The client side devices / cameras / whatever would send the encrypted copies off-prem, to be decrypted in the case of proper due process and authorization. But it would require interactively querying a distributed database that is managed by agencies or networks representing civilian interests, and these agencies would rate-limit the queryinf and disclose every query, who did it and why.
We need more transparency in our governments and security agencies (including FSB, CIA). Start with transparency on why the need certain data. More here:
Yes. In addition to two of those keys being attributable to the federal government.
Which, at least in the US DoD's case, already manages the world's largest PKI system.
The key difference with the UK scheme would be (1) the tech company would retain the final decryption key & (2) any use of that decryption key would be required (technically and legally) to generate a public audit record (albeit optionally obfuscated if the court order so requires it).
We need more transparency in our governments and security agencies (including FSB, CIA). Start with transparency on why the need certain data. More here:
https://community.qbix.com/t/transparency-in-government/234/...