmm, are these old assertions? Not so long ago security researchers pointed out that apple actually did technically have a mechanism they could use to wiretap messages.
http://www.osnews.com/story/28837/Let_s_talk_about_iMessage_again_
The imessage section taken from Apple’s own security documentation confirms what the researchers found: apple tells devices what keys to use for encryption. In other words, the “end to end” encryption is supposed to be for your “friends”, but one of those “ends” could actually be a wiretap imposed by a court order. Imessage does not reveal this, and unless I missed an announcement I don’t think apple has denied it since the vulnerability came out.
http://www.apple.com/business/docs/iOS_Security_Guide.pdf
Not that any of this really matters, the politicians don’t understand encryption any more than the general public do. At a higher level though I find it troubling that government seeks to rule the people instead of the other way around…
Edited 2015-11-03 07:11 UTC
+1
I can’t agree more! They are supposed to work for us, not the other way round.
Yet another law that is impractical and probably unenforceable.
As long as the public demand more safety, politicians will have an excuse to demand more powers to enable them to meet the public’s demands.
It’s like any form of public spending. If the public demands it, then politicians will raise taxes to deliver it, whether or not it is good for the economy in the long run.
He got re-elected thanks to a weak campaign from their major opponents, anger at the Lib Dems for working with them, some pretty biased media, and an outdated voting system that punishes geographic spread and vote splitting, but rewards gerrymandering and two-party politics (the misleadingly named First Past The Post system).
Actually none of Scotland, Wales, or Northern Ireland voted Tory, but England did, and they’re bigger than the rest of us, so that’s what we got. They only got 37% of the votes (and with a 66% turnout, that’s only 24% support from registered voters).
Oh well, there’s always 2020.
What makes you think most people agree with the fact citizens should have easy access to unbreakable (even by the intelligence agencies) encryption for data storage? (not https and the like)
I personally think they shouldn’t, and services that easily convert bitcoins to real money should be banned too. Because those two help drug lords store evidence and move black money super-easily, things which governments spent time and effort to make hard to do, and the legitimate use cases of those two don’t justify the cost.
No, your nerd fantasy of escaping the evil gumberment who totally wants to track your vacation pictures and ebay purchases doesn’t count. Neither does vague talk about freedom.
There is no right to secrecy when under a court order. If a company offers unbreakable encryption for storage, they should provide a backdoor, such as storing a copy for the key, for the courts, so drug lords don’t have an easy way to keep evidence secret.
Edited 2015-11-03 19:49 UTC
kurkosdr,
But isn’t it naive to think that criminals will follow the law? This would merely punish law abiding citizens without stopping hard criminals.
Well, then it isn’t really “unbreakable encryption” is it? Wait to hackers figure out that backdoor – and they will! In that case, what is the point of encryption at all!!
I like my privacy. Just like everybody (banks etc) use sealed envelopes to post me something. It doesn’t mean there is anything criminal to hide, it means to respect privacy. For me, encrypted communications and storage means the same thing… privacy.
When I was a teenager nearly 40 years ago a family friend told me “Never put anything in writing unless you are willing to see it printed on the front page of a newspaper”.
How these people like creatures are hijacking our social management is the saddest thing in humans history.
On this topic, I’ve recently moved my VPSes from a datacenter in the UK to one in Germany because of concerns of how my data is handled (despite most of it being encrypted). I’m not particularly trustful of the Germans but at very least their government is not openly trying to indiscriminately monitor and access my data.
-“…will no longer be able to offer encryption so advanced that even they cannot decipher it…”
Does NOT mean no more HTTPS !!!
Companies will still provides HTTPS but they will able to decrypt it on the fly. Like phone tapping on government requests.
And yes it is a very bad idea !!!!!!
If your government (the requested company) can do it, hackers from an other government will do !
In the long run, whatever hacker you thing will do !
Even with strong algorithms…
Can we still be confident about the transactions (Account, banking, etc) ?
…
This is the point : Is the trust is lost ?
If the government and the requested companies can ensure that the encryption can not be decrypted by hackers…
… The trust will not be lost.
On the other end, yes, the trust is lost.
… And here come the doubts… Ho my !
_QJ_,
Some people seem to assume that granting government wiretapping/decryption will weaken the crypto for other hackers, but that’s not necessarily true. For example one could just add a second key, which is every bit as strong as the first key and doesn’t introduce new cryptographic weaknesses. You could use your key, the government could use it’s key, and hackers would be no closer to the data (at least if the government’s own key doesn’t get leaked).
I often hate metaphors. But since they can help provide a better understanding, this is the equivalent of requiring all our personal items that are locked to have separate keys for official government use. The metaphor breaks down though because of the differences between physical things and virtual data. You have no way to know if the government key is being used on copies of your data.
Edited 2015-11-04 17:37 UTC