Online Safety Bill becomes law in the UK

This has the potential to remove all UK personal privacy. It’ll be interesting to see if WhatsApp, iMessage, and Signal shut down their services.

November the 9th they will release the first draft of the codes businesses will have to adhere to.

Time to start buying stamps, sending letters and move off the cloud :grin:.

Apparently the bit where they require businesses to break end to end encryption was dropped “until technology permits it”

I guess when super computers are abundant I’ll have to move :smile:

2 Likes

The problem is that it already does. You just turn off encryption. I wonder how long before they force this through?

Suspension of the constitutional right to private communications cannot be revoked inidiscriminately to all citizens, and a regulation cannot be passed without strong guarantees that breaking into citizen’s private matters needs to be approved by a magistrate court under police request.

That said, now we can argue if the UK as a sovereign state can sustain that level of protection to their citizens, I would think the answer is yes. This is tricky though because it can come to a “slippery slope” argument that ends without citizen privacy: first it is children protection, then it’s the war against drugs, then it’s terrorism, then it’s bad drivers, then it’s … you see the trend.

I am ok with the proposed regulation and I’m pretty sure the EU has something similar or is planning to have something similar, but I respect people’s opinion against it, and of course I’m wary of falling into the trap of thinking that people who oppose to it are ok with child abuse in any way.

No, that’s just not using a technology. From what I understand part of the desire of the bill is to provide a means of breaking end to end encryption “just for the good guys” which is impossible. That is the part which states once technology permits it

That has never stopped the Tories from enacting illegal laws. The current Home Secretary, who ultimately is responsible for this crass law, has been found to have created illegal laws too many times to count.

Exactly what, IMNHO, is what the Tories have wanted for decades. The enactment of a super DORA by which all UK citizens and visitors are under surveilance at all times. They are already engaging in surveilance of people employed in education for any criticisms of related government policies.

and that’s just one example of the Big Briother-based society want to impose.

Meredith Whittaker, president of Signal, has said publicly that Signal will definitely shutdown. Although I don’t know how the UK government could fine a non-profit if it didn’t.

The popularity of Facebook proves that most people don’t worry about privacy. But, for the others, Phil Zimmermann published the source code for PGP nearly 30 years ago so public key cryptography is available to anyone. If for example, my brother and I wanted to complain, securely, about the clowns running the US we could just share a Gmail account, encrypt our emails, and never send them.

I imagine it is difficult to write laws about things you don’t fully understand. There will still be many ways people can still communicate securely if needed.

1 Like

That was the basis of a mini-series I saw several years ago which has turned out to be surprisingly prescient.

Actually, I believe that the provision is still in the bill, but as you’ve said, there’s a caveat that this will only be activated when it’s possible to provide the ability for Law Enforcement to be given access to communications without making the product less secure.

The Government tried to save face by seeming to take a hard line without actually doing anything of measure for this part of the bill.

3 Likes

The difficulty I perceive is that this law seems to have weakened the right to privacy.

IMO the onus is on the government to have reasonable grounds to view your communications and this should be served to the individual not a company.

I can see your point, but (some) companies are better placed to handle the requests and to protect the privacy of their customers. Individuals often can’t directly access the information the government needs.

My concern is that they don’t contact the individual at all.

Yeah, this is a better explanation of what I was attempting to describe! Thanks

There is no ”constitutional right” to privacy in the UK. There are various pieces of legislation and court decisions that provide support for some elements of privacy, but they’re piecemeal and any could be overturned by Parliament.

1 Like

They legally don’t need to and never have at any time in the past. This is not a new thing, comms records have always been sourced from the holder rather than the subject.

Seemed like it. If they however demand to have a backdoor for the good guys only, I would hope companies leave the UK market. Not out of spite for Brexit but to prevent similar legislation in the EU/Germany. I would also hope for it to be reversed due to public pressure.

When I see some ideas proposed in IT legislation I get the impression a lot of law makers (mostly lawyers and teachers in Germany) actively refuse to understand the concerns of more technical people.

That said, fighting crime and especially protecting children is also important. I do not think politicians necessarily have Orwellian motives. But I wonder whether meta data or giving minors not- end to end encrypted accounts might be a solution.

For the purposes they suggest they need access, Meta Data will not help, and to prevent CSAM it’s not minors who are sharing it. Minors deserve as much privacy as anyone else.

When the law changed in China some companies left, others stayed. My guess is those companies would do the same thing in the UK.

Yeah, probably. I am also not sure how I feel about companies imposing the passing or retracting of law through market power on nations or groups of nations like the EU.