| That's a bit catastrophic. First of all, I don't about you, but I am European and have been actively involved in the process of bringing encryption to all of EU citizens, as an obligation to the companies that supply communication software. I trust the people of EU, on the other hand you seem not to trust other's people capabilities, not even your own parents > "Apple does know better than the vast majority of its users. It's why I buy, and properly configure, iPhones for my senior citizen parents." https://news.ycombinator.com/item?id=25032742 I would never talk like that of my mom and dad. Anyway, back to the point: there is always a tension to find a middle ground between two different opposing interest: one is privacy and secrecy the other is safety. You probably know technology better than me, you probably know there are technical solutions to the problem that, obviously, involve having some fate that the public servants will exercise the necessary due diligence. One possible solution that popped out of my mind is to use the same functionalities chat applications use for groups (not because I agree, but because it is possible without compromising too much what we already lacked anyway - secrecy and privacy). When you have an E2E encrypted group chat every person in the chat receives the encryption keys and messages are encrypted by each sender, signed, sent to the server that than forward it to any participant in the group. Or you could do it the PGP way, each recipient has its own keys and the message is encrypted for each one of them. What we need is to add to it separation of church and state. The state is always participating in these chats, meaning that it always receives a pair of keys, but it has no access to the actual encrypted data, that is stored by the provider and inaccessible by anyone else unless authorized by the justice system. Nobody, except the key owner, jas the keys to drecrypt them anyway. It is exactly how it worked before with phone calls, companies kept records of calls and SMS, but they could only be accessed from authorized actors. Records and keys would expire after a period of time (it was 10 years for phone calls) objection 1: it means WhatsApp and the other will keep records of my communications -> they are already doing it anyway objection 2: it would take a lot of space -> they are already doing it anyway objection 3: that would give the state power over my communications -> it already has it objection 4: that means anybody could decrypt my messages -> not really, and it would be a crime, you can't prevent crimes by not doing things, in any case it would be easier to steal your phone. |