I’m going to give you the benefit of the doubt, I’m assuming you don’t know that likening anyone who doesn’t want to have all of their personal information viewed to terrorists and paedophiles is the classic “what do you have to hide?” authoritarian argument to spy on everyone all the time.
There have already been plenty of cases of data collected without a warrant just because they could.
Do you still want that data to be collected and used to prosecute you if whichever political party you don’t like get in and make something you like doing illegal?
It is impossible to make a backdoor that only goodies can use. The actual terrorists and paedophiles will use a non-backdoored system, meanwhile every criminal organisation and rival nation state will eventually find out how to use the backdoor and get everyone’s information.
I’m not comparing privacy fans to paedophiles and terrorists, that’s not what I mean. What I mean is that I want serious criminals to be caught.
I think properly private technology is good to protect yourself from an authoritarian government for example. You could use something like Signal for messaging (I’ve not used it, but apparently it’s good).
But the big popular platforms like WhatsApp and iMessage, which many laypeople use just because they’re popular - on those platforms I think it makes sense for law enforcement to be able to access messages, but only in certain circumstances. So maybe Apple could keep the encryption key and they could decrypt someone’s messages if a court warrant is issued.
I’m not saying end-to-end encryption should be entirely outlawed. Hopefully services like Signal would still exist. Sure, some criminals might jump to those platforms, but you could still catch some at least, who use big services like iMessage.
I don’t want end-to-end encryption entirely outlawed. But for the biggest platforms from massive corporations, maybe those corporations could keep their encryption keys stored with high security somewhere, so they can decrypt particular messages if a court warrant is issued.
People who are uneasy about that could go to a more privacy-focused platform like Signal. Some criminals would do that too, but at least something would be done to catch criminals on the popular platforms.
Fair points. Also I guess practically big companies like Apple would never allow a situation where their encryption is compromised while encryption on smaller platforms like Signal isn’t. Apple etc would spend billions lobbying so such a situation never happens.
I would probably argue that China is a little different to the UK, given that China is a one-party state.
Yeah maybe the UK government shouldn’t be able to spy on Apple messages sent anywhere in the world. But maybe UK agencies like GCHQ should be able to get the messages of specific individuals who threaten the UK, with a court warrant, like how law enforcement has been able to bug the phones of criminals with a court warrant.
I dunno. Maybe I should educate myself more on encryption and how it all works.
But spying on all of the public all of the time comes at a cost to society I would rather not pay. It quells dissent in the short and maybe mid term, but that extreme intrusion, ultimately drives otherwise moderate people into the hands of extremists
I don’t think the public should be spied on all the time. But if there is some way that illegal communications (like planning murder) could be intercepted, without spying on others, that would be good.
The terrorists win when we sacrifice liberty for temporary security (or whatever that quote was)
If that means compromising encryption, which it does, then the benefits to everyone of end-to-end encryption and the protection it affords against both government overreach/abuse and third-party intruders tend to outweigh the benefits of government surveillance through encryption backdoors.
Maybe only the biggest companies should be required to be able to decrypt certain messages if a court warrant is produced. Privacy fans could use services exempt from this requirement, like Signal. But there are laypeople who just use iMessage because it’s the default, and you could catch criminals sending bad stuff over iMessage.
I think there are valid concerns on both sides of the argument… but I am just imagining if you have a group of violent people planning an attack over iMessage, I want law enforcement to be able to read those messages.
Word would just get out that you should only use the secure services to communicate anything sensitive. We already have plenty of messaging services that are insecure, but enough people are preferring to use a secure option that it’s worrying the UK Government.
Maybe people just use what’s popular. Telegram is pretty popular in some countries even though I don’t think they have end-to-end encryption by default.
Anyway I guess I don’t know what the answer is. Personally I would probably still use iMessage and WhatsApp even if I knew the companies behind them could potentially read my messages by decrypting them. If there’s a proper system in place so that messages are only read when there’s a court warrant, it’s probably unlikely my boring messages to friends and family would be spied on by anybody.
Maybe I need to send more interesting messages and then I would care about the privacy of them a bit more.
Can’t law enforcement already read those messages by getting a warrant to seize the suspect’s phone and attempting to break into it? Why do they suddenly need to preemptively break into everyone’s phone?
I guess I think of it like bugging a phone. The technology for bugging phones has been around for a long time, but that doesn’t mean the authorities are bugging everybody’s phones all the time. Even if they can theoretically listen to everyone’s conversations, that doesn’t mean they are always listening. There would be too many conversations to listen to.
Bugging a phone involves applying the bug to one phone, right? Backdooring encryption is bugging everyone’s phone in advance and then hoping that the bug only ever gets used lawfully.
Also as computing power increases then it becomes more plausible to actually process all of everyone’s messages. Maybe they start by automatically flagging certain words, then if you’re detected using them you’re automatically flagged and a warrant issued to read everything you’ve ever said.
Maybe I should read more about encryption. I was thinking maybe a company like Apple could just keep the encryption keys stored somewhere. So if needed they could decrypt particular messages. There could be big punishments, prison time, for anybody within Apple who decrypts messages without a court warrant.
You can probably get a better explanation by reading up on encryption, but I think most security people would say that encrypted communications where you don’t hold the keys may as well not be encrypted at all. You still have to trust that someone doesn’t (accidentally or deliberately) access your data, leak your keys, or otherwise break the process that keeps everything safe.
Controversial opinion: maybe it’s a good thing to allow law enforcement to access communications when necessary (e.g. with a court warrant)
Do we want serious criminals like terrorists and paedophiles to be able to plan their crimes with impunity?
I’m going to give you the benefit of the doubt, I’m assuming you don’t know that likening anyone who doesn’t want to have all of their personal information viewed to terrorists and paedophiles is the classic “what do you have to hide?” authoritarian argument to spy on everyone all the time.
I’m not comparing privacy fans to paedophiles and terrorists, that’s not what I mean. What I mean is that I want serious criminals to be caught.
I think properly private technology is good to protect yourself from an authoritarian government for example. You could use something like Signal for messaging (I’ve not used it, but apparently it’s good).
But the big popular platforms like WhatsApp and iMessage, which many laypeople use just because they’re popular - on those platforms I think it makes sense for law enforcement to be able to access messages, but only in certain circumstances. So maybe Apple could keep the encryption key and they could decrypt someone’s messages if a court warrant is issued.
I’m not saying end-to-end encryption should be entirely outlawed. Hopefully services like Signal would still exist. Sure, some criminals might jump to those platforms, but you could still catch some at least, who use big services like iMessage.
deleted by creator
I don’t want end-to-end encryption entirely outlawed. But for the biggest platforms from massive corporations, maybe those corporations could keep their encryption keys stored with high security somewhere, so they can decrypt particular messages if a court warrant is issued.
People who are uneasy about that could go to a more privacy-focused platform like Signal. Some criminals would do that too, but at least something would be done to catch criminals on the popular platforms.
deleted by creator
Fair points. Also I guess practically big companies like Apple would never allow a situation where their encryption is compromised while encryption on smaller platforms like Signal isn’t. Apple etc would spend billions lobbying so such a situation never happens.
deleted by creator
I would probably argue that China is a little different to the UK, given that China is a one-party state.
Yeah maybe the UK government shouldn’t be able to spy on Apple messages sent anywhere in the world. But maybe UK agencies like GCHQ should be able to get the messages of specific individuals who threaten the UK, with a court warrant, like how law enforcement has been able to bug the phones of criminals with a court warrant.
I dunno. Maybe I should educate myself more on encryption and how it all works.
deleted by creator
My understanding is that the Stasi were very repressive - “using torture, intimidation and a vast network of informants to crush dissent”. I’m not aware of the UK government using torture to crush dissent.
I don’t think the public should be spied on all the time. But if there is some way that illegal communications (like planning murder) could be intercepted, without spying on others, that would be good.
There’s a quote by Benjamin Franklin which apparently is: “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety”. I always thought that quote was a bit weird though, because humans do give up some form of liberty in return for safety. E.g. we give up the freedom to murder other people without legal consequences, because in return we get some safety: protection from being murdered by others.
If that means compromising encryption, which it does, then the benefits to everyone of end-to-end encryption and the protection it affords against both government overreach/abuse and third-party intruders tend to outweigh the benefits of government surveillance through encryption backdoors.
Maybe only the biggest companies should be required to be able to decrypt certain messages if a court warrant is produced. Privacy fans could use services exempt from this requirement, like Signal. But there are laypeople who just use iMessage because it’s the default, and you could catch criminals sending bad stuff over iMessage.
I think there are valid concerns on both sides of the argument… but I am just imagining if you have a group of violent people planning an attack over iMessage, I want law enforcement to be able to read those messages.
Word would just get out that you should only use the secure services to communicate anything sensitive. We already have plenty of messaging services that are insecure, but enough people are preferring to use a secure option that it’s worrying the UK Government.
Maybe people just use what’s popular. Telegram is pretty popular in some countries even though I don’t think they have end-to-end encryption by default.
Anyway I guess I don’t know what the answer is. Personally I would probably still use iMessage and WhatsApp even if I knew the companies behind them could potentially read my messages by decrypting them. If there’s a proper system in place so that messages are only read when there’s a court warrant, it’s probably unlikely my boring messages to friends and family would be spied on by anybody.
Maybe I need to send more interesting messages and then I would care about the privacy of them a bit more.
Can’t law enforcement already read those messages by getting a warrant to seize the suspect’s phone and attempting to break into it? Why do they suddenly need to preemptively break into everyone’s phone?
I guess I think of it like bugging a phone. The technology for bugging phones has been around for a long time, but that doesn’t mean the authorities are bugging everybody’s phones all the time. Even if they can theoretically listen to everyone’s conversations, that doesn’t mean they are always listening. There would be too many conversations to listen to.
Bugging a phone involves applying the bug to one phone, right? Backdooring encryption is bugging everyone’s phone in advance and then hoping that the bug only ever gets used lawfully.
Also as computing power increases then it becomes more plausible to actually process all of everyone’s messages. Maybe they start by automatically flagging certain words, then if you’re detected using them you’re automatically flagged and a warrant issued to read everything you’ve ever said.
Maybe I should read more about encryption. I was thinking maybe a company like Apple could just keep the encryption keys stored somewhere. So if needed they could decrypt particular messages. There could be big punishments, prison time, for anybody within Apple who decrypts messages without a court warrant.
You can probably get a better explanation by reading up on encryption, but I think most security people would say that encrypted communications where you don’t hold the keys may as well not be encrypted at all. You still have to trust that someone doesn’t (accidentally or deliberately) access your data, leak your keys, or otherwise break the process that keeps everything safe.
Fair enough. I will try to read more stuff about encryption.