[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: UK gov says new Home Sec will have powers to ban end-to-end encryption
On 16/07/16 09:28, Georgi Guninski wrote:
Hope this is not duplicate, the personal drivels were quite
UK gov says new Home Sec will have powers to ban end-to-end encryption
Very sound, nice and democratic...
Things said in the Lords (or Commons), even by Government spokesmen,
have approximately zero legal significance. To a very close
approximation. Practically speaking, indistinguishable from zero.
What the Courts look at is the wording of the Act.
Which in this case is pretty bad, but not a power to ban end-to-end
In fact, it doesn't affect most in-use forms of end-to-end encryption at
And it doesn't say anything at all about applying your own encryption.
Details below, if interested.
-- Peter Fairbrother
The ostensible target may be internet/phone service providers, to force
backdoors in mobile links and VPNs - but the actual target is "relevant
operators". It includes a whole lot of other things apart from internet
and phone providers (and Apple and Facebook).
"Relevant operators" are persons who provide "any service that consists
in the provision of access to, and of facilities for making use of, any
telecommunication system (whether or not one provided by the person
providing the service) [... including] any case where a service consists
in or includes facilitating the creation, management or storage of
communications transmitted, or that may be transmitted, by means of
such a system."
That would include many commercial sites who use SSL/TLS. If you put a
"contact me" link on your web pages, you are a "relevant operator".
Gimme your SSL keys!
That's what the Bill actually says, if you read it carefully. Like RIPA,
it is opaque beyond the point of obscurity, and it takes a lot of reading.
Good points? Only encryption which has been applied by a "relevant
operator" is affected - at least until the Home Secretary makes
regulations otherwise (which under the Bill she can do).
Bad points? It doesn't do anything at all against the clued-up terrorist
or criminal. It decreases security for legitimate actors and businesses.
BTW, things said in the Lords (or Commons), even by Government
spokesmen, have approximately zero legal significance. What the Courts
look at is the wording of the Act.