[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: UK gov says new Home Sec will have powers to ban end-to-end encryption

On Sat, Jul 16, 2016 at 4:03 AM Zenaan Harkness <zen@freedbms.net> wrote:
On Sat, Jul 16, 2016 at 11:28:49AM +0300, Georgi Guninski wrote:
> Hope this is not duplicate, the personal drivels were quite
> noisy.
> http://www.theregister.co.uk/2016/07/14/gov_says_new_home_sec_iwilli_have_powers_to_ban_endtoend_encryption/
> > UK gov says new Home Sec will have powers to ban end-to-end encryption
> Very sound, nice and democratic...

So we have various countries banning end to end encryption - Russia,
possibly China?, now the UK ... what is stopping America from doing so?

It's not entirely clear that it's even legal in the US to force backdoors/key escrow/etc. And even if it is, the USG seems to prefer more subtle means of control. Forcing key escrow or backdoors is something of a sledgehammer, and it gets a LOT of attention from civil libertarians.

Also, I think Apple has had a hand in keeping it from happening. They have a lot of influence (read: money to pay for lobbyists and donate to political campaigns), and their whole business model is built on not having access to your data, to distinguish themselves from Google, which gets a large fraction of its income from serving targeted ads. Facebook and Google are starting to do end-to-end, but both companies seem a bit more hesitant about it. I suspect WhatsApp did it in part to hold Facebook to their word that they would never scan private messages for ad targeting purposes, and FB Messenger end-to-end is opt-in AIUI. But even if a ban on end-to-end might slightly benefit each company by giving them an excuse for retaining access, the USG seems to prefer key escrow, which doesn't benefit them at all while creating an additional cost.

Personally I'm a bit conflicted over the whole thing. Pragmatically, not morally. A ban on end-to-end or even forced key escrow would push the more idealistic people to start working on and using better open source solutions. One should not trust any crypto that can be turned off silently with a remote flag flip.

The Zimmerman (PGP) case?

The CIA's need/use/funding for Tor, and their need for many "average
Joes" to use it also, for it to work?