I'm not disagreeing with you, I'm pointing out that querying a RESTful page with any of the C, R or U parts of the CRUD process would involve transacting information, so you basically need to keep it as HTTP.
I don't disagree with you, either. But I'm pretty sure the legislative intent is to be able to thwart encryption in, say, instant messaging apps. Because terrorism, national security, etcetera. I don't agree with the means (it's futile), but being able to wiretap communications between people is the intent here as far as I can tell.
It's quite simple to implement an instant messaging app on top of CRUD, so "it's just CRUD" is not a valid counter against this type of politics.
I understand the intent, my point is that there's very few situations where you are not transmitting information if you have any connectivity whatsoever, so the law appears overly ambiguous and far-reaching. It should be more specific about its aims.
And that's why it's madness.