back to article UK ministers to push anti-encryption laws after election

The UK government will push through orders next month to force all communications companies including Google and Facebook to break data encryption. That's according to the Sun newspaper, which quotes a government minister as saying "we will do this as soon as we can after the election, as long as we get back in. The level of …

Page:

        1. Voland's right hand Silver badge

          Re: The encryption horse is free

          Kim Jong-May. Snoopers Charter

          At the time, none of her ideas passed without being extensively gutted, exactly because of Lib Dems.

          I have said before, I will say it again. Come back Cleggie, everything is forgiven.

        2. Dan 55 Silver badge

          Re: The encryption horse is free

          They did however manage to put the brakes on the Snooper's Charter until the Tories were governing alone from 2015 onwards. May originally announced it in 2012.

          1. MJI Silver badge

            Re: The encryption horse is free

            I know of quite a few centre right voters who liked the coalition moving their votes from one of them to the other.

        3. John Brown (no body) Silver badge

          Re: The encryption horse is free

          "Ehh??? Have you forgotten who was Home Secretary? Kim Jong-May. Snoopers Charter, etc etc..."

          Short attention span eh? You are the reason politics is now made up of PR people and media sound-bites. Push a misleading sound-bite often enough and eventually the masses will come to believe it's true.

      1. Arthur the cat Silver badge

        Re: The encryption horse is free

        If every home secretary for the past 20 years or so ends up crossing over to the dark side, I can only conclude that it's the civil servants that are pushing it.

        Got it in one. My theory is that the only things they allow the Home Secretary to read are the worst crime statistics and Judge Dredd stories. (Blunkett presumably got audio books.)

        Note also that there's now talk of having to prove your identity when voting. Given that not everybody has a driving license or a passport we obviously need another solution. In a Sir Humphrey voice: "Well Minister, how about introducing identity cards? Think how much easier it would make things - it could be used by the NHS and HMRC as well, which would cut costs."

        1. Loyal Commenter Silver badge

          Re: The encryption horse is free

          My theory is that the only things they allow the Home Secretary to read are the worst crime statistics and Judge Dredd stories.

          If this were the case, then why did May cut funding to the police when Home Sec? There have been a number of Dredd storylines recently concerned with understaffing and lack of resources for the Judges. Add to that, if they read 2000AD, it would have been banned by now as a subversive publication, given its propensity for sometimes not-so-subtle parody of the British government.

          1. Adam 52 Silver badge

            Re: The encryption horse is free

            "If this were the case, then why did May cut funding to the police when Home Sec"

            Because May wants the Police to be (a) employees not independent Crown servants [and therefore able to tell her to eff off] and (b) privatised [ideally to her husband's company].

            1. William Old

              Re: The encryption horse is free

              Well said. Unfortunately, with police (officer) numbers down 16,000 over the last few years, and still plummetting (Google "Laura Beal" if you don't recognise the name), and a round a quarter of police forces in England and Wales struggling to respond promptly to 999 calls, it's probably now too late. I think we might now have passed the tipping point.

              1. BongoJoe

                Re: The encryption horse is free

                Isn't the act of visiting an HTTPS site end-to-end encryption?

      2. Uncle Slacky Silver badge
        Black Helicopters

        Re: The encryption horse is free

        In terms of civil servants, specifically, Charlie Farr.

        https://en.wikipedia.org/wiki/Charles_Farr

    1. Adam 52 Silver badge

      Re: The encryption horse is free

      "No encryption means..."

      Nobody is proposing no encryption. Not even an unnamed source in a dodgy newspaper just before an election. There's enough to be worried about here without making up ghosts.

      1. John Smith 19 Gold badge
        Unhappy

        "Nobody is proposing no encryption. "

        What they are proposing is worse.

        A fake "walled garden" where encryption seems to work but is actually over rideable on demand.

        Most people will barely consider that "on demand" part.

        But any foreign business thinking about buying UK software will be thinking "WTF should I buy something I know will insert a big f**king hole in my security?"

        Until one of the army of bad guys (actual bad guys, not the roughly 1 in 4333 UK subjects who MI5 said was a terrorist "suspect") reverse engineers this BS (you can smell the whiff of "security by obscurity" already) and does for real what a character in a William Gibson short story (burning Chrome?) is described to have done and guts a whole (African ?) countries economy.

    2. The Allie Cat

      Re: The encryption horse is free

      To be very fair - the goal isn't to ban encryption. It is to ban end to end encryption between users. Which is fairly new actually. It would require new privacy policies and the removal of advanced features for UK customers (the secret chat modes), but it wouldn't be the technical disaster we would like to think for users. Of mainstream apps, only WhatsApp would be completely banned (instead of just having secret chats disabled).

      It would be a disaster for British companies. We are already seen as being too close to the Americans. Like people are starting to avoid American tech in privacy-conscious applications, they'd do the same for British tech. Brexit alone may inspire this.

      I don't support an end to end encryption ban. But let's be clear it isn't a ban on things like online banking.

      1. Doctor Syntax Silver badge

        Re: The encryption horse is free

        "Of mainstream apps, only WhatsApp would be completely banned"

        Did you join up today to astro-turf on behalf of the Home Office?

        Lets look at what you forgot:

        Online banking.

        Placing orders online with Amazon, eBay, Tesco etc etc.

        Paying for anything via PayPal

        Securely sending your password to your email provider to get your mail

        Logging into pretty well any other service.

        All these things require end-to-end encryption between one user (the customer) and another (the service provider) in order to work securely. If you don't thing this security is important then I challenge you to post all the IDs and passwords that you use for such services here in public.

        But first, have a look at the T&Cs of these services. You'll find every one requires you to keep this information confidential. Your government wants to make it impossible for you to abide by those.

        And for what? For nothing as far as the stated purpose is concerned. Because any organisation that wants to use encryption to facilitate law breaking is concerned will source encrypted communications from outside the government's remit. The only ones to suffer will be law-abiding citizens.

        1. Sloth77

          Re: The encryption horse is free

          "Did you join up today to astro-turf on behalf of the Home Office?

          Lets look at what you forgot:"

          No, you are missing the subtlety here. They are not bothered about end-to-end encryption between customer and service, ie me -> Google, because Google is able to decrypt the information and simply pass it to the goverment. As they do already.

          What they are bothered about is end-to-end encryption directly between users. Because then the only people that can decrypt it are the two users. And as it was previously pointed out, this type of encryption is fairly rare.

          So:

          Online banking.

          Placing orders online with Amazon, eBay, Tesco etc etc.

          Paying for anything via PayPal

          Securely sending your password to your email provider to get your mail

          Logging into pretty well any other service.

          Are all perfectly safe. At least in theory. Unless the government change their mind....

          1. Truckle The Uncivil

            Re: The encryption horse is free

            @Sloth77

            You are completely erroneous in the assumption that user to user encryption is rare. It is not. The majority of my communications with other persons is end-to-end user-to-user encrypted. It is inherent in an Apple eco-system.

            I don't care which fanboi side of the fence you sit on, you cannot call the use of Apple devices 'rare'.

      2. Anonymous Coward
        Anonymous Coward

        Re: The encryption horse is free

        I don't support an end to end encryption ban. But let's be clear it isn't a ban on things like online banking.

        No, it just means all your online banking activity (and everything else) is visible to the government.

        If they wrote the law properly, they could require a backdoor into the https protocol.

      3. Truckle The Uncivil

        Re: The encryption horse is free

        @The Allie Cat

        So, after this is in effect use of all iPhones becomes illegal? I use iMessages and FaceTime far more than I use cell calls. They both use end-to-end and full disk encryption. Most of the people I am in contact with on a regular basis are covered by them.

        Even if Apple 'withdrew' from the country the devices would still be there.

    3. This post has been deleted by its author

    4. Anonymous Coward
      Anonymous Coward

      Re: The encryption horse is free

      I went to a focus group on banking communications recently set up by my bank. The person leading the discussion was suggesting ways we could be contacted and what we thought of them. When email came up I explained that if you wouldn't write it on the back of a postcard then sending it on an email was a distinct no no. After some more input we were told to ignore the security issues with the method of transmission. I said great send me everything on the back of a postcard then because if in this virtual world we're saying security is perfect then that's just a secure and I don't have to go to the bother of opening an envelope. As I'd singled myself out I was then asked whether I was concerned about my use of internet banking and I said I don't use it.

      "No encryption means no use of the internet to fill in tax returns, VAT forms, "

      Ooh we won't get that because HMRC are pushing for Making Tax Digital and the Clusterf*ck that's going to be. When those below the VAT threshold were going to be included from next year (it's 2019 now) I phoned HMRC and asked what information would need to be provided digitally by me (or to be more accurate my accountants) on a quarterly basis. To be told "we can't tell you unless you are part of the trial" was a bit of a shock. I still don't know and to be honest I'm past caring.

      I'll save a fair bit if the ban hits Amazon and Ebay because the amount of cr*p I've bought on Ebay and vis Amazon Prime is disturbing.

  1. Anonymous Coward
    Anonymous Coward

    Liberty for temporary safety

    "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." Benjamin Franklin

    1. Ian Emery Silver badge

      Re: Liberty for temporary safety

      I wish I could upvote you a billion times, such a shame you hid behind the AC tag - although that wont work if Comrade May gets her way.

      For the first time in my life, I am voting Labour - even if Corbyn IS a gimp; this government deserves to die even more than the bastards behind the attack.

      It has got to the point where I trust them so little, my first thought after the Manchester attack was "Isnt that convenient - 2 weeks before the election. It's almost as if they've done an Erdogan".

      1. GrumpyOldMan

        Re: Liberty for temporary safety

        Except Corbyn wants to bannish Umbrella companies and he hates contractors with a passion. I have no idea who to vote for tbh. They're all pants. Might even go UKIP if they have anything interesting. Is Screaming Lord Sutch still about?

        The tories will kill any investment in the UK with this. What foreign company in their right mind would come here with a ban on encryption? Taxes can be as low as you like but no security? Forget it.

        1. Anonymous Coward
          Anonymous Coward

          Re: Liberty for temporary safety

          > Is Screaming Lord Sutch still about?

          Screaming Lord David Edward Sutch, 3rd Earl of Harrow died on 16 June 1999. The Monster Raving Loony Party have 12 candidates in the GE and will hope to beat their best ever 0.1% of the vote.

      2. SundogUK

        Re: Liberty for temporary safety

        "..this government deserves to die even more than the bastards behind the attack."

        Seriously? Taking away your encryption is worse then massacring children?

        Arsehole.

        1. Doctor Syntax Silver badge

          Re: Liberty for temporary safety

          "Seriously? Taking away your encryption is worse then massacring children?"

          What do terrorists want to do? They want to remove our freedom under the law. So when a government decides to remove some of that freedom anyway then the terrorists have won a substantial victory. Is that what you want?

      3. Anonymous Coward
        Anonymous Coward

        Re: Liberty for temporary safety

        "Isnt that convenient - 2 weeks before the election. It's almost as if they've done an Erdogan".

        One of the aims of terrorist groups is to alienate more people from the government - that makes for richer recruitment grounds for them. Daesh/ISIS want the Government to react with repressive measures - and Theresa may has the mentality to walk into their trap.

        Unfortunately Labour will be no different from the Tories. They have not opposed May's measures in the past.

      4. MJI Silver badge

        Re: Liberty for temporary safety

        Don't trust Labour either. Remember ID cards?

        1. Loyal Commenter Silver badge

          Re: Liberty for temporary safety

          Don't trust Labour either. Remember ID cards?

          It may have escaped your attention, but those who were in power and responsible for that sort of thing around a decade ago are substantively not the same people in charge of the Labour Party now. If you concentrate really hard, you might remember a leadership election, where the red Tories got voted out, and replaced by a leftie vegetarian bloke with a beard, and then a couple of failed coups where they tried to get rid of him again.

          Many of the people who now support the Labour Party share my opinions of those who were at the head of the party under Blair, and those opinions are not kind. This is why the membership of the party fell while Labour were last in power, and then grew massively once the Blairites were toppled.

          Add to this the suggestion that Home Secretaries are usually not well qualified for the job (I can't recall one who has actually ever worked in policing, for example), then they will be getting their opinions from the senior civil servants who feed them to them. You have to ask yourself who the 'Sir Humphrey' is, because the coordinated drive towards authoritarianism across a number of successive governments could only plausibly be coming from Whitehall.

      5. Nick Kew Silver badge

        Re: Liberty for temporary safety

        For the first time in my life, I am voting Labour

        Speaking as someone who in my youth was an enthusiastic supporter of Thatcher, I may very well be with you there. Though I shall look at the full list of candidates before a final decision.

        It's almost as if they've done an Erdogan

        I think that comparison is unduly harsh on Erdogan. He had an actual referendum about giving himself more powers, whereas only a select few in Maidenhead get to vote for or against our Leader. And above all, with Syria and Iraq on his borders, Erdogan has very real and major problems to deal with.

        1. allthecoolshortnamesweretaken Silver badge

          Re: Liberty for temporary safety

          @Nick: I think the remark about Erdogan refers to the botched "coup" last year. Which was very convenient for him. Oh well, I guess if you've read your Machiavelli attentively, you'll recognize your own Reichstag to burn when you see it.

          1. Loyal Commenter Silver badge

            Re: Liberty for temporary safety

            Not to mention several 'terrorist bombings' over the past few years allegedly orchestrated by 'Kurdish separatists', and very convenient for a religious-right wanna-be dictator who might wish to further marginalise and demonise the on-the-whole secular and democratic Kurdish peoples.

          2. Nick Kew Silver badge

            Re: Liberty for temporary safety

            I think the remark about Erdogan refers to the botched "coup" last year. Which was very convenient for him

            Yes, I realise that's a strong parallel. And history gives us many more such: we still have some residual effects from the 1605 plot, in that for example the monarch can't marry a Catholic (and Northern Ireland bears more serious scars).

            Where the parallel ends is in the timing. As far as I know, the Turkish coup could have happened a year earlier or later and still served Erdogan's agenda equally well. Insofar as it served an existing agenda, as opposed to creating a new agenda, which is a question for historians.

    2. Anonymous Coward
      Anonymous Coward

      Re: Liberty for temporary safety

      But what happens if essential liberty is the thing that keeps you from being safe FULL STOP? Then it becomes a matter of whether or not liberty and safety are really compatible with each other. IOW, it becomes a stark choice between two naturally-attracting regimes. Pick your poison: the police state or anarchy.

      1. John Smith 19 Gold badge
        Unhappy

        "Pick your poison: the police state or anarchy."

        A classic rhetorical method.

        It's BS. IRL there is a trade off between freedom and risk. Raod accidents kill about 3 000 subjects in the UK every year, but no one in their right mind is talking about banning private cars.

        It was estimated that in 2014 smoking caused 78 000 deaths in the UK. Yet no one is talking about an outright ban, because it makes too much money and would be as stupid as Prohibition was in the US.

        This particular "cunning plan" trades off the slight risk IE 22 deaths in 12 years Vs the guaranteed hole put in everybodies personal data security.

        1. Truckle The Uncivil

          Re: "Pick your poison: the police state or anarchy."

          @John Smith 19

          It is BS now but will it remain so long term.

          People's personal power, the individual's ability to destroy or create becomes greater with every passing moment. Bigger guns, better explosives, transport, training. Let alone access to new technologies like CRISPR. Every year we get more deadly to ourselves.

          We are almost at the point (almost?) where an individual could destroy us all.

          So either every one 'has to' be happy -OR-

          Everyone 'has to' be controlled.

          Is that, ultimately what we are looking at? Because I would die before making either of those choices.

  2. Anonymous Coward
    Anonymous Coward

    Sorry High Street Bank

    The Government ate my encryption!

    1. Peter Gathercole Silver badge

      Re: Sorry High Street Bank

      As several people have already pointed out, it's not banning encryption, it's forcing the large companies to give UK gov a backdoor.

      The idea is flawed not because it will make encryption illegal, but because keeping a backdoor secret is impossible. Once it is leaked, and it will leak, everybody will have to change their encryption. How disruptive has been replacing insecure SSL/TLS. Backdoors leaking would be much worse than this!

      The government will try to make using encryption that does not include a backdoor illegal, and will demonize anybody found using such a system, probably by adding laws to the statute book so that anybody found using encryption that is not readable by the intelligence service will be deemed a terrorist, but even that idea is flawed.

      This is because, if they find a data stream or data set on a computer that they don't understand, they will immediately assume that it is obscured by a type of encryption that they've not seen before.

      "Hey, I can't make any sense of the data in this /dev/urandom file on your computer. Tell us how to decrypt it or we'll throw you in jail for three months for not revealing the key, and then consider a longer jail sentence for using an encryption method that we can't read"

      This is obviously a case to illustrate stupidity, and could be easily challenged in court. By what about seemingly random observation data from things like radio astronomy or applied physics, and if there are rules to allow this type of data to even exist on a computer, how do you prevent steganography - hiding data inside the image or other data.

      At some point, people wanting to hide things will resort to book ciphers using unpublished or even published books, which will only be decryptable by knowing the exact book that is being used, or by cataloging all texts ever written. Fortunately, despite Google's best efforts, this is something that will remain impractical for some time.

      It's a real minefield that there are no good or consistent ways of regulating.

      1. Anonymous Coward
        Anonymous Coward

        Re: Sorry High Street Bank

        Better post ac for this one.

        "This is obviously a case to illustrate stupidity, and could be easily challenged in court."

        <Hypothetical situation to illustrate the race to stupid>

        Or..if you have sensitive information in your posession and they don't want it encrypted, perhaps those of us with access could just store all our working data in the cloud in the clear.

        Considering some of the information that would contain it wouldn't be long before I was in jail, were I stupid enough to try and prove a point, but I would then be a political prisoner and the costs of fixing all the stuff that leaked would run to a pretty penny.

        </Hypothetical situation to illustrate the race to stupid>

      2. gnasher729 Silver badge

        Re: Sorry High Street Bank

        "The idea is flawed not because it will make encryption illegal, but because keeping a backdoor secret is impossible. "

        The NSA couldn't keep their attacks against Windows secret, and that almost took the NHS down. So at the very least I'd expect for example a backdoor that can be removed by Google, Apple, Microsoft permanently by the press of a button.

      3. John Smith 19 Gold badge
        WTF?

        "Once it is leaked, and it will leak, everybody will have to change their encryption."

        Leak? Leak?

        You don't think knowing there is a guaranteed back door into every encrypted data stream in the UK might be a bit of an incentive for, IDK every Black hat hacking crew on the whole f**king planet?

  3. Your alien overlord - fear me

    Can we get the flags to fly at half mast for the death of freedom?

    1. Anonymous Coward
      Anonymous Coward

      Only if you vote Tory on June 8th

  4. Doctor Syntax Silver badge

    If any Conservative candidate comes calling for your vote ask them if they've published all their banking, ecommerce, farcebook, twatter and other log-in credentials. When they ask why explain to them that this will be the net effect of removing encryption and you don't see why you should be asked to vote for someone who hasn't tested such a stupid policy on themselves.

    Or simply explain that forcing HMG to abandon the centuries-long presumption of innocence is a major win for terrorists who wish to destroy British values. (Make that English values dependent on your assessment of the candidate's degree of rabidness.)

    1. Voland's right hand Silver badge

      Or simply explain that forcing HMG to abandon the centuries-long presumption of innocence

      Such a thing does not exist any more in English law. Courtesy of Tony Blair. The sole place where it exists is the ECHR and this is one of the most prominent reasons for Kim Jong May wanting to remove us from it.

    2. TheVogon Silver badge

      "When they ask why explain to them that this will be the net effect of removing encryption "

      They are not removing encryption. They are requiring an ability to access the keys / data. This means that the encryption won't be as secure, but not all removed.

      1. John Brown (no body) Silver badge

        "They are requiring an ability to access the keys / data."

        What's the difference?

        Oh,. look, some bloke accidentally left a USB stick on the train. I wonder what's on it?

        Bah! It's a just a plain text file with lists of company names, URLs and some gobbledygook strings!

        PS, quite surprised to find my spell checker included gobbledygook!

      2. John G Imrie Silver badge

        They are not removing encryption. They are requiring an ability to access the keys / data. This means that the encryption won't be as secure, but not all removed.

        We are not removing locks, we just require you to leave a copy of the key under the mat.

      3. Doctor Syntax Silver badge

        "This means that the encryption won't be as secure, but not all removed."

        It won't be secure at all once it's leaked.

    3. Anonymous Coward
      Anonymous Coward

      "If any Conservative candidate comes calling for your vote ask them if they've published all their banking, ecommerce, farcebook, twatter and other log-in credentials"

      Or any Labour candidate, they tried this crap too, and it is the same party - same MP for Islington as under Blair and Brown, same MP for Hayes, same MP for Hackney, etc, etc.

      Perhaps Corbyn would be a better bet for me if he hadn't hung around with Seamus Milne ("sure Stalin did a few bad things, but look at the good things too"), or if he had behaved vaguely democratically on a key recent issue (instead of 'my constituents voted this way on the issue, but screw them, I want this instead, and am using the party whip I frequently ignored in the past to make sure my MPs don't do what their constituents want either')

      Plague on both their houses. As previous commentary nearly said, where's the likes of Screaming Lord Sutch when they're needed .....

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019