[blitzar]

kill; e-commerce, in store payment terminals, online banking, all https, email, biometric passports etc.

It would be a return to the pre internet era, so probably is the will of the people and on form for the UK. I kind of hope they pass it then realise what it actually means.

[denton-scratch]

> kill; e-commerce, in store payment terminals, online banking, all https, email, biometric passports etc.

Hold on! Kill all HTTPS? Biometric passports? I haven't tried to read the bill, but AFAIK there are no provisions in the bill that attack HTPPS, and given that biometric passports are not a communications technology, I don't see how they could be impacted.

I don't see how the bill impacts email at all; opportunistic SMTP encryption isn't E2E in the first place, and PGP is rarely used in email. And when it is used, it's usually to sign rather than to encrypt.

[blitzar]

"End-to-end encryption (E2EE) is a private communication system, only communicating users can participate, no adversary nor eavesdropper can interfere, not the communication system provider, telecom providers, Internet providers, nor malicious actors, only communicating users can access the cryptographic keys needed to converse"

TLS / HTTPS would be included in my definition; the purpose of which is that the two parties are the only ones that can see the traffic.

[pjc50]

It's not going to be enforced that way even if that's what the text says. Although it might get spicy if one of the megacorps decides the legal risk is real and withdraws from the UK market.

[blitzar]

If it is implemented as per the legislation, the UK would need to be disconnected from the global internet, and most activity economic or otherwise would cease overnight. I should really retract my original position, things in the UK would be very different.

Honestly, it kind of needs to happen properly, otherwise people will never learn. Allowing these half baked pieces of legislation to pass and then not implementing them except for some edge case allows the idiots who write it and promote it to claim they were right all along.

[mnw21cam]

There's a general "bad" when law are enacted and then not enforced, especially if it's a law that most people would naturally break because it's a silly law. It allows the authorities to persecute chosen individuals while not actually achieving anything that the law as written looks like it should be trying to achieve.

And this is a silly law. Everyone will break it, every time they use an encrypted communication, which is pretty-much every single thing one does on the internet these days. It's a perfect recipe for the authorities to let everyone carry on as normal, then when they want to crush someone they're certain to find some law that they have broken like this one.

We should be throwing out such laws.

[blitzar]

> then when they want to crush someone they're certain to find some law that they have broken like this one

The will get a prosecution after catching red-handed a mass murdering terrorist or a pedo with kids locked in their basement because they did an online shop which "used encryption". The authors will claim victory, without these protections we couldnt lock these people up, the Sun and the Mail readers will lap it up. 5 counts of murder and 1 count of doing an online tesco shop.

[mnw21cam]

Don't forget the victim surcharge.

Remember that Al Capone was jailed for tax evasion.

[reginaldo]

So years ago there was a corruption scandal in Brazil, where gambling is illegal. A guy named Carlinhos Cachoeira[1] found that fact a great opportunity and built a gambling empire, which involved financing corrupt politicians so that they would vote according to his interests. Among those on the payroll was a senator, Demóstenes Torres. Well, one day an audio of a conversation between Demóstenes and Carlinhos leaks. It went something like that:

  Carlinhos: so I want you do vote in favor of [law X, which toughened restrictions on the kind of gambling Carlinhos promoted]

  Demóstenes (naively): but, professor, that will make things harder for you, won't it? 

  Carlinhos: oh, don't worry, it's not going to be used against me.

[1] Loosely translated as "Charlie Waterfall" by the NYT

[pjc50]

Given what has happened previously and all the bickering about "the blob", I suspect this simply won't be implemented except for possibly a token target.

Has anyone checked if the legislation has the special clause for "prosecutions require permission from the Attorney General"? (i.e. politically motivated prosecutions only - this has been seen before)

[BLKNSLVR]

It will be enforced against undesirable market places though. Winners and losers will be selected.