This shows that the articles by those who uncovered the plans were right [e.g. 1] - even though this is a political campaign paid for by the UK public (via the Government), and developed and coordinated by the Government, they have big logos of community groups and charities at the bottom and minimises the Government's involvement -
> "According to the [M&C Saatchi] presentation, the push will appear to be the result of grassroots action and children’s charities, while downplaying any government role."
The whole thing is just a pile of emotional manipulation, while compeletly ignoring the far, far greater number of legitimate uses of end to end encryption, and the actual dangers to everyday people of personal information being stolen, accessed, leaked, etc. if it's banned! Extremely dirty tactics.
> dangers to everyday people of personal information being stolen, accessed, leaked, etc
This campaign is ripe for hijacking and inverting like the "you wouldn't steal a car" campaign.
"NO WHERE TO HIDE: (from criminals)... thought you were safe when writing innocuous private messages on Facebook? think again, criminals intercept the plaintext to commit identity fraud in your name. Thought you only had to worry about corporate surveillance of your location data? think again, now criminals can easily track you to break into your house while you are out. Thought your job was secure? think again, now criminals can build a comprehensive profile of your social and work activities to easily and effectively social engineer their way into your organisation, risking your livelihood."
[edit]
The other approach is to apply the same thinking to something non technical to more tangibly demonstrate how this is a bad idea. e.g:
"NO WAY TO RUN: we are banning wheels, because they help paedophiles make for a quick getaway after abducting their target. In future we plan on banning legs too."
The more fun thing to do is to manipulate messages in transport.
There was a really fun game where you could join public wifi and change every image request response to be images of cats instead. (by changing the requesting URL and/or response).
Oh wow this brings back memories. More than a decade ago I lived in shared housing where each room has its own telephone port. The idea was every person was supposed to get their own internet. But after a few months of troubleshooting my housemates' internet issues I decided to open up my wifi to everyone else. I used Chillidog, a captive portal software that runs on ddwrt. I had a 3 hour continuous-use limit, after which weird stuff would happen to their images like being turned upsidedown or blurred. I used this very site to make it happen!
Eventually, my housemates just contributed to my internet bill and dropped their own subscriptions. I got rid of the captive portal and went with something more traditional
NO WHERE TO HIDE: From the press... thought you were safe organising that lock down busting party at no. 10 over WhatsApp? Think again, journalists can intercept the plain text of your messages where you laugh at the deaths of proles and ask your old school mate Rupert to bring 10 bottles of bolly.
Considering the UK press (and the MET) sat on that story for months, and it would probably never have gotten out if Cummings wasn't so pissed about the way he was treated, the UK pols have little to worry about from the press or the police.
Nice, that’s put together well. Worth giving it a watch and a like (because interactions like likes and comments tell the algorithm it’s worth recommending to others)
The idea that criminals will break into Facebook's servers and steal your messages is was less likely than the government using Facebook messages to catch child abusers, and that's already a little dubious.
A better counter-argument is foreign governments (China, Russia, etc.) requiring data to be held on their soil and then using it to hunt and impression political enemies.
Without end-to-end encryption, one doesn't need to break into anyones servers. Thats sort of the point. Without encryption, you are weak at every packet, which can be intercepted anywhere between you and Facebooks servers.
End-to-end encryption != no encryption.
It's seems they're quite happy as long as authorized parties (adtech, intelligence agencies, etc) can man-in-the-middle the thing.
Of course, tech companies never get breached and are exceptionally good at protecting our emails, passwords, credit reference data, and sensitive internal emails of political parties and campaigns, so there's clearly no risk whatsoever of your messages getting published on the internet in the future.
No end-to-end encryption does not mean no encryption. For example, Telegram does not use end-to-end encryption by default, however they encrypt all the messages with keys distributed across their servers. Anyone inspecting the packets won't be able to understand what's going on, but Telegram are able to read all your messages.
Actually on closer inspection they don't even particularly care about E2E encryption, and here I was thinking this was snooper's charter v2:
> We are not opposed to end-to-encryption in principle and fully support the importance of strong user privacy. Instead, our campaign is calling for social media companies to work with us to find a solution that protects privacy, without putting children at even greater risk.
So we missed the point. This is a campaign to protect kids from shitty parenting, aa, I mean the social networks... so that they can be safely indoctrinated by social media without needing to encourage a responsible society.
In all seriousness, the larger risk here then is not necessarily criminal activity from data leaks (though that's still a real possibility with a gov backdoor) - the greater risk is deeper government mass surveillance built directly into the most popular social media networks.
The result of these campaigns if successful, would likely be key-escrow rather than banning encryption. With that the risk of criminal abuse is negligible.
Instead the risks are added complexity creating opportunities for bugs, and having to trust everyone with decryption access to not abuse that. It is possible to control that access technologically. For example, by requiring two separate keyholders (or in general N ot of M) keyholders before being able to decrypt any messages.
Those downsides matter, but they are scary for abuse by governments, nation state adversaries, and NSA type hackers. The downsides do not make criminals more scary.
Eh, I'm not sure. Assuming that the government keys never get leaked (which is possible even with the key-split method you propose). And assuming that the local municipal police departments and groups given access to those keys never get hacked. And assuming that products never get restricted to less-secure schemes as the technical world evolves around them.
Maybe the UK has a better track record on this, but off the top of my head a lot of the key-escrow systems I've seen in the US are quite bad. We have systems for TSA locks, fireperson access to locked buildings, etc... many of those systems are not secure, they just don't get abused very often because the prizes for doing so aren't large enough.
Key-escrow systems are less risky in terms of criminal activity than just banning full E2E encryption entirely, but I don't think I agree that 'less risky' is the same as 'safe'.
I don't think they argue against all encryption (Do they?).
Basically everything would become an encrypted group chat (Double Ratchet etc) where the 3rd party is the provider which can optionally encrypt/secure access. That would ensure the provider is the only one with a backdoor for some time until access to previous messages are lost. Similar to loosing decryption keys for GDPR compliance. Access to the keys would require a court order.
Nonetheless authoritarian governments could and would misuse this. It should at least be required to have an international court order. Still very difficult.
> big logos of community groups and charities at the bottom
Are those actually legit charities? I've never heard of them before, and at least the rightmost one ("SafeToNet - incorporating NetNanny") sounds like it's just a lobby group of some internet filter company, or an Internet filtering company itself.
If those are legit charities: Remember the names and make it known among friends what those charities are supporting.
https://www.mariecollinsfoundation.org.uk/ proudly sports the logos of Microsoft, Google and Facebook at the bottom of the page. Maybe those companies should be made aware of what they're indirectly supporting with their logo.
The part that interests me the most is when they say "we're not opposed to E2E encryption on principle, as long as we can still safeguard child protection", but then fail to actually specify how this should be done, except by opposing E2E encryption on principle. I'd love to know if there's a solution!
E2E is something that does protect children too for that matter, so the case cannot be made. Of course children might access inappropriate content, but that is an issue of parenting and you cannot make the internet safe for children without getting active and curate what they access.
The only actual number on the site also doesn't seem to be sourced properly, it just sends you to the NCMEC data page, or are they just assuming that they'll lose all of Facebook's submissions if they turn on E2E?
Given our (UK) present govts history and tragging on anti BLM/eco pretesting things onto a needed bill in the commons I'm not surprised they're taking this route.
It might even appear on the BBC before the year is out of it would save Boris' skin...
> "According to the [M&C Saatchi] presentation, the push will appear to be the result of grassroots action and children’s charities, while downplaying any government role."
The whole thing is just a pile of emotional manipulation, while compeletly ignoring the far, far greater number of legitimate uses of end to end encryption, and the actual dangers to everyday people of personal information being stolen, accessed, leaked, etc. if it's banned! Extremely dirty tactics.
1. https://news.ycombinator.com/item?id=29955893