Wednesday, 30 December 2015

Honoured, thank you.

My petition has exceeded 10,000 signatures and so should get a response from government.

Thank you all - let us see if it is a sane response.

To sign, see https://petition.parliament.uk/petitions/106369


5 comments:

  1. I wonder how the encryption ban will work on things such as mobile phones (GSM is encrypted), pay TV (satellite channels or even just "premium" package channels on Sky/Virgin even Freeview) and even credit cards (encrypted chip and PIN system).

    Those are encrypted so they've got to come under the ban, but I'm sure those providers (some of which abide by international standards) love the idea of "hackers" being able to break a single backdoor which they cannot legally close.

    Oh, and if an exception is made for broadcasts and they make it "tight" enough to exclude the TV system - what's stopping an organisation getting a broadcast licence and claiming it's for something innocent, but then have coded messages broadcast in it. And what about "number stations"?

    ReplyDelete
    Replies
    1. The term "ban on encryption" is perhaps a little confusing: it does not seek to "ban encryption", but what it does do is considered by some to have the *effect* of banning encryption,

      The issue is that a data retention notice and a maintenance of technical capability notice may each place a requirement on a provider to provide data free of any electronic protection measures. This is the case today in respect of a provider's own encryption when it comes to interception: product of an interception warrant must be supplied with it removed, so that it is understandable by the recipient. However, the existing wording relates solely to encryption added by the provider, and the proposed bill could empower the Secretary of State to issue a much broader order, including the removal of third party encryption, be that of another provider or indeed of a user (eg GPG). To do this, the provider would need some way of breaking the encryption, which may be challenging if not mathematically impossible.

      There is a question within this which is, if a provider cannot satisfy a notice - eg because it demands something which is mathematically impossible - could it mean that that provider was in breach of the notice if it continued to operate the service without providing the required capability. If the answer is "yes", then this, in particular, could be considered as leading to a "ban".

      Delete
  2. Hmmm not quite 10000 signatures from the UK - does that matter.

    Knowing how much you love data have you checked out where your votes are coming from - https://petition.parliament.uk/petitions/106369.json

    ReplyDelete
  3. Signed. But this petition could have been worded a bit better and more background and explanation given why legislating against encryption is a bad idea.

    ReplyDelete
  4. Have you seen
    http://www.theregister.co.uk/2016/01/04/dutch_government_says_no_to_backdoors/

    The dutch government seems to be an island of common sense in a sea of knee-jerk political action. They also donated half a million euro to the OpenSSL project, and have also done some work on OpenVPN, releasing their improvements back to the community.


    Misschien zal ik emigreren?

    Oh, and I tried to sign it, but it turned out I already had... I need a memory upgrade

    ReplyDelete