Today The UK Parliament Undermined The Privacy, Security, And Freedom Of All Internet Users::The U.K. Parliament has passed the Online Safety Bill (OSB), which says it will make the U.K. “the safest place” in the world to be online. In reality, the OSB will lead to a much more censored, locked-down internet for British users. The bill could empower the government to undermine not just the…

  • qooqie@lemmy.world
    link
    fedilink
    English
    arrow-up
    89
    ·
    1 year ago

    HUGE oof. Get your grandparents out of office and put some people who know how technology works in

  • Dasnap@lemmy.world
    link
    fedilink
    English
    arrow-up
    40
    ·
    edit-2
    1 year ago

    I thought they pushed this back a few weeks ago when they realized it wasn’t plausible?

    Or is it a case of ‘the law is here for when it is plausible’, which it never will be?

  • Spendrill@lemm.ee
    link
    fedilink
    English
    arrow-up
    26
    ·
    1 year ago

    The absolutely hilarious thing about this is that all of these MPs that clamoured for this bill because “Won’t somebody think of the children!” are up to all sorts of terrible behaviour and a whole bunch of them are on Signal.

    • just another dev@lemmy.my-box.dev
      link
      fedilink
      English
      arrow-up
      39
      ·
      1 year ago

      A clause of the bill allows Ofcom, the British telecom regulator, to serve a notice requiring tech companies to scan their users–all of them–for child abuse content.This would affect even messages and files that are end-to-end encrypted to protect user privacy. As enacted, the OSB allows the government to force companies to build technology that can scan regardless of encryption–in other words, build a backdoor.

      • Steeve@lemmy.ca
        link
        fedilink
        English
        arrow-up
        37
        ·
        1 year ago

        I am willing to bet that the overwhelming response from tech to “build a back door into every internet user’s E2EE communication globally for us to use” is going to be a big fat “No”. The UK market isn’t big enough to be making these kinds of demands.

        • tony@lemmy.hoyle.me.uk
          link
          fedilink
          English
          arrow-up
          36
          arrow-down
          1
          ·
          1 year ago

          The reaction is more likely ‘It’s still impossible. Just like we told you all the other times. Idiots.’

          • Steeve@lemmy.ca
            link
            fedilink
            English
            arrow-up
            20
            ·
            edit-2
            1 year ago

            It’s technically not impossible, it would just get rid if the entire point of E2EE, which is mentioned in the open response from WhatsApp, Signal, and others:

            if implemented as written, could empower Ofcom to try to force the proactive scanning of private messages on end-to-end encrypted communication services, nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users

            • Dr. Bluefall@toast.ooo
              link
              fedilink
              English
              arrow-up
              17
              ·
              1 year ago

              …this would make E2EE effectively meaningless, because no amount of encryption will protect against getting scanned at the entrance and exit.

              • darth_helmet@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                11
                ·
                1 year ago

                And then some incompetent contractor will put the backdoor key onto their GitHub and completely destroy everyone’s privacy

              • phx@lemmy.ca
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 year ago

                AND it would probably break laws in other countries that actually value privacy or security. It’s not like they’d be making a UK-only client for every fucking app or device that uses encrypted communications

              • Steeve@lemmy.ca
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 year ago

                Yeah exactly, it’s very, very stupid and not something any service that actually bothered to enable E2EE in the first place would ever seriously consider.

    • gravitas_deficiency@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      8
      ·
      1 year ago

      VPNs: exist

      At more length: the internet is incredibly complicated and interrelated. It’s actually extremely difficult to draw clear national boundaries in terms of one web service or another, and the result is honestly never going to be 100% accurate.

    • spearz@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      I wouldn’t worry about this too much. Today they announced they’re no longer implementing a bunch of things they just made up, like forcing people to car share, and something about demanding people to use a minimum of seven bins…

      Tomorrow they will probably state that they’re banning lemons, or insisting that people are only allowed to talk with a French accent when ordering pastries.

  • BrianTheeBiscuiteer@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    19
    ·
    1 year ago

    Sorry Brits, but I think this is a good time for Lemmy and pretty much any site that cares about privacy block the entirety of the UK. 😞

    • Cam@lemmy.world
      link
      fedilink
      English
      arrow-up
      34
      arrow-down
      3
      ·
      1 year ago

      Sites and services outside the UK should not comply. If UK ISPs block sites outside the UK for not complying, so be it.

      • WHYAREWEALLCAPS@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        Nah, I think global sites should just block access from the UK. Let’s see how the politicians like it when facebook, etc, stop working.

      • orclev@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        5
        ·
        1 year ago

        Ultimately the problem is that extradition treaties are a thing. While it’s one thing for a company to ignore a law in a country they don’t “operate” in, if you provide services in that country, you are technically subject to its laws, and if they decide to force the situation you could find yourself arrested in your home country and sent to face trial or even serve a prison sentence in another country. Technically your home country could refuse to extradite you, but that has all kinds of political ramifications and so unless you’re someone very powerful in your home country it’s unlikely the state will step in in your favor. The safest bet is simply to block all access from a specific country, and then if pressed you can simply say “we did our best to prevent access from your country and do not provide service there, anyone accessing our service from that country is circumventing our restrictions and there’s nothing we can do about that”, which is probably good enough to torpedo any case against you.

        • Gabu@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          I’ve never ONCE heard of someone being extradited FROM their home country. I know for a fact there’s strong precedent of refusals.

          • orclev@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            1 year ago

            So, I went and did some research and while some countries do exempt their own citizens from extradition the US and the UK are not one of the ones those apply to. In the event that a country does block extradition of their own citizens they typically will try the person in their own courts instead. However while looking into this I found something else out about extradition I didn’t know, which is that most extradition treaties require that the offense committed has to be a crime in both jurisdictions, so it wouldn’t apply in this case anyway. There are also exemptions for “political crimes” although that’s a rather vague term, and once again doesn’t apply in this particular case. Lastly it seems like most extradition treaties only apply to crimes that carry a minimum 1 year jail sentence, so you’re not getting extradited for littering or something like that.

            The interesting bit I learned is that there are generally two kinds of extradition treaties. One kind lists a specific subset of crimes that the treaty applies to. In theory, you wouldn’t need both countries to consider the act a crime in that case, as a country could request an extradition treaty for something the other country doesn’t consider a crime, but the odds of the other country agreeing to such a treaty are pretty slim. The other kind of treaty is what most countries currently use which is an agreement that for things both countries consider to be a crime, if the offense occurred in another country then the accused will be extradited to that jurisdiction for prosecution.