This shows that the articles by those who uncovered the plans were right [e.g. 1] - even though this is a political campaign paid for by the UK public (via the Government), and developed and coordinated by the Government, they have big logos of community groups and charities at the bottom and minimises the Government's involvement -
> "According to the [M&C Saatchi] presentation, the push will appear to be the result of grassroots action and children’s charities, while downplaying any government role."
The whole thing is just a pile of emotional manipulation, while compeletly ignoring the far, far greater number of legitimate uses of end to end encryption, and the actual dangers to everyday people of personal information being stolen, accessed, leaked, etc. if it's banned! Extremely dirty tactics.
> dangers to everyday people of personal information being stolen, accessed, leaked, etc
This campaign is ripe for hijacking and inverting like the "you wouldn't steal a car" campaign.
"NO WHERE TO HIDE: (from criminals)... thought you were safe when writing innocuous private messages on Facebook? think again, criminals intercept the plaintext to commit identity fraud in your name. Thought you only had to worry about corporate surveillance of your location data? think again, now criminals can easily track you to break into your house while you are out. Thought your job was secure? think again, now criminals can build a comprehensive profile of your social and work activities to easily and effectively social engineer their way into your organisation, risking your livelihood."
[edit]
The other approach is to apply the same thinking to something non technical to more tangibly demonstrate how this is a bad idea. e.g:
"NO WAY TO RUN: we are banning wheels, because they help paedophiles make for a quick getaway after abducting their target. In future we plan on banning legs too."
The more fun thing to do is to manipulate messages in transport.
There was a really fun game where you could join public wifi and change every image request response to be images of cats instead. (by changing the requesting URL and/or response).
Oh wow this brings back memories. More than a decade ago I lived in shared housing where each room has its own telephone port. The idea was every person was supposed to get their own internet. But after a few months of troubleshooting my housemates' internet issues I decided to open up my wifi to everyone else. I used Chillidog, a captive portal software that runs on ddwrt. I had a 3 hour continuous-use limit, after which weird stuff would happen to their images like being turned upsidedown or blurred. I used this very site to make it happen!
Eventually, my housemates just contributed to my internet bill and dropped their own subscriptions. I got rid of the captive portal and went with something more traditional
NO WHERE TO HIDE: From the press... thought you were safe organising that lock down busting party at no. 10 over WhatsApp? Think again, journalists can intercept the plain text of your messages where you laugh at the deaths of proles and ask your old school mate Rupert to bring 10 bottles of bolly.
Considering the UK press (and the MET) sat on that story for months, and it would probably never have gotten out if Cummings wasn't so pissed about the way he was treated, the UK pols have little to worry about from the press or the police.
Nice, that’s put together well. Worth giving it a watch and a like (because interactions like likes and comments tell the algorithm it’s worth recommending to others)
The idea that criminals will break into Facebook's servers and steal your messages is was less likely than the government using Facebook messages to catch child abusers, and that's already a little dubious.
A better counter-argument is foreign governments (China, Russia, etc.) requiring data to be held on their soil and then using it to hunt and impression political enemies.
Without end-to-end encryption, one doesn't need to break into anyones servers. Thats sort of the point. Without encryption, you are weak at every packet, which can be intercepted anywhere between you and Facebooks servers.
End-to-end encryption != no encryption.
It's seems they're quite happy as long as authorized parties (adtech, intelligence agencies, etc) can man-in-the-middle the thing.
Of course, tech companies never get breached and are exceptionally good at protecting our emails, passwords, credit reference data, and sensitive internal emails of political parties and campaigns, so there's clearly no risk whatsoever of your messages getting published on the internet in the future.
No end-to-end encryption does not mean no encryption. For example, Telegram does not use end-to-end encryption by default, however they encrypt all the messages with keys distributed across their servers. Anyone inspecting the packets won't be able to understand what's going on, but Telegram are able to read all your messages.
Actually on closer inspection they don't even particularly care about E2E encryption, and here I was thinking this was snooper's charter v2:
> We are not opposed to end-to-encryption in principle and fully support the importance of strong user privacy. Instead, our campaign is calling for social media companies to work with us to find a solution that protects privacy, without putting children at even greater risk.
So we missed the point. This is a campaign to protect kids from shitty parenting, aa, I mean the social networks... so that they can be safely indoctrinated by social media without needing to encourage a responsible society.
In all seriousness, the larger risk here then is not necessarily criminal activity from data leaks (though that's still a real possibility with a gov backdoor) - the greater risk is deeper government mass surveillance built directly into the most popular social media networks.
The result of these campaigns if successful, would likely be key-escrow rather than banning encryption. With that the risk of criminal abuse is negligible.
Instead the risks are added complexity creating opportunities for bugs, and having to trust everyone with decryption access to not abuse that. It is possible to control that access technologically. For example, by requiring two separate keyholders (or in general N ot of M) keyholders before being able to decrypt any messages.
Those downsides matter, but they are scary for abuse by governments, nation state adversaries, and NSA type hackers. The downsides do not make criminals more scary.
Eh, I'm not sure. Assuming that the government keys never get leaked (which is possible even with the key-split method you propose). And assuming that the local municipal police departments and groups given access to those keys never get hacked. And assuming that products never get restricted to less-secure schemes as the technical world evolves around them.
Maybe the UK has a better track record on this, but off the top of my head a lot of the key-escrow systems I've seen in the US are quite bad. We have systems for TSA locks, fireperson access to locked buildings, etc... many of those systems are not secure, they just don't get abused very often because the prizes for doing so aren't large enough.
Key-escrow systems are less risky in terms of criminal activity than just banning full E2E encryption entirely, but I don't think I agree that 'less risky' is the same as 'safe'.
I don't think they argue against all encryption (Do they?).
Basically everything would become an encrypted group chat (Double Ratchet etc) where the 3rd party is the provider which can optionally encrypt/secure access. That would ensure the provider is the only one with a backdoor for some time until access to previous messages are lost. Similar to loosing decryption keys for GDPR compliance. Access to the keys would require a court order.
Nonetheless authoritarian governments could and would misuse this. It should at least be required to have an international court order. Still very difficult.
> big logos of community groups and charities at the bottom
Are those actually legit charities? I've never heard of them before, and at least the rightmost one ("SafeToNet - incorporating NetNanny") sounds like it's just a lobby group of some internet filter company, or an Internet filtering company itself.
If those are legit charities: Remember the names and make it known among friends what those charities are supporting.
https://www.mariecollinsfoundation.org.uk/ proudly sports the logos of Microsoft, Google and Facebook at the bottom of the page. Maybe those companies should be made aware of what they're indirectly supporting with their logo.
The part that interests me the most is when they say "we're not opposed to E2E encryption on principle, as long as we can still safeguard child protection", but then fail to actually specify how this should be done, except by opposing E2E encryption on principle. I'd love to know if there's a solution!
E2E is something that does protect children too for that matter, so the case cannot be made. Of course children might access inappropriate content, but that is an issue of parenting and you cannot make the internet safe for children without getting active and curate what they access.
The only actual number on the site also doesn't seem to be sourced properly, it just sends you to the NCMEC data page, or are they just assuming that they'll lose all of Facebook's submissions if they turn on E2E?
Given our (UK) present govts history and tragging on anti BLM/eco pretesting things onto a needed bill in the commons I'm not surprised they're taking this route.
It might even appear on the BBC before the year is out of it would save Boris' skin...
They're framing it as a choice between child safety and encryption. I think everyone on HN knows how utterly stupid that is, so I won't belabour the point.
However, what offends me, and I don't see mentioned enough, is that the UK government is exploiting the real suffering of children to destroy something that protects us all, children and adults alike. They do not speak for those children or their families. They're exploiting them and their trauma for political gain.
If I was in the U.K., this would be enough to forever turn me off the ruling Conservative party. It's disgusting. They have no morals. It's not just that they're lying -- every political side lies all the time, sometimes out of necessity. It's that they're re-victimizing the very kids they claim to be protecting. And they appear to be proud enough of that fact to promote it in this way.
I will never vote for a politician or party that's OK with that, no matter what their other policies may be.
> If I was in the U.K., this would be enough to forever turn me off the ruling Conservative party. It's disgusting.
Unfortunately this isn't unique to the Tories. Politicians across the whole political spectrum have fought to introduce increasingly authoritarian controls over the internet and technology over the past 30 years.
UK culture as a whole is more authoritarian than you'd expect. Labour would gladly implement their own version of the same if they had the opportunity. To that point, any UK millennial will likely not be able to remember a time where there wasn't some hand wringing campaign about online privacy or porn.
In all likelihood, yes: they are from a faction of the Labour party that was routinely surveilled by police throughout the 20th century (and more recently, in all likelihood).
The election manifesto for Labour in 1983 contained pledges to abolish the secret services, too.
Not to mention the fact that this same part of the Labour party is often engaged in protests that will have left wingers as attendees and speakers. They're very often on the sharp end of both surveillance and crackdowns on protest.
That combined with their belief that the police are racist (eg the Met) and that prison is generally harmful is not likely to produce an authoritarian programme.
They'd have dealt with large scale tax dodgers too, unlike the current leadership.
The Liberal Democrats are anti-authoritarian, but our first-past-the-post elections don't give them a proportional number of seats :(
For example, they blocked the "snoopers charter" (digital economy bill) when they were in coalition; although the Conservatives, predictably, passed it after they won the following election on their own.
I'll be the first to admit my bias against the lib dems (I cant say I like any of the parties but I do have a particular dislike for them), but putting that aside as much as I can I doubt they'd be any different outside a coalition. At best, I can see them being apathetic, which when combined with pressure applied from their opposition could well turn into support.
Not on the level of the tories, and perhaps labour, but I doubt they'd be anything special in that regard
The Lib Dem's main focus for at least the last 30 years has been electoral reform, preferably to a proportional system like STV which doesn't punish third-parties. If nothing else, a Lib Dem government managing to pass that would have a massive impact on the future of UK politics, and break the two party system that first-past-the-post inevitably causes (whether Whig/Tory, Liberal/Conservative, or recently Labour/Conservative).
They took a huge gamble entering the ConDem coalition: getting some concessions from the Conservatives (e.g. same-sex marriage), but overall achieving hardly any of their manifesto promises (which, indeed, included scrapping tuition fees; first mentioned on page 33 https://www.markpack.org.uk/files/2015/01/Liberal-Democrat-m... ).
It seems they gave away way too much in order to get a meagre chance at voting reform. The resulting referendum was watered-down to Alternative Vote (rather than STV), and was not only attacked by Conservatives, but also Labour (who had ignored their own manifesto pledge in 1997 to follow the Jenkins Commission recommendations, which were to use a variant of Alternative Vote!)
There are some grass-roots efforts to support electoral reform in Labour; I doubt they'd do it themselves (like they didn't in 97), but maybe they'd be more amenable to accepting it in return for Lib Dem support?
My main worry about a Lib Dem government would be how much influence their 'free market libertarian' wing would have; where 'individual liberty' becomes a synonym for 'deregulation of the private sector'. There's definitely been more of a such rightward-lean since Clegg (compared to e.g. Charles Kennedy).
The Lib Dems managed to mitigate a lot of damage done by the Conservatives during their time in the coalition. And they were rewarded with blame for everything they couldn't stop, and a hugely reduced voter base ever since.
Unfortunately for them they sold out their student voters in order to do that, all but guaranteeing that those people would not trust the LibDems again.
Was it a good trade in hindsight? I'm not so sure. I gave them the benefit of the doubt, and my vote, a couple more times.
They're framing it as a choice between child safety and encryption
Politicians can always rely on any part of the holy trinity of terrorism, piracy or child to either justify or manipulate their constituency to support a measure that infringes on their security/privacy. The media plays along too easily.
I get how IP holders care about piracy, but I don’t think it resonates enough with the general public for it to really matter to politicians… Unless the politicians are literally just being paid by IP holders to care about it, which could be a thing.
I've been working within the Liberal Democrats to try and push policies that are pro-privacy for the past few years, revoking some of the acts put in by the current Conservative government and pushing new ones to protect against future government breaches like this. Unfortunately, it simply doesn't stick when polled to the general public. The average person simply doesn't care it seems, no matter how you frame it, and as such it's almost impossible to break ground into updates to the party manifesto. I tried the same thing within Labour a few years before and the same barriers existed, with the added fact that many of the MPs seemed to be cut from the same cloth as the Tories, and that they were incredibly resistant to change outside of their traditional focuses (NHS, Unions, Immigration, Education, blah, blah).
To be frank, it seems like most politicians would rather be at war with the technologically apt than to work with them. All we can hope is that technologies adapt at a faster rate than authoritarian governments can, and the witty can outwit the witless.
These normal people don't vote for it for a good reason! The importance of online security is massively overstated, especially by specialists like us on forums like HN. We've got to keep our credit card details private, yes. But in general we (e.g. HN community) completely fail to do the cost benefit analysis -- we talk about security as if you always have to have maximum security, rather than recognizing that it's a trade off with convenience. That combined with the tin foil hat tendencies of some HN types who comment on security. Really the best thing for almost everyone is to just keep everything in Google Drive: the probability of google employees stealing it multiplied by the loss is much smaller than the probability they won't multiplied by the convenience. I hope this comment doesn't come across as trolling-- I found your post genuinely interesting and I genuinely think that the normal folk who you're having a hard time convincing have a point -- the correct position to adopt lies in between the two camps. Which is a truism. But I mean, like, relatively far from either!
"Really, the best thing for almost everyone is to hand all their belongings to an unaccountable American corporation (which effectively provides no support), so that they can datamine it for advertising and identification purposes."
The fact that "specialists like us on HN" can say this sort of thing with a straight face and no hint of doubt, is one of the many reasons we are sleepwalking into dystopia.
Note that we're talking about security here, not preventing a corporation from profiting from us. All normal people need to do is store their stuff in Google Drive. I agree it's not pretty, and I agree hopefully we can get to a better future where we don't use a megacorporation for this, but it is safe and sensible for normal people. You've got to remember that other things happen in peoples lives -- their loved ones die -- and that's all more important than the aesthetics of their digital lives. Google gets the job done for them.
There's a much narrower range of debate these days. Labour's response to the "concentration camp ships" plan was that it was an inefficient use of funds.
You've gone pretty extreme there. There is a much more plausible explanation, which is that they genuinely believe that more people would be saved if the security services could access messaging apps and they don't think the level of potential abuse is worth worrying about.
Don't get me wrong, I think they have made bad decisions etc. but in this case, I think it is simply naive "if you haven't done anything wrong..."
> You've gone pretty extreme there. There is a much more plausible explanation, which is that they genuinely believe that more people would be saved if the security services could access messaging apps and they don't think the level of potential abuse is worth worrying about.
I think both can be true: the government believes it can increase security in general by expanding the state's surveillance powers--the state always wants to trade privacy for security. However, they're not framing it as a general "give us more surveillance powers and we'll increase security"; they're framing it narrowly as about protecting children ("give us more surveillance powers and we promise we'll only use them to protect sexually exploited children") which is exploiting victimized children in my book.
I don't believe the UK government for this matter is naive. They know very well what and why they are doing this and it's the same strategy used in different parts of the world. It's not new and there's no need to come up with anything new because it works so well and you can justify trading privacy (or even more important things) for security this way no matter how little sense this makes.
I do think that it's naive to think that one of the most important countries in the world with a rather effective intelligence service and a lot of smart people everywhere in the state is naive. I really don't think the UK government believes that if they remove encryption from popular chat apps the tiny percentage of population that might use it for evil purposes will be caught instead of, you know, moving to a different mechanism.
There is a much more plausible explanation, which is that they genuinely believe that more people would be saved if the security services could access messaging apps and they don't think the level of potential abuse is worth worrying about.
There's an even more plausible explanation, which is that both are true. They're aware that stopping encryption might save a few children, but they're also aware that it enables the mechanisms of the surveillance state that give them extraordinary power over the public. They want to stop child sex trafficking and they want to abuse people's privacy.
I regularly support Big Brother Watch, an anti-surveillance and pro-privacy campaign group in the UK. They send every MP lengthly reports that detail the follies and costs associated with these measures.
I've also heard Conservative MPs say that "lockdown measures were against our freedom-loving sensitivities" or something similar, so they at least acknowledge the value of freedom to the population.
Our ruling class cannot plead ignorance as an excuse.
The UK government is currently facing demands from within his own party that the Prime Minister resign. There is talk of a campaign of policy proposals ("Red Meat") aimed at Conservative backbenchers, to distract attention from the hypocrisy and lies of the Prime Minister.
I think the more-plausible thing is that this part of that Red Meat programme, which is going to consist of a train of announcements designed to appeal to rightwing Conservatives, none of which will have anything at all to do with the Prime Minister.
This Red Meat programme will also distract the opposition away from the Prime Minister's moral emptiness and deceitfulness; the government hopes that by making sufficiently-nasty policy proposals, they can force the opposition to devote their time and attention away from the weaknesses of the Prime Minister and his coterie, and towards opposing these proposals. It's very cynical.
Forecast: I have a long record of wrong political prophesies! But I think Boris will have gone within a week. I have no idea who they will replace him with; none of his colleagues has electoral appeal, as far as I can see, and they're facing a General Election in two years. I wouldn't offer odds on the outcome of that election, either; the leader of the opposition isn't particularly appealing, is not loved by his party, and seems to have no policies.
It very much does seem to be a week of 'throw it all at the wall and see what sticks'.
I have to admit - I was expecting Brexit, Trump, and a massive Tory majority at the last GE (not rubbing it in - good lord I wish I had been wrong about all of these), but I really don't know how much road Johnson has left to run. I really think it's getting shorter now every day. The (liberal) press have made a big deal about everything else so far, but the lockdown parties (sorry, meetings) I think are the first 'real' big hits to him that people will actually care about. It's genuinely going to get bumpy for him, but he was smart and filled his cabinet mostly with people who just aren't that clever and are dedicated to him - I don't think there's anyone who knows when to make the first move. I think he can only really be removed when there's someone ready to replace him.
> They're framing it as a choice between child safety and encryption
Its worse than that by the looks. They're trying to convince people you can still have end to end encryption whilst having a man in the middle scan it to make sure its all A-Okay. Again, I think everyone knows how stupid this is.
I seem to remember Theresa May talking about this a few years ago and the idea was quickly shot down, and here I was hoping that was the end of it.
maybe you're the exception to the norm, or maybe I am out of touch. When I was in college (in the last decade), everyone gave democrats a free pass to do whatever they wanted. I have heard that gen-z leans more libertarian though
A saying normally attributed to Churchill: "If you are not a liberal in your twenties you have no heart, if you are not a conservative in your thirties you have no brain".
Nowadays, in the US at least, given the significant correlation between education level and Democratic party alignment, it is probably due for another change. Sadly "If you are not a socialist in your twenties you have no heart, if you are not a centrist Democrat in your thirties you have no brain" does not roll off the tongue.
*correction, if you're not right of center in your twenties you have no heart, if you're not conservative in your 30's, you have no brain.
The socialists are pushing for dangerous governance methods that have caused genocide and economic collapse over the 20th century and actively discriminate based on people's gender, ethnicity, and sexual orientation. The "centrist Democrats" stick their heads in the sand ignoring the crimes of the leaders they elect and the influence of the far left progressive wing of the Democratic party.
I think you'd have to shift the age groups up significantly to say anything useful about conservative leaning people, maybe do mid 40's and 60's or something like that.
I think we'd all be surprised at how many people actually lean conservative in the 20-40 age group. My hunch is that 9/10 people who lean that way stay silent for fear of professional/personal repercussions. Voicing conservative view points in the monolithic tech industry will get you fired and excommunicated
Both major political parties in U.S. did the same thing with SESTA/FOSTA. Every smart politician will exploit anyone they can to get what they want (in that case, scoring cheap political points with their base) as long as their base do not complain loudly.
It's classic, fighting the last war, for the "security" agencies. They think that by surveilling their own people they can protect the politicians. What they have in fact done is collected huge dossiers on their public (and gov employees), which can be compromised and used by foreign powers for targeted misinformation, agitprop, and blackmail. They are the weakest link.
Since the rise of PGP and fall of key-escrow it has become more and more clear that spreading free (ussurveilled) communication between individuals and businesses was necessary to the operation of capitalist democracies. However, they can't give up their dreams of controlling their own populations so they will cede them to competing totalitarian states, which already know how to control their populations and can well afford to breach such "security".
> They think that by surveilling their own people they can protect the politicians.
That idea is so outrageously stupid that no, I don't believe they think that.
Every one of those intelligence agencies are perfectly aware they are collecting dossiers on their public (with emphasis to gov employees) that can be used to compromise the administration and coerce people into doing illegal or immoral acts. You just got the wrong adversary in mind.
Wow, you really think they are either completely treasonous or utterly incompetent? If they wanted to surveil their own (as presumably some do), they wouldn't need to compromise standard coms protocols.
It's not collecting the dossiers... it's that they are the weak link, whether they like it or not.
> Wow, you really think they are either completely treasonous or utterly incompetent?
Well, any other one would require that people on the intelligence community, whose work consists mostly on either using dossiers to compromise people or avoiding the creation of dossiers so people aren't compromised to not noticing that they are collecting a dossier on every citizen or not being aware that will lead to people being compromised... and incompetence or dishonesty not being involved.
> They're framing it as a choice between child safety and encryption.
doesn't seem so:
> End-to-end encryption is valuable technology designed to keep our data and conversations safe. We are not opposed to end-to-encryption in principle and fully support the importance of strong user privacy. Instead, our campaign is calling for social media companies to work with us to find a solution that protects privacy, without putting children at even greater risk.
they apparently claim to be looking for a third way.
There is no "third way". End-to-end encryption means no one other than the sender and the intended receiver(s) can access the decrypted messages; full stop. That includes the social media companies and the government. This obviously also precludes hacks like subverting the client software on either side to report back on the content of the messages (i.e. Apple's implementation)—if the user can't trust their client not to deliberately leak details about the message then they don't have E2EE, since someone else's agent has been placed in the communication path.
I specifically covered that. If anyone other than the original sender (one end of the communication channel) and the intended recipient(s) (the other end of the channel) is granted access to any information about the content of the messages (including not just the full plaintext but also e.g. a digest created by a neural network on behalf of the service provider) then the system does not have the characteristics of end-to-end encryption. You've only encrypted part of the communications channel.
In any case, advocating for mandatory digital spies on end-users' devices is arguably worse than attempting to undermine E2EE.
Please don’t try to come up with solutions. At best they will be hopelessly naive or worst: dystopian nightmare worlds. Giving any credence to the idea that E2E w/ side channels is acceptable should be rejected strongly.
What you are proposing is a pluggable censorship module that can identify any forbidden speech and report back to the authorities. It will take less than 16 months for every regime to co-opt for their own aims. It will indirectly lead to the deaths of thousands of dissidents.
We should be a bit less naive about what this play really is. There is a talking point I've observed in some of my more progressive circles that "nerds aren't the good guys anymore," as managerialists see principled people who demand facts, evidence, logic, and reason as an obstacle to their maintaining control of "The Narrative," which is whatever absurdity authorities and their toadies use to demonstrate their alignment.
This campaign has nothing to do with protecting children - especially given the UK establishment's veritable tradition of both organizing and covering up industrial scale sexual abuse - and it is nothing more than hate speech designed to cast aspersions upon and isolate technologists as part of a broader political effort.
The Rolling Stone article from earler this week said, "The Home Office has hired the M&C Saatchi advertising agency — a spin-off of Saatchi and Saatchi, which made the “Labour Isn’t Working” election posters, among the most famous in UK political history — to plan the campaign, using public funds."
I would encourage HN readers to recognize this campaign is only nominally about encryption, and mainly it is about politically attacking the credibility and reputations of civilian technologists, and by conflating your expertise with abusers this M&C Saatchi agency has produced literal hate propaganda against you. (just following orders, surely!) I'd recommend people to not underestimate what this is.
>it is about politically attacking the credibility and reputations of civilian technologist
No question about it, this is accurate - especially given the way the UK has treated those who have a legitimate reason to use encryption for political reasons.
This is cynical authoritarianism being used to confer a totality over protective technology.
This is from a government that has consistently waged war on expert opinion, "I think the people in this country have had enough of experts from organisations with acronyms saying that they know what is best and getting it consistently wrong." - Gove
This is, quite frankly, from a government that has waged a war on truth.
I've seen this "nerds are the bad guys" pro legacy media narrative too, and in the same places. In the US it's usually built around January 6th and Trumpism and the role of social media in that.
I'm alarmed by the rise of right-wing populist totalitarianism too, but I also feel like we need to remind people to keep their eye on the other players. I heard a funny saying once: the march of tyranny goes "left, right, left, right..." You don't need to posit a conspiracy to explain that pattern, just reaction and opportunism.
I'm hearing rumblings in the USA about a "domestic war on terror" which is every bit as scary as another borderline coup attempt if not more. We'll see that get pushed hard if there is an Oklahoma City scale attack that comes out of the fringe of the militia, right-populist, or Qanon-type circles. That push will include our own version of this UK campaign but framed around surveilling domestic extremism.
I don't think the cryptography wars are over. I think we'll see renewed pushes for more spying and crypto restrictions as we (perhaps) enter a period of increasing domestic and global political instability. I also expect to see pushes to lock down all devices to only run approved code, an open and general war on universal computation, or a push to require all devices to have remote backdoors.
Edit:
Anyone who entertains these arguments needs to remember that "their side" may not necessarily be the ones wielding them. Always picture any increased invasive powers or reduced individual liberties in the hands of your worst political opponents. Political winds can shift quickly, especially in these times.
The irony is most domestic extremism and violence (right and left) is unofficially tolerated because it's useful to be able to direct it at your opponents and just not enforce laws against it, so in many cases it's completely manufactured. I stopped being outraged years ago because that's how they know it's working.
The domestic extremism thing in north america is going to use the same absurdist playbook, which is filling the message with inconsistency and nonsense so that people are so disgusted by it we treat it as too stupid to do anything about - and that in effect neutralizes us so we do nothing, and that is the sufficient condition for evil to prevail.
I'm not a conspiracy theorist so much as a conspiracy arbitrageur, and as long as we think the cadre of people behind these authoritarian plays are stupid and incompetent, the longer we will do nothing to stop them, and the more extreme it will ultimately need to be to dislodge them. There was a time when I would leave these things unsaid, but I think it's important to recognize the time where that was strategic has passed.
If you are among those who can see what's going on, now is the time to articulate it, imo.
This is all part of Operation Save Big Dog aka saving Boris Johnson's ass from being forced out as PM. Yesterday it was the TV licence fee ending. Tomorrow it will be some other populist nonsense.
The license fee thing may have been less of a populist thing and more of an A) shot across the bows at the BBC for its coverage of partygate. B) a sop to murdoch who has been wanting to kill the BBC/license fee since forever.
The licence fee thing has been in development for years. It was brought forward to distract attention away from the PM's blatant lying. I imagine they'll have a new policy announcement each day for the next week - anything to keep discussion of ministerial hypocrisy out of the morning news shows.
Don't forget the Navy being brought in to do something with the same legal standing as Border Force could do, but duly reducing our available Navy resources. The people who buy into these stupid red meat policies don't realise they can't blow up ships crossing, if anything they'll have a larger capacity to help them, therefore trafikers.
> We want social media companies to confirm they will not implement end-to-end encryption until they have the technology in place to ensure children will not be put at greater risk as a result.
This seems disengenuous. Is there any way to implement E2E encryption that wouldn't "put children at greater risk" if we accept that framing?
I understand why the Government and child welfare organizations don't like the idea of E2E. It would, in fact, make it more difficult to identify child abuse on social media, all else being equal. But the attempt to balance privacy with child welfare doesn't have to mean abandoning privacy altogether.
An alternative would be to require social media companies to allow parents to monitor their children's social media activity. Or to have "child-friendly" accounts without E2E. It doesn't seem necessary to impose a blanket ban on E2E, which would almost certainly be abused.
Exactly. “Can we have homes that don’t have cameras in every room streaming to law enforcement, without ensuring children will not be put at greater risk?”
> Is there any way to implement E2E encryption that wouldn't "put children at greater risk" if we accept that framing?
Given that a lack of E2E encryption means that it is impossible for children to have private conversations with each other, it also means that predators have an easier time watching those conversations and using them to do harm. As such, the mere act of enabling E2E encryption reduces the risk to children.
>an alternative would be to require social media companies to allow parents to monitor their children's social media activity. Or to have "child-friendly" accounts without E2E. It doesn't seem necessary to impose a blanket ban on E2E, which would almost certainly be abused.
Exactly , make this giant companies have 2 apps
Facebook Messager and FB messanger for Kids
iMessage and iMessage for Kids
then is you responsability as a parent to setup your child device to enter the correc tbirth date of the user, then the App Store could only allow the "kids" version of the application.
But now what? you have shit AI flagging pictures and badly paid people around the world attempting to classify is the picture is "bad" ?
The problem seems to me to have a much more effective solution,
hire some real cops or social workers to answer reports from children and parents, when some creep asks for such material you could easily report them, then FB,Apple or whoever will have to help the authorities and stop this illegal activity. Make an educational compaign to educate the children and parents and let them know where to report the issue, explain also the punishment and make some public examples.
> ... is you responsability as a parent to setup your child device to enter the correc tbirth date of the user, then the App Store could only allow the "kids" version of the application.
The problem is is that there is still a large portion of parents who will give their children devices despite being less educated on the dangers of online safety regarding children.
I think that tech companies should ask parents whether they are buying a device for a child at the point of sale (since children are unlikely to purchase a device for themselves; instead they wish for a device for birthday/Christmas), and at that point, those companies should in some way inform those parents about the dangers of online use. Better yet (though could further complicate the process of distributing devices) is to give the option for parents to set up parental controls while they are in the process of purchasing a device.
Implementing parental controls (which tech companies have largely done) that allows for parents to monitor their childrens' devices seems to be the only viable way to allow for both CSAM mitigation and end-to-end encryption to coexist, in my opinion.
>The problem is is that there is still a large portion of parents who will give their children devices despite being less educated on the dangers of online safety regarding children.
The government could educate, in my country there are a lot of informational on radio/TV like "drink at least 2L of water" , we need to attempt to solve the problem very close to it's roots. Like why should I click "I am 18" over and over again, the OS should know my age , the browser should ask my OS and if a parent setup correctly the device then the browser would refuse to load this website (the website would put somewhere in headers the age restrictions).
Honestly I do not see how removing encryption helps children, if you do it wrong you might even make it possible for people to now spy on children,
> The problem is is that there is still a large portion of parents who will give their children devices despite being less educated on the dangers of online safety regarding children.
Mightn't those parents be right? IMO it's more important that children use E2E so that their information doesn't fall into the wrong hands. Otherwise it will be sitting in some government database for the rest of their lives.
The real predators live in a doughnut shaped building.
I was more or less of your view until my 11-year-old niece was groomed and ended up sending naked pictures of herself to a 25-year-old man. Now, that incident was discovered because my niece's friend told her parents, but I do wonder whether, that aside, her parents would have found out at all. I am not in favour of banning E2E, but I do think it's foolhardy to deprive parents and law enforcement of any means to monitor children's social media activity.
No body is depriving parents access to their children’s phones with this. Parents guiding and supervising technology use is about as old as the internet itself.
Think of my children is just another step along the line of pearl clutching. But I’ll do you one better, I had a covert video taken of me and circulated around the internet and school that I went to. Would e2e encryption made any difference to that? No.
"Think of the children" is often abused, but that doesn't mean everyone claiming to want to protect child welfare is acting in bad faith, regardless of thought-terminating cliches like "think of the children" and "pearl clutching". It's entirely likely many of the politicans who support this move have genuine concerns. They are probably misguided, but not, I think, malicious.
It's unfortunate what happened to your niece but the situation has clouded your rationality.
A parent wouldn't let an 11 year old go to a frat party. They wouldn't let them go unsupervised to a concert. Most probably wouldn't leave their children home alone for a week. So why in the fuck do their kids have unfettered Internet access? Do they also let the kid just go to anyone's house without at least knowing who that friend is?
How would unencrypted messages preventing grooming of your niece? Her parents should be checking on her devices the same as they'd want to know who her friends were and where she was when not at home. A phone or Facebook is not a babysitter and certainly not a parent.
If E2EE was banned or restricted what at all would have changed with your niece? If she was groomed on completely unencrypted IRC what would be different? If she was groomed by some friend's older relative what would be different? Her parents failed at several occasions to actually parent her. Restrictions or banning E2EE wouldn't make them more capable parents.
> If E2EE was banned or restricted what at all would have changed with your niece?
What changed is the message she send will be unencrypted and not E2E, so now more people have access to them and maybe save or send them to their own closed messaging platform.
I think the biggest problem is that parents have less and less right - or indeed, ability - to monitor their childrens communications and function as decent and responsible parents. Inevitably, were this implemented, someone would find a way to turn it against parents' rights to monitor their children.
And confounding this issue is the fact that the major platforms (Facebook, et al.) simply don't want parents to have this kind of control over their children, because it will effect their bottom line. Children with less adult supervision tend to be far more easily manipulated.
Its not just child diddlers who want this manipulation to proceed un-impeded by parental oversight - its Facebook, et al. too!
So this evil campaign is going to get a lot of corporate support, I fear. For the wrong damn reasons.
(Disclaimer: am an angry parent who is sick of the shit my kids have to deal with online... but who will also NEVER give up personal encryption as a right.)
Children must be educated to understand these things can happen. It happens in Primary School here in Scotland (ages 4 - 11 approx.). If you are technically literate you will also be informing your children when you allow them on devices. After that you should respect their right to privacy. No need to ban e2ee, that's a canard.
Well, to be blunt, my sister in law definitely explained to her 11-year-old daughter that sending pictures of her vagina to strangers wasn't a good idea. Kids don't listen.
Probably not appropriate but the Reddit channel r/kidsarefuckingstupid is proof positive. Also the lived experience of everyone who remembers being a child. Or has children. Or knows any. Yup.
The use of the phrase "Think of the children" in debate a type of logical fallacy and an appeal to emotion.
A debater may use the phrase to emotionally sway members of the audience and avoid logical discussion. EG "I know this national missile defense plan has its detractors, but won't someone please think of the children?"
There’s no logical fallacy here, just a factual disagreement over the extent to which E2E encryption actually puts children at risk. Supposing that it does, that would be reasonable grounds for opposing it (so long as countervailing considerations were also take into account).
This particular Simpsons joke is pretty tired at this point, and it's often just used to short circuit any discussion of potential harms to children.
I am not in favor of banning E2EE, by the way. It’s just that the claim that E2EE puts children at risk should be met with a carefully considered factual response that respects the intelligence of people who are genuinely concerned about child sex abuse, rather than this reflexive ironic cry of “think of the children!”.
The issue is that it looks as though the very real issue of children being exploited is being used by the UK government to undermine E2EE. This is frankly vile, but given the vileness of this government, not at all surprising. Of course, the Murdock media will label anyone challenging this stance as an apologist.
To a lot of people on HN, it's obvious that the freedom is to use E2EE is fundamental, and that hardly any other consideration could override that.
To a lot of people who aren't on HN, it's obvious that more needs to be done to combat child sexual abuse online.
Rather than fuming at the government, it would be more useful in the long run if people could come up with actual ideas for combating child sexual abuse that don't require increased surveillance. Otherwise we are left with the unattractive (to most people) alternative to just ignoring the problem.
I mean sure, the government might have bad motivations in this instance. But there is a real problem that a lot of regular people are sincerely concerned about, without sinister ulterior motivates.
> should be met with a carefully considered factual response
Engaging with baseless propaganda preying on the unthinking parts of everyone by "carefully considered factual response" means you lose. Every single time. For this reason it is a naive strategy.
The point is not to engage with propaganda, but with the ordinary people who are genuinely concerned about child sex abuse enabled by social media. This is a real problem, so I don't think it's fair to talk about 'preying on [people's] unthinking parts'.
I should think that there must be even less to be gained by responding smugly with rote slogans and links to clips from the Simpsons. Who is going to be persuaded of anything by that?
What you need to show is either that (i) kids are already pretty safe online, or (ii) that the situation can be significantly improved without increased surveillance, or (iii) that the current level of child sexual abuse is a price worth paying to preserve important freedoms. But making one of those arguments would require actual thought and effort.
I would say that the implication that enabling more surveillance == safety is a fallacy. It’s assumed by the people pushing these kind of things, but is not necessarily true.
> I am not in favor of banning E2E, by the way. It’s just that the claim that E2E puts children at risk should be met with a carefully considered factual response that respects the intelligence of people who are genuinely concerned about child sex abuse, rather than this reflexive ironic cry of “think of the children!”.
Yes, we should all argue properly ... If only politicians were educated enough about the things they try to push or prevent, they could actually do that. Anyway, even if we discussed this properly, it would only answer half the question. The other half is: "Are children safer without that E2E encryption?" Most likely not, as they themselves send each other pictures and stuff, which can then be intercepted by some people. Everything they communicate using their spy phones, ah sorry, I meant "smart phones" of course, at their young age of -- well, what age? maybe 6 or 7? Or even younger? -- will be potentially up for grabs.
And then that is only the question about children. That is one tiny speck of the whole picture, which is not discussed.
So yes, we should argue this properly, but also we should then open up the whole debate about society as a whole. There is a huge debate to be had there, before anyone should even consider making any decisions.
Someone will propose addressing an actual real thing that actually is a serious threat to children and someone else will mockingly and with a Calculon level of overacting say "Won't someone think of the children!", using it as a kind of ad hominem.
Right now is there child exploitation? Yes. Even though FB haven’t yet enabled E2E encryption. So what good will banning it do? There will always be ways to encrypt communication for criminals. And there will also always be ways to remain very anonymous online. The internet is just not set up to prevent it.
Further, banning all encryption is just a non starter.
Further still, having strong encryption except where law enforcement would like it to be breakable is also impossible. It’s just technically not doable. Whenever people say ‘but give us a way’ the answer is. There is no way. It can’t be done. It’s either encrypted or not. They’re the only options.
So instead of any sensible, workable plan some technically illiterate politicians have deliberately chosen the most controversial topic they can think of - child abuse - something that has been happening since forever without any E2E encryption (did those catholic priests need E2E encryption?) and blamed it on E2E encryption in the hope that emotion will override people’s logic and give them the power to read whatever online communications they like, presumable with some form of weakened / backdoored encryption that will, inevitably, be used for nefarious purposes either by our own government (see Snowden) or criminals / foreign governments who figure out how to exploit it
This is an emotion over logic argument and therefore surely a perfect example of ‘won’t anyone think of the children.
I wonder if we could make it backfire by setting up a similar campaign "No Place to Hide for MPs" for them to stop using WhatsApp and other end-to-end encrypted systems[1]. Demanding total transparency in their communications, in an effort to avoid them dodging their own rules.
If done quickly and sent to the newspapers this could maybe discredit that campaign?
I actually thought it was really bad propaganda, and quite transparent. The arguments are incoherent, and they don't have any proposal.
They say "we aren't against e2e, we just want big tech to deploy it in a way that is safe". Well, either you have e2e or you don't; it's not surprising they have no proposal.
>I actually thought it was really bad propaganda, and quite transparent. The arguments are incoherent, and they don't have any proposal.
There's a saying that you only notice propaganda that doesn't work on you. That's not quite true, but roughly speaking, that's why you think this is so dumb. I could list off around a dozen other incoherent positions with no underlying policy proposals, if it wasn't for the fact they're actually quite popular right now and I know well enough to bite my tongue.
99% of the population don't understand that distinction. Which is exactly why they're running this campaign. It'll connect e2ee with criminals in the populations minds.
>This is the kind of stuff that will be in the history books in 2 decades time.
Do you think so? I don't, history is written by the winners, and all western governments play the propaganda game.
Doesn't matter if it's the democrats or republicans, labour or Tories. No politician is going to call this out, the behavioural psychologists are in on it, and so are the media companies.
Unless there is some major disruption in the next 2 decades, think revolution, invasion. You won't see a thing in the history books.
Maybe we need to get ahead of the game. I propose we add a new http error code:
452: this history does not exist
> But some are planning to introduce end-to-end-encryption, which scrambles messages so that only the sender and receiver can see what is being shared.
One could also argue this could further _protect_ children. Now, criminal material cannot be viewed by an unintended third party. For example, it is well known that an iCloud hack leaked the photos of many celebrity women and was dubbed "the fappening", only possible because they were stored in a viewable format without e2e.
We should be maximizing the control an individual has over their own data, not minimizing control. Anything the police can easily access is also something tonnes of other people can easily access. Given how common data breaches are, we should simply not trust that the transit/storage process is secure at all.
> For example, it is well known that an iCloud hack leaked the photos of many celebrity women and was dubbed "the fappening", only possible because they were stored in a viewable format without e2e.
I thought the 2014 iCloud hack was because attackers tricked users into revealing their passwords, not because Apple's iCloud service itself was compromised. If that's true, e2e would not have made a difference.
It was the lack of two-factor that was the vector of attack for the hack. It's why so many iCloud features these days are not available at all if your Apple ID doesn't have two-factor enabled; Apple justifiably got shamed into improving security.
If you don't want your children to be molested via the internet don't give your children access to the internet, end of story. You'd never let your 10yo child hang out at the skater park because the moment you are not there present someone might abduct him, but letting your child create accounts on every social media imaginable and giving him unfiltered access to the network is somehow acceptable and the rest of the world should suffer because of it?
Children don't need to own smartphones, computers or internet access, just like they don't need to listen to death metal or watch gore movies. Those things will come with time and maturity and your lack of parenting is never going to excuse the government snooping on everything I do
I agree with this, but this is something that needs to be done on the societal level. Doing this individually will be nearly impossible without impacting the social life of the child involved, which no parent wants to do.
I think the vast majority of people agree that unrestricted screens and online communication are bad for kids, so I think this idea could get pretty widespread support. It shouldn't be the norm that a 10yo has an iPhone.
It's like giving them a Land Rover instead of a Hot Wheels. But of course, the Hot Wheels of phones doesn't exist right now. Maybe it should. A smartphone dedicated for children, which can only install a small number of safe apps?
Teach them to read real books, on paper, by real authors. Given them lots of unstructured time in nature with other children, with a watchful parent nearby (this requires investment of a parents' time, but I can't think of a better investment).
Sorry, mine wasn't a plain boomer rant, there are plenty of "real" books I would never let my child read. Most classics are very mature and talk very vividly about violence, death, sex and atrocities. Children should be exposed to nuanced stuff that isn't dumbed down, it's just that these nuanced things should be in the realm of a child, leaving the more mature stuff to older people. A book talking about the friendship between two children in a complex way is cool and good, a book talking about the friendship between two drug addicts might be more suitable to someone who knows a bit more about life.
Even better, the certificate has no Owner information supplied. The YouTube video is unlisted. The YouTube channel supplies no About information. It's fine for them to be anonymous and load a bunch of tracking resources over https.
Naming the campaign a title shared by Greenwald's Snowden book is an amazing touch. The same hashtag was even used extensively to discuss/promote the book. Would almost be funny if it wasn't so depressing.
There is a massive issue here of which this is merely a symptom. The amount of harmful content available today is orders of magnitude more than it was 30 years ago.
Sure, there has always been porn and abuse etc. but the scale that is permitted now due to the internet is massive. There are questions around how to reduce demand for content that feeds illegal activity including child abuse but also drugs, terrorist materials, human trafficking from certain porn etc.
It isn't just how do we protect children but how do we protect society from becoming so numb to this that it just continues? How do we teach children that some snuff movies are real? That you cannot unsee an execution? That most porn content is either fake or coerced? How can you teach people that just because someone is called Doctor, doesn't mean their anti-vax conspiracy is true. Sure, you cannot stop them seeing it but we definitely have to think of some way of deciding what is and isn't acceptable and having much better cross-border enforcement for people who peddle this stuff.
I think removing E2E encryption is a piss poor tool unless you fix the bigger problem.
You are making a really good point. I do like E2E and privacy, but for the broader aim of getting people to generally distrust the Internet, any step that makes its use a hazard is good, simply put. The Internet has incredible value, I can't say that there will come a time when we will give up on messaging and e-commerce because everything else we do there is so fraught with danger.
But sometimes the future is unpredictable. What if ten years from now armies of hackers operate AIs that pollute absolutely everything with false information, impossible to distinguish from true facts? Those information wars are being waged now, only by humans, and yet, often with great effect. Imagine a time when a small agency can deploy an AI that creates hundreds of thousands of fake profiles looking like actual people, each posting slightly biased opinions on a slew of topics. At that point, the biggest social good may be to outright ban a big chunk of the Internet. And yes, it would be a sad day.
Won't someone please think of the children syndrome.
The real answer is we want to read all of your internet interactions any time we want; the children thing is just a way to convince people that letting the government (and everyone else) to spy on you is ok.
Russian laws that granted the government the ability to block websites were also initially aimed at protecting children from drugs and suicide. Though somehow, they didn't have any provisions to allow adults access this "forbidden information".
After the technical capability was in place, they've expanded the possible grounds to block websites on multiple times. It now includes piracy, refusal of cooperation with FSB, being a public VPN, being related to Navalny, etc.
In Australia, we had a plan for a massive web filter in the late 2000s. Their databases were broken into and the blacklist leaked, and inbetween the genuinely illegal sites were sites that had been deemed to be politically immoral, like supporting decriminalization of drugs or spreading information on abortion.
There were many things that were perfectly legal but had personally offended the people presiding over the filter, including random Wikipedia pages and certain personal websites, including a dentist's site. This filter, of course, was sold to people with the idea of protecting children against predators.
Anything not directly relating to children that is sold to you with "B-BUT THINK OF THE CHILDREN!" is done with the intent to manipulate you and provide you with the false dichotomy of "unconditional acceptance, or child abuse", which is nonsense and should be viewed with extreme suspicion.
Oh, it was viewed with extreme suspicion and opposed by many, especially those working in IT. Just don't forget that Russia is a dictatorship with a dysfunctional parliament (Единая Россия, Putin's party, has more than 50% of seats) and so doesn't care much about people's opinion. I don't know much about Australian government, but it's probably more democratic than that.
I think it's also important to quote their demand that providers should "not implement end-to-end encryption until they have the technology in place to ensure children will not be put at greater risk as a result", which sounds very much like "not implement e2ee" because it's always possible to argue for some extra risk.
User-initiated reporting features where the server can only read messages that the user reported would be the obvious solution (and should be uncontroversial), but they're not asking for that.
(To avoid concerns with false reports, the sender could include a random value in the message to prevent brute-force attacks on short messages, and send an unencrypted hash of the message including metadata together with that random value. The official client would only show messages where this hash matches, so a sender cannot just omit it. When a message is reported, the full message including the random value is sent to the server, the server can then verify that this message hash was actually sent through this service by that sender, and report the sender to the police if the content is report-worthy.)
The only thing I see ending this push is a "fappening" style leak involving CEOs, celebrities, and government figures. Not necessarily just intimate sexual content, but as much 'personal' information as possible.
I really think we're heading straight into the panopticon. We'll probably happily vote for it, to "protect" ourselves. I'll buy some more PLTR and the bags under my eyes will grow darker.
An ironic initiative from the UK, considering the conduct of Prince Andrew, the BBC covering for Jimmy Savile for decades, and of course the British tabloid press defense of convicted sex abuser Ghislaine Maxwell.
Would eliminating E2E encryption helped Savile's, Maxwell's, or Prince Andrew's victims? Nope.
> It’s hard not to feel a batsqueak of pity for Ghislaine Maxwell — 500 days and counting in solitary confinement. I intersected briefly with her at Oxford. As a fresher I wandered into Balliol JCR one day in search of its subsidised breakfast granola-and-Nescafé offering and found a shiny glamazon with naughty eyes holding court astride a table, a high-heeled boot resting on my brother Boris’s thigh. She gave me a pitying glance but I did manage to snag an invite to her party in Headington Hill Hall — even though I wasn't in the same college as her and Boris. I have a memory of her father, Bob, coming out in a towelling robe and telling us all to go home. I’m sure fairweather friends would not reveal they went to a Ghislaine Maxwell party: as Barbara Amiel’s brilliant memoir Friends and Enemies proves, you only know who your real chums are when you’re in the gutter.
This doesn't defend Maxwell or excuse her actions—it expresses pity for somone locked in solitary confinement for 500 days. Reasonable people can have pity for wrongdoers.
Rubbish. With the exception of Taki and maybe Young and Liddle, most Spectator writers and editors are moderate middle-of-the-road Cameron-type conservatives—they're basically Blairites.
Alright, but apart from the sanitation, medicine, education, wine, public order, irrigation, the roads, fresh water and public health, what have the Romans ever done for us?
It is horrifying to me that this approach of using pedophelia as a scapegoat to permanently degrade civil liberties goes largely unchallenged in the media.
They say up to 14 million reports of suspected child sex abuse could be lost each year. I couldn't easily verify that number from the linked NCMEC web site (seems high from the reports I read), but let's assume it's accurate.
However... What can even be done with 14,000,000 annual reports of suspected child sex abuse?
I'm just intrigued to know how that volume of data supports actual investigations, and to what extent it has helped bring perpetrators to justice or helped children suffering abuse.
They don't say how many of those were found by people snooping comms and how many were logged by users. E.g. if someone sees someone talking creepy on a forum like Reddit, that still gets reported. If a neighbor does something creepy that still gets reported. Those millions over reports don't go away. This is classic fear-mongering from governments not skilled enough to protect their citizens without violating their rights.
I have ( a completely unverified ) view of this trash.
Every foundation/organization initially to influence politicians (i.e. what happened here through government funding) wrt end-to-end encryption is at most two bank transactions away from getting funding from either Hollywood or the military.
"Save the children" (c) , because some organization is controlled by a power mad narcissist, for whom privacy is a luxury you shouldn't be able to afford.
ISTM that ending E2E encryption can only be the starting point. As long as kids are getting internet connected cameras - which is pretty much all kids these days - and using them to talk to people online, there will be people trying to convince them to broadcast activities which should stay private. How does ending E2E encryption fix that, without additionally implementing total surveillance? How does it work across borders?
Everyone is rightly criticizing the clear manipulation here.
That said, "60-90% of abuse takes place within the home or family circle," - a quote from Mick Moran, co-ordinator of the crimes against children unit at Interpol.
That leaves up to 40% happening online and elsewhere. Is it actually possible to prevent this online without compromising privacy? I think that's a legitimate problem to try to work on.
The remaining up to 40% is also mostly IRL: school, church, camp, neighbors' houses, and so on.
Going after online sex abuse while 90%+ of it happens IRL is like trying to solve climate change by targeting marginal uses of fossil fuel like motorboats while ignoring coal fired power... which... is something we also do.
You target the biggest things first. That's how you solve problems. For child abuse that means targeting home and institutional IRL abuse.
> That leaves up to 40% happening online and elsewhere
“Online” isn't just a place abuse happens in a way that is exclusive with abuse being “at home or in the family circle”, it's a place preparation for abuse happens and products of abuse are distributed. A lot of the online abuse material is from abuse that happens at home or in the family circle.
But to be honest all these attacks on the e2e encryption in order to prevent child abuse or security are a bit busting balls, like there has been for years pedo content in light on youtube, and no police saw that, other than VIPs and princes going to islands to see kids, I think this has nothing to do with kids and security, it's just another way to shrink individual liberties
"OMG, knifes can hurt children, yet evil store owners continue to sell knifes anyway!"
Here's a controversial thought: maybe you should educate your children?
And if that doesn't work, maybe children shouldn't be allowed to be on social media, since (if I recall correctly) it's proven to be bad for them anyway? (By the facebook/instagram leak?)
Should something like this come to pass I would expect quite an amusing arms race. One could create add-ons that use code similar to txtmode [1] not my project to encode anything into words from a word list that anyone could create. Encoded in those words could be a compressed and/or encrypted string. There are probably even more clever and efficient ways to do E2EE without it looking like encryption at all.
Would it be worthwhile to have a competition to create something along this line? Something in the same spirit as the js13kGames [2] but in this case who can create the most human looking and most efficient communication that is actually E2EE encrypted messages using customizable word-lists?
Steganography is the broader topic. Recently, I think it has been assumed that anybody basically has a right to talk to anybody else without any real justification, so messages were encrypted instead. But steganography was popular in, for example, ancient times when the local king or church officials might demand to see your letters. If it is due for a comeback that says something pretty sad about our society I think.
Precisely; as soon as E2EE is outlawed it starts to look just like gun laws, only the criminals have it. Worse the software and methods are out there, all that happens next is you are raising the bar on being able to use it as it won't be commonly available.
Meta: there's a funny typo in the title, it should be "end-to-end encryption". Now it's quite confusing, since "end to encryption" means something else.
I'm not getting into the rights or wrongs of child abuse because there are many legal forms of child abuse which religions and govts have normalised over the centuries as acceptable behaviour, but considering it is currently portrayed as the worst act someone can do, this is a campaign that has high knee jerking manipulation potential against the uneducated.
Why doesn't the Govt produce an app, which lets people voluntarily offer up information to authorities that can run on all their devices?
This way a subsection of the population will be automatically sidelined and the authorities can concentrate on the data from those not using their app. But this only targets devices, it doesnt target offline situations like people meeting in a pub arranging things, where the consumption of alcohol provides an automatic defence to the prosecution!
I wonder if they intentionally overlapped with Greenwald's book on Govt surveillance [0]
> No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State is a 2014 non-fiction book by American investigative journalist Glenn Greenwald. It was first published on May 13, 2014 through Metropolitan Books and details Greenwald's role in the global surveillance disclosures as revealed by the former National Security Agency (NSA) contractor Edward Snowden.[2] The documents from the Snowden archive cited in the book are freely available online.
One solution is for black and gray hats to make a coordinated effort to regularly publish conversations between officials and promoters of these policies.
When their conversations with their mistresses become frequently public, they will change their attitudes.
Online-initiated grooming presumably begins outside of e2e'd 1-on-1 communications. Seems social media platforms have a bunch of options to help prevent that, and keeping e2e. (CSAM is a different sort of crime and must have a different solution). Facebook knows the age of its users, right? There's no good reason a regular strange adult's account should be privately communicating with a teenager (aside from special services like a suicide or domestic violence hotline).
Twitter/Reddit? Kids shouldn't be on those. They're full of porn.
A boss grooming his underage staff? That would be offline-initiated grooming, so not really the remit of social media companies. Workplace communications should be auditable.
You don't. You just give yourself the ability to send eye-watering fines to any of these apps.
If the fine is £100,000,000, but you have only an estimated 0.01% of being prosecuted for it, would you write such an app in an hour? Or would you think twice about it?
It doesn't matter how big the penalties are, if your chance of getting caught is approximately zero. They keep jacking up the penalties for using a mobile phone behind the wheel, but everyone is still doing it. Big penalties without enforcement is just political theatre.
You can gauge the honesty of any proposed computing law by measuring how soon and how loudly they mention child pornography. And this one has it in huge letters at the top of the page.
> End-to-end encryption is valuable technology designed to keep our data and conversations safe. We are not opposed to end-to-encryption in principle and fully support the importance of strong user privacy. Instead, our campaign is calling for social media companies to work with us to find a solution that protects privacy, without putting children at even greater risk.
wouldn't apple's solution from last year be a pretty good solution for the way they're framing this?
Apple's "solution" is not end-to-end encryption. They place their software agent in the communication path (as a man-in-the-middle) to report back on the content of the messages, circumventing the encryption. It's not enough to encrypt only part of the path; E2EE means only the sender and intended recipient(s) have access to the messages. Apple is neither, and yet they give themselves access to the messages; ergo their system is not encrypted from end to end.
Do you guys think this is security apparatus backed, or politically backed?
I mean do you think that this is the government being "convinced" by law enforcement and the rest of the security apparatus in order to maintain the state of easy interception, and mass intelligence gathering?
Or do you think this is purely politicians thinking about how to keep their analytics algorithms and propaganda machines fed with data collected from social media on private chats?
I think it's neither; this is just pure politics - it's meant to distract the attention of authoritarian backbench conservative MPs away from the manifest deficiencies of their leader.
Its odd that they are framing it as social media companies are now "starting to roll out e2ee"
All the main messaging platforms have some sort of e2ee, apart from gchat and FB messenger (that I know of, I'm not considering snap/insta/twitter/tiktok DMs)
Given that Facebook are going to outspend the government significantly to prove that they are encrypting and making your messages private, its going to be an interesting fight.
There doesn't appear to be any clear proposals put forward. The goals under "Our campaign" are vague and high-level. How exactly can E2E encryption be done without putting children at risk, as they put it? This page at least appears to be silent on the matter. So it's hard not to come away thinking that this is just a "think of the children" attack on E2E encryption as a whole.
> "We want social media companies to confirm they will not implement end-to-end encryption until they have the technology in place to ensure children will not be put at greater risk as a result."
Most of these companies already know the users birthday, if this is only about child abuse then instead of adding backdoors for everyone, why not just disable end to end encryption conversations for users under 16?
Doesn't that open up a whole new can of worms, though, because it would require the operator of every service to check the age (and by extension, identity) of every user of their service, so as not to inadvertently E2EE the communications of a child? Passing off this verification to a Trusted Third Party (wink wink) is just as bad (probably worse), because you would be make it even easier for the government to tie it into a̶ ̶s̶o̶c̶i̶a̶l̶ ̶c̶r̶e̶d̶i̶t̶ ̶s̶y̶s̶t̶e̶m̶
whatever they have planned for the next stage.
If a child wants to be "protected" online then it would be up to them to enter their actual age. But you are right, the government will take any excuse to get users verifying their age.
So the reality of this is that this is the UK government not being able to spy on platforms like whatsapp. Remove the E2E encryption and five eyes gets it's eyes on whatever you're saying.
It's really scummy to use children as a weapon here e.g. Encryption allows child abuse.
Not sure if anybody remembers or knows that months ago in New Zealand, there was a knife attack, and they took knives off shelves, basically tried to ban knives.
This campaign is emphasizing on one aspect of a tech, and trying to manipulate people emotionally.
I understand the criticisms. But hear me out as a parent:
1) There is no way to monitor/prevent abuse for kid to get exposed to extreme (literally, potentially mentally damaging) pornography and perversion that percolates into the mainstream life via innocent channels - manga, anime, Reddit, and so on. When I grew up the content of that sort was significantly more limited, i.e. occasional porn GIFs, most fine erotic material, but nothing of the extreme sort you could easily stumble upon by just being online today, etc).
2) Qustodio can partially filter out some content as it's installed on the PC and the smartphone, but due to the all-pervading encryption it has no visibility into Discord and other social networks.
3) Disastrous breaches in IT school policies. School has given mandatory Chromebooks to all kids which they use probably half of the time in the class and for homework, and there is no way to bind the school account to Google Family Links - this is forbidden by the school admin. There is some filtering on the school Wi-Fi which school kids circumvent by joining their phone's shared Wi-Fi. Complained, received boilerplate "we are doing our best" reply. This is an independent school in London.
4) The only option I have is to begin breaking SSL in the middle via, say, FortiGate and hope it will catch some of the sites. This would also be applicable only to home Wi-Fi, rather ineffective.
As a parent, the only solution I have is to prohibit access to screen, i.e. take all devices away, completely. Which I have failed, as there are very little communal spaces for the kids to hang out and interact where I live, and those who do hang out tend to be vaping, drinking alcohol, etc. All the kids are online in the evenings - chatting, sharing memes, laughing together, or they have pre-arranged playdates.
So, my choice here is to completely take away all devices and, hence, completely remove the social component. Or just pray he won't get abused online. I, honestly, don't know what to do. I have been living with computers since 80s, started out with ZX Spectrum and PC/XT, and I am horrified by what allowing the kid to roam Internet without filters may lead to now.
Well, the keyword here is "responsible parenting". The child has to understand that the restrictions come from you, and not from the computer. This means watching the screen together, and not relying on a fallible automated system.
Breaking SSL is not the answer for one more reason: with more and more web apps (cannot say "websites") relying on JavaScript-only content delivery, long polling, websockets, server-sent events, and who knows what else, there are less and less standards. Earlier, such nanny software worked because everything was text and HTML, and it is known how to stop bad things in these content types. Nowadays, we can't just block replies, because we have to substitute some dummy JSON (or whatever) instead, so that the app doesn't crash or hang - and such dummy replacement of the blocked content is application-specific.
Also, think about today's children, they are tomorrow's politicians: now you deploy an automated system that breaks the internet for them, tomorrow they will deploy an automated system that will deny access for you to anything published by the opposition.
I think that you are looking for a technological solution to a non technological problem, even if there was no encryption at all there is no way to 100% inspect all of your kids communications. The same way there is no way to follow them and watch them 100% of the time in the real world. The only thing you can do is educate your kid about these issues and trust them.
> When I grew up the content of that sort was significantly more limited, i.e. occasional porn GIFs, most fine erotic material, but nothing of the extreme sort you could easily stumble upon by just being online today
You must have lived a sheltered life as a child. As soon an VHS tapes came around in the late 70's and my family got a player, I was exposed to all kinds of crap- rape porn, bestiality, snuff films, white power propaganda, etc. You name it, and we'd trade the tapes as kids. Sure it's a lot more convenient now, but it was all around back then.
I've taken the approach that I'd never be able to stop my curious child from seeing nasty stuff online, no matter how hard I try. The best thing I can do is educate and provide context. I explained pretty early on to my son that he has to be careful what he looks for online, because he'll find it. Now at 15 years old, he tells me, "you wouldn't believe the shit out there, it's disgusting." Exactly.
> You must have lived a sheltered life as a child. As soon an VHS tapes came around in the late 70's and my family got a player, I was exposed to all kinds of crap- rape porn, bestiality, snuff films, white power propaganda, etc. You name it, and we'd trade the tapes as kids. Sure it's a lot more convenient now, but it was all around back then.
It was, but wasn't. I never saw porn on VHS, nor did I have a sheltered life. It wasn't until I was 15, last year of secondary school was when I saw porn round a pals house.
My parent's were not the parents who were in to such content so there was never any of that in possession. True, it has always existed but regardless it can be damaging to a child.
The thing is there are counter examples where, in my opinion on moral grounds, a child is entitled to privacy. Some examples on off the top of my head:-
* An LGBT child using LGBT safe spaces online. Being outed before a child has come to terms with their feelings themselves can be horrendous for their mental wellbeing, even in an understanding household. In less LGBT friendly households it could be extremely dangerous.
* An abuser is part of their family and trying to communicate that to teachers, authorities or whoever else.
Of course you are right to be concerned for your child, and age/maturity is really critical in this discussion. A 4 year old clearly shouldn't have unfettered access to the internet. Should a 15 year old who has shown they can be trusted be forced to have their parent view everything they do? I'm not sure.
The problem with porn doesn't really come from accidental exposure to particularly 'extreme' material, I think. That might just be a start. The core problem is, for young people (adolescents) and adults alike, the deliberate search for porn (with hormone-fueled determination, it'll get around technical hurdles) as part of an addictive pattern of behaviour. To counter that, there's no substitute for voluntarily and consciously avoiding it. This may be helped by education: knowing why it's bad, and also knowing why it seems appealing, i.e. sex education and basic addiction psychology, as well as knowledge of the other porn-associated problems as informed by one's broader moral framework. Good luck.
>pornography and perversion that percolates into the mainstream life via innocent channels - manga, anime, Reddit, and so on
I'm not necessarily disagreeing with you, but it's interesting how manga/anime is invoked in these discussions, often unintentionally or even unknowingly recalling the image of 'weird Japan', a supposed hotbed of child abuse and perversion, where no material, much less anime and manga are safe for Western eyes, supposedly more moral and discerning.
I recently read a paper about this kind of discourse, in which the authors pointed out, quite rightly in my judgement, that the popularity of such readings in the mainstream Western press projects a certain idea of fiction and its relationship with reality which is not shared by many in Japan, and certainly not by the consumers of this 'pornography and perversion' according to ethnographic research on their opinions and perceptions.
Second is the idea of 'stumbling' upon porn. Some people even class Neon Genesis Evangelion as 'perversion' in its own right, and recently in the US, portrayals of adolescent sexuality in stories and books, which some lawmakers are trying to remove from libraries. I'm of the opinion that the sparation isn't nearly that easy. Teenagers writing Harry Potter slash fanfiction is a far cry away from Blender animated monster porn, and a fannish teenager or younger will have a greater interest in the former.
Consider just how well moderated most Internet communities are. The chance of seeing porn (as opposed to the anime equivalent of a very softcore porn gif) on r/all, or even r/anime is slim. A child is much more likely to 'stumble' accross it if a friend they know in real life sent it to them through Discord. The only other place I can really think of a child 'stumbling' in a zone meant for children would be Twitter, but then we're talking about Twitter, not 'reddit', 'anime', or 'manga'. In other words, I'm saying that just because the material exists, it doesn't mean it's innocently 'stumbled' upon by a wide-eyed child. Children get curious, especially when you tell them not to do something, or society provides that narrative.
Ah the horror. Ever tried actually talking to the kid? You guys didn't run around the neighborhood doing random shit when you were young? Were your parents horrified by what allowing you to roam without supervision may lead to?
If watching some weirdo porn was enough to mentally damage people, the world would look quite different.
Your problem is not that the kids can't be protected with encryption, but rather that you want way too much control over these kids' lives. I know you think you are protecting them, but it is much better for a child's development to simply be told and explained how the world works. Also porn. Anyone who believes that they can hide everything from a child until they are of age and that they will always act in a wise manner after they are of age is naive.
Childen watching gore on liveleak, girls looking at anorexia inspiration and boys getting into extremist ideals are not really good for their development, and these resources don't "simply tell" how the world works. In fact, it's the opposite: they construct a desirable narrative that supplants interacting with the real world, they enclose someone instead of opening them up. It's a parent's job to ward off bad influence from their children, whom are not equipped with dealing with such stimuli. Maybe not even the parent is equipped. It's not a matter of hiding and controlling children, it's about not letting other abusive people raise your children instead of you.
You have misunderstood me. It is up to the parents to explain to the children that there are such things and that one day they might see them by chance. Just as children can come into contact with drugs by chance through friends. It is up to the parents to prepare the children psychologically for these situations and to act wisely in this moment. For example, children could stop watching such videos early instead of continuing to watch them or simply say no to drugs because they are already prepared.
The idea of protecting children from all this through control is naive for two reasons:
1. you can't monitor children 100%. This leads to the fact that I can never prevent all things. Both in reality and on the net.
2. as adults, these children must have already thought about all this in order to act wisely. A child who moves out at 18 and has not yet dealt with it is completely on their own, although the adults would have had time to explain everything to the children.
And one more thing from pedagogy that contradicts what you said: children process only what they understand and is relevant to them. For example, if you explain to a 4-year-old child what rape is, the child will absorb almost nothing of it. For the child, sex and the sexual need is foreign. Thus, they cannot derive much information from the explanation.
I have seen a lot of sick stuff on the net as a teenager. For example, a beheading of a white journalist in the Middle East by Islamists. No one could have prevented me from clicking on the link friends sent me. However, it could have been explained to me that there are such things on the net and how that should be classified. In the end, it was up to me to classify it. And of course, such experiences could have led to anything. For example, racism.
I agree that control is not the solution for this problem, communication is. Still, I think there are things that are not simply facts of life, like having unlimited access to certain things, let's say porn, gore, hate speech, and other abusive material. At the end of the day, I don't claim to know how to solve this issue, certainly not with outlawing or backdooring encryption, but I acknowledge this problem.
Facebook seems to be doing all the heavy lifting on the extremism front. Overweight/underweight problems are just stupid and it takes like 1 hour to explain how to eat properly and then you never have to deal with that again. Videos of people dying at least serve as a counterpoint to movies where nothing ever happens to people doing dangerous stuff.
> Overweight/underweight problems are just stupid and it takes like 1 hour to explain how to eat properly and then you never have to deal with that again.
I do not think you have a firm grasp of how peer pressure works and how powerful it is. That's like saying "we told people that drugs are bad, so clearly nobody will do drugs anymore".
Facebook's and other providers' moderation policies could differ a lot from yours. But these are the platforms where you can usually enable a form of parental control at least. Videos of people dying, like in an accident or war, might be at least real, but potentially still very damaging because of the lack of narrative. Another issue comes when the video also contains narrative: for example when they distance you from what you just saw, by saying how the people deserved death, were a lesser kind of people, and so on.
Regarding the overweight / underweight problems, do you think that all the over and underweight people, and proper weight people who still battle some eating disorder, just missed a good hour of talking to? I wonder what you'd say to them.
When that 1 hour of food education is pitted against 10s of hours of immersion in an online dysfunctional-eating subculture, what prevails?
Perhaps children need 1 hour, or more, "don't fall in with the wrong internet crowd and let weirdos claim possession of your identity" education. I am not sure what form that would take.
Blocking content is not the way. I ran into Encyclopedia Dramatica and similar when I was like 12, and I wish that didn't happen, but there are no technical filters that would've stopped it. In my experience, kids will find a way around anything you could do, and they will want to fight what they perceive as unjust restrictions. Talk to them and communicate, you can't solve this with a technical solution.
Also, Discord is not end-to-end encrypted. (Messages are sent and scrollback is loaded over HTTPS, realtime messages are received over an HTTPS WebSocket. (They are compressed, but not encrypted any more than normal HTTPS.))
School devices are generally monitored/filtered way too much already. Fortunately until highschool I'd always been able to bypass blocking by changing my DNS or using HTTPS. My highschool has Fortinet though which seems to do SNI filtering so whenever I need to visit blocked things I have to use Tor. (There's probably a more efficient way but Tor works fine.)
> nothing of the extreme sort you could easily stumble upon
From your post, I divine that you don't really like porn much. I actually seek it out; but I've never "stumbled upon" anything more extreme than a model who looks as if she's 17. You don't find kiddieporn by stumbling around pornhub.
> but nothing of the extreme sort you could easily stumble upon by just being online today, etc).
As an adult I don't "stumble" onto the type of content you're talking about and I browse the web a lot. So if children are "stumbling" onto this content, maybe just maybe, they don't need unfettered Internet access and their own private devices.
I'm afraid banning encryption doesn't alleviate this very real issue. In the current ecosystem, nothing is stopping people to install whatever they want on their phones / computers (well, Apple does stop them, but aside from that), and so, it's just an install away that the child rejoins the encrypted network where everything is possible.
> I am horrified by what allowing the kid to roam Internet without filters may lead to now.
I worry too, my nephew is only three and is happily running around playing with dinosaurs.
With social media the way it is, young teens selling themselves on OnlyFans, different types of pornography/hentai imagery traded on Discord. It's all horrifying.
I feel a bit odd posting this. My HN news identity is tied to that of mine in real life – something that I am proud of, but something I might change shortly. Apologies in advance for the very long sentences.
In many ways, my childhood was horrific. Bullied from a young age for being very different to my peers, I had my bones broken by older children aged 8, 9, and 13; scratches and bite marks from the age of about 5. Older children did "things" to me that definitely count as sexual assault with adult eyes; I'd rather not get into all of it as I was never groomed, but I was certainly abused. One memory I have is of sitting on the sofa with my arm in plaster, freshly broken, and playing the Legend of Zelda: Ocarina of Time on my N64. A teacher visited, out of the blue, and asked my mum not to sue the school I was at. Several of the teachers I had as a teenager are now convicted paedophiles -- convicted because they had sex with students (of my gender). I remember one talking about getting large erections in class.
When I went to Oxford, to read physics, after years of being beaten, bullied, spat at, stamped on, urinated upon; after having to battle my school to pay for someone to invigilate my entrance exam paper (they refused -- I did it in the head of the sixth form's office); after being threatened with expulsion for cracking their WEP key to read wikipedia in class; after having faeces thrown at me, a firework placed in my locker, stolen property put in my coat pocket to frame me, and other boys putting what would now be considered "extreme pornography" in the UK in my coat pocket, or changing my unlocked computer's desktop picture to horse porn; or being shown videos of pigs being decapitated with a chainsaw because I was vegetarian -- after all that, when finally, I was welcomed into a place where learning was encouraged, and the others were like me, I frankly thought I'd died and gone to heaven. I've hung onto it, tooth and nail, trying to do good in the world (and let others like me have their chance).
I therefore feel that I'm uniquely qualified to comment this government's attempt at disrupting E2E encryption. I understand the maths (but I am not a cryptographer) and I very much feel like I would be in the target demographic.
Banning or breaking end to end encryption won't help.
Targetted abuse is, I believe on the part of the abuser(s), entirely psychological, and that process leads to physical violence. The medium is a lesser concern. I had seven shades of shit beaten out of me in the era before 2004 -- at AIM and Jabber's height -- and snooping my messages would not have helped.
People who are sexually attracted to children are very rare, and the allegations take a long time to come out because your state of mind only really develops fully about the whole process years later. The medium of communication matters -- and having some sort of post facto evidence chain is undoubtedly helpful -- but breaking disappearing messages is not what this PR campaign is about. It's about increasing the ability of the security services to snoop.
The proposals are something I vehemently disagree with – there is a very large difference between a complaint being raised, that complaint being investigated, and as part of that evidence gathered (and message databases recovered); and proactive, untargetted investigation of crime. The UK's town of "Scunthorpe" famously fails most "bad language" filters and it blights the lives of its residents. Having the police investigate children proactively without talking to them is...immoral. I very much believe that, complete with the five-years-non-negotiable key disclosure law in the UK, encryption moves the burden of duty appropriately onto the police: they can investigate matters when a complaint is raised, but not before.
Any further goes too far towards the surveillance (Stazi-style) police state, in my opinion, with children being investigated by the empowered, frightening apparatus of the state because they said something naughty. We already know what happens to children who look like they might happen to be carrying drugs on their way to school, when the police have the powers to stop and search. It hasn't ended well, either for the police (wherein trust is rapidly falling), or for the children in question. Let's not make the same mistake again with what is, fundamentally, maths.
Thank you for sharing. Since most abuse happens from people you know or are in your vicinity, I believe the focus on online content is misplaced. Providing information and a way to call for help is much more productive way. Having channels to share information confidentially does benefit people greatly to even share their predicaments. It helps them to maybe gain the confidence to seek help. Removing that confidentiality is counter productive.
Giving government the ability to snoop on people to maybe find something objectionable would in my opinion severely inhibit people opening up about abuse. Even if you believed government to be your perfect friend. For many it isn't just a question of security, it is also a question of shame and guilt. Ubiquitous surveillance would be damaging to the low trust of people that were abused.
When technologically impared people make decisions.
Here is a possible solution to your problem: Release an open source library that locally has a trained model to detect child abuse texting. Allow messaging platforms to integrate this library on the user end (you know, after the second "end" in the end-2-end). Implement parental control tools that enable this library to look st messages and report when something is fishy.
> (you know, after the second "end" in the end-2-end)
The "end" in E2EE is the end user, or software acting on that user's behalf as their agent—not software acting for some third party such as the service provider against the end user's will.
Integrating digital spies into peoples' devices is not the answer.
I live in the UK here and I have no problem with the police or government being able to read my WhatsApp messages - provided there is sufficient judicial oversight (i.e. they can convince a judge there’s sufficient evidence I’m doing something criminal).
They can already get a warrant to go through my underwear drawer, tap my phone or read my snail mail.
Do you think that you should have the right to talk to someone in person without the government tapping into that? If so why chat messages should be different?
Im a bit confused what exactly means by banning end to end encryption. What would stop two parties from sending encrypted data across the wire and decrypt it on the other end of it? How would they ban that? If one posts some gobbledygook encrypted text on a forum that only a specific recipient would have the key how would that be stopped?
They did not make a good case. "No place to hide" is vindictive emotional manipulation at best and their fantasies about online interactions are a bit weird. Maybe they should be watched and their exchanges put under scrutiny? Institutions for children are often the source of their abuse.
"Very strange moves that aren’t well thought out at all with a single focus to reduce the power of the people" is a pretty good summary of everything the tory party does.
This is likely to be a better conversation if it doesn't degenerate into "Tories are evil". The Joint Committee on the Online Safety Bill, which highlighted the potential danger of E2E encryption, includes MPs and Peers from Labour and the LibDems too, all of whom supported it. It's not a party political issue and has broad cross-party support (probably because most MPs don't really understand it).
The ability to pass any law you want is in itself pretty useless, because if the population thinks you did pass the wrong laws, you lose the power to pass future laws you might want, either due to getting thrown out during the next election, or because of loss of cranium, French Revolution style.
What is important is lying about your true intention convincingly enough.
Interestingly, that site has been blocked by my employer's Corporate Overlord Content Filter. Had to use another computer to view the content, and now I can see why.
> We are not opposed to end-to-end encryption, as long as it is implemented in a way that does not put children at risk. We are in favour of both strong privacy and children’s safety and urge social media companies to protect both.
Which basically means "we are not opposed to end-to-end encryption as long as the encryption is not end-to-end".
I don't believe it's inaccurate. That sentence is put out there early but the rest of the paragraphs go on to beg businesses not to turn it on. It plays as a way to get ahead of the argument but ends up countering itself at every turn.
The right against e2e encryption will ultimately be lost, IMO.
There is just no concrete, tangible reason why sex predators and terrorists do need to have this protection from law enforcement. Meanwhile, there is no concrete, tangible need for the average citizen to be able to foil lawful access by police (say after a warrant was issued - you do have protections!).
I say concrete and tangible, because while I strongly support e2e, it is impossible to justify on purely objective, let's weigh specific pros and cons grounds. It's essentially an ideological position, where you are willing to accept a lot of concrete downsides for the idea that the right to privacy is a tool in the balance between the individual and the state.
I'd venture to say that very few people here actually deeply believe this though. Rather, it has been adopted as commonly accepted wisdom within our community. Your supposed to support encryption. Within the larger culture wars and the techslash, I have serious doubts as to how many people are willing to defend e2e encryption once the wider public turns against it. This just needs persistence and the right political trigger.
By the way - the argument for cryptocurrency, or for Tor, is exactly the same as the argument for e2e encryption. You are supposed to accept all the bad stuff (crime), not because the average Joe needs the tech, but because it serves as a counterweight against the tyranny of the majority. You don't need to be a libertarian to believe that.
What if we look at ideas such as encryption requiring licensing such that there are valid use cases for it and invalid use cases for it. Things that automatically qualify as valid use cases would be things like login systems, payment systems, communication between certain parties deemed essentially private - for example client attorney communications, patient and medical team communications, reporters, whistleblowers, and other similarly essential services that require protection. I'm sure there are many valid use cases.
Invalid use cases would be things like social media platforms where children are able to communicate with unknown parties.
Could something like that work? How could a system like that be protected from abuse? Obviously pedophillic doctors and reporters would have an immediate loophole that would need to be considered...
There has to be a way where we can have legitimately end to end encrypted systems while preventing illegitimate ones. There's a massive grey area in between "ban encryption" and "let pedophiles do what they want without any oversight." There must be a solution that falls somewhere in the middle of those two things.
> "According to the [M&C Saatchi] presentation, the push will appear to be the result of grassroots action and children’s charities, while downplaying any government role."
The whole thing is just a pile of emotional manipulation, while compeletly ignoring the far, far greater number of legitimate uses of end to end encryption, and the actual dangers to everyday people of personal information being stolen, accessed, leaked, etc. if it's banned! Extremely dirty tactics.
1. https://news.ycombinator.com/item?id=29955893