https isn't "secure" in the sense that it can't be eavesdropped - never has been, isn't really designed to be. The only assurance it gives is that the server you're talking to is what/where it claims to be. So that's fine, under Dave's rules.
I think this is a great idea. Given that GCHQ is one of the world leaders in electronic snooping, if this provision is enacted, we'll soon have a list of the best privacy protocols available - it'll be all the ones that are banned in Britain.