Today The UK Parliament Undermined The Privacy, Security, And Freedom Of All Internet Users::The U.K. Parliament has passed the Online Safety Bill (OSB), which says it will make the U.K. “the safest place” in the world to be online. In reality, the OSB will lead to a much more censored, locked-down internet for British users. The bill could empower the government to undermine not just the…
HUGE oof. Get your grandparents out of office and put some people who know how technology works in
They knew it wasn’t feasible but made it law anyways and passed it to ofcom to generate the guidelines for these companies to follow.
Absolutely incredible.
I thought they pushed this back a few weeks ago when they realized it wasn’t plausible?
Or is it a case of ‘the law is here for when it is plausible’, which it never will be?
You sadly are correct. All they said is the tech doesn’t exist….but we are still making this the law. Dark times…
So they’ve basically made a law saying we must all bow down to The Almighty Dragon when he’s eventually discovered?
It’ll be a cold day in hell before I bow to a Welshman!
Oh no. They might actually make it onto the flag
Why all internet users and not “just” those in the UK?
A clause of the bill allows Ofcom, the British telecom regulator, to serve a notice requiring tech companies to scan their users–all of them–for child abuse content.This would affect even messages and files that are end-to-end encrypted to protect user privacy. As enacted, the OSB allows the government to force companies to build technology that can scan regardless of encryption–in other words, build a backdoor.
I am willing to bet that the overwhelming response from tech to “build a back door into every internet user’s E2EE communication globally for us to use” is going to be a big fat “No”. The UK market isn’t big enough to be making these kinds of demands.
The reaction is more likely ‘It’s still impossible. Just like we told you all the other times. Idiots.’
It’s technically not impossible, it would just get rid if the entire point of E2EE, which is mentioned in the open response from WhatsApp, Signal, and others:
if implemented as written, could empower Ofcom to try to force the proactive scanning of private messages on end-to-end encrypted communication services, nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users
…this would make E2EE effectively meaningless, because no amount of encryption will protect against getting scanned at the entrance and exit.
Yeah exactly, it’s very, very stupid and not something any service that actually bothered to enable E2EE in the first place would ever seriously consider.
And then some incompetent contractor will put the backdoor key onto their GitHub and completely destroy everyone’s privacy
VPNs: exist
At more length: the internet is incredibly complicated and interrelated. It’s actually extremely difficult to draw clear national boundaries in terms of one web service or another, and the result is honestly never going to be 100% accurate.
Sorry Brits, but I think this is a good time for Lemmy and pretty much any site that cares about privacy block the entirety of the UK. 😞
Sites and services outside the UK should not comply. If UK ISPs block sites outside the UK for not complying, so be it.
Ultimately the problem is that extradition treaties are a thing. While it’s one thing for a company to ignore a law in a country they don’t “operate” in, if you provide services in that country, you are technically subject to its laws, and if they decide to force the situation you could find yourself arrested in your home country and sent to face trial or even serve a prison sentence in another country. Technically your home country could refuse to extradite you, but that has all kinds of political ramifications and so unless you’re someone very powerful in your home country it’s unlikely the state will step in in your favor. The safest bet is simply to block all access from a specific country, and then if pressed you can simply say “we did our best to prevent access from your country and do not provide service there, anyone accessing our service from that country is circumventing our restrictions and there’s nothing we can do about that”, which is probably good enough to torpedo any case against you.
