Age verification isn’t so clear cut but there’s room for a lot of hope. What ‘age verification’ is going to be in the bill is yet to be determined by Ofcom.
… Which is law makers kicking the can down the road… or passing the buck. Probably because it’s unenforceable and a technical/ privacy nightmare. Maybe it will amount to something, in which case we should be afraid, but I think most likely it will amount to not much.
I would never trust Wired’s interpretation on a matter such as this.
I did read the Tech Crunch article, and I understand that users must be given tools now to filter instead of Parliament dictating what is legal but harmful - which does sound like an improvement -, but somehow I am even more concerned about the law due to how untrustworthy I found the authors’/supporters’ rhetoric to be. I think there might be some truth to this, though:
“Nothing is getting watered down or taken out when it comes to children,” she argued. “We’re adding extra in. So there is no change to children.”
And that makes everything else sound like a spin to me. I think this bill is too expansive to be transparent, and I do suspect that is in some part intentional.
Sorry wired just came to hand. You can find it referenced elsewhere.
But it did change from ‘have to’ to ‘have to, if possible’ which is a massive climb down. It’s basically not possible to have a backdoor in e2e encryption so I think it’s dead in the water. It may even make other companies shift to e2e to avoid this legislation, which would be ironic.
And I think the quote is from the minister in charge of the bill, so he/she would talk it up.
The bill is awful. But at least it’s weak(er) and awful.
It’s basically not possible to have a backdoor in e2e encryption
That depends on the encryption method. No one is publicly aware of the standards having backdoors (with a few exceptions), but proprietary encryption implementations can definitely have backdoors.
This has occasionally been a requirement for export-controlled technology (e.g., a mandated maximum key size). And it has occasionally led to the unintended side effect of creating backdoors in the full-strength/domestic/non-export models due to poor implementation.
Sure. I’ve not read it either but here’s what I’ve found.
Removal of encryption backdoors - https://www.wired.co.uk/article/britain-admits-defeat-in-online-safety-bill-encryption
Removal of ‘harmful but legal’ - https://techcrunch.com/2022/11/29/uk-online-safety-bill-legal-but-harmful-edit/
Age verification isn’t so clear cut but there’s room for a lot of hope. What ‘age verification’ is going to be in the bill is yet to be determined by Ofcom.
… Which is law makers kicking the can down the road… or passing the buck. Probably because it’s unenforceable and a technical/ privacy nightmare. Maybe it will amount to something, in which case we should be afraid, but I think most likely it will amount to not much.
Full bill is here if you have a spare 3 days to read it all - https://bills.parliament.uk/publications/52368/documents/3841
I would never trust Wired’s interpretation on a matter such as this.
I did read the Tech Crunch article, and I understand that users must be given tools now to filter instead of Parliament dictating what is legal but harmful - which does sound like an improvement -, but somehow I am even more concerned about the law due to how untrustworthy I found the authors’/supporters’ rhetoric to be. I think there might be some truth to this, though:
And that makes everything else sound like a spin to me. I think this bill is too expansive to be transparent, and I do suspect that is in some part intentional.
Sorry wired just came to hand. You can find it referenced elsewhere.
But it did change from ‘have to’ to ‘have to, if possible’ which is a massive climb down. It’s basically not possible to have a backdoor in e2e encryption so I think it’s dead in the water. It may even make other companies shift to e2e to avoid this legislation, which would be ironic.
And I think the quote is from the minister in charge of the bill, so he/she would talk it up.
The bill is awful. But at least it’s weak(er) and awful.
Time will tell.
Indeed.
That depends on the encryption method. No one is publicly aware of the standards having backdoors (with a few exceptions), but proprietary encryption implementations can definitely have backdoors.
This has occasionally been a requirement for export-controlled technology (e.g., a mandated maximum key size). And it has occasionally led to the unintended side effect of creating backdoors in the full-strength/domestic/non-export models due to poor implementation.
Again, the necessity for encryption backdoors has not been removed, simply paused.