[ethbr1]

Yes! Exactly like what you've apparently thought about and worked on for a long time. Neat!

>> To decrypt it, multiple parties need to come together and combine their keys, all the while creating an audit log of why they are accessing this or that portion.

To me, this is the technical solution that best mirrors the ideals of the pre-technical reality.

And I consider myself an encryption absolutist! But I think the powers arrayed against it are too strong (and in some areas, too morally correct) to fully resist.

Which devolves to creating a compromise, and hopefully one better than "Government has no keys, any of the time" or "Government has all keys, all the time."

[pavel_lishin]

So instead of stealing a single key, the FSB has to steal three?

[EGreg]

The client side devices / cameras / whatever would send the encrypted copies off-prem, to be decrypted in the case of proper due process and authorization. But it would require interactively querying a distributed database that is managed by agencies or networks representing civilian interests, and these agencies would rate-limit the queryinf and disclose every query, who did it and why.

We need more transparency in our governments and security agencies (including FSB, CIA). Start with transparency on why the need certain data. More here:

https://community.qbix.com/t/transparency-in-government/234/...

[ethbr1]

Yes. In addition to two of those keys being attributable to the federal government.

Which, at least in the US DoD's case, already manages the world's largest PKI system.

The key difference with the UK scheme would be (1) the tech company would retain the final decryption key & (2) any use of that decryption key would be required (technically and legally) to generate a public audit record (albeit optionally obfuscated if the court order so requires it).