back to article Element users are asking for protection against government encryption busting

Element, one of the companies behind decentralized comms platform Matrix, says customers are asking it to insert a protective clause from the encryption-busting element of UK government's Online Safety Bill (OSB). Customers include the US Department of Defense. The Houses of Parliament passed the OSB last month, paving the …

  1. SVD_NL Bronze badge

    Ah, sweet hypocrisy

    If we as civilians have nothing to worry about, neither should government entities right? And think of the children! What if they are using those secure channels to distribute CSAM? We want to catch the bad apples! And the legitimate messages cannot be exposed anyway, so no national security issues! Requests will always be "proportionate and necessary"!

    1. Michael Wojcik Silver badge

      Re: Ah, sweet hypocrisy

      It's not hypocrisy unless the people asking for no-OSB clauses promoted the OSB.

      1. Snowy Silver badge
        Holmes

        Re: Ah, sweet hypocrisy

        They did not speak up when this was first raised so yes it is hypocrisy!

      2. Jimmy2Cows Silver badge

        Re: Ah, sweet hypocrisy

        It's hypocisy when one branch of the goverment is pushing the encyrption-busting OSB clauses in the face of overwhelming opposition and the fact that it's utterly impossible to do it the way they want it, while another branch of that same government uses the very tools that will be subject to those encyrption-busting OSB clauses, and will no doubt demand to be granted an exemption.

        Gross hypocrisy, at that. Also: gross supidity, gross incompetence.

    2. Alan Brown Silver badge

      Re: Ah, sweet hypocrisy

      "And think of the children!"

      At least one popular entertainer and (allegedly) multiple Tory government ministers did

      1. BebopWeBop
        Mushroom

        Re: Ah, sweet hypocrisy

        Apparently he, and other politicians really did *think* of the children.

  2. Primus Secundus Tertius

    Contracts must comply with laws

    It is nonsense to suggest that a contractual clause will override a statutory right by government to insist on seeing the decrypt. But the point at issue is how the government can demand the key that was used for a standard encryption algorithm. If the key is provided by the comms company, the government can demand that they provide it, or drive them out of business if they do not. If the key is provided by the customer, it depends. The government cannot compel another state, or the United Nations, to cough up the key.

    1. Anonymous Coward
      Anonymous Coward

      Re: Contracts must comply with laws

      If the customer does not have a presence in the UK, the contract overrides UK law. In other words, if it's a US company that has no direct presence in the UK, US courts will definitely insist that UK Law is irrelevant.

    2. John Robson Silver badge

      Re: Contracts must comply with laws

      It is likely to allow them to "have to renegotiate" in the event that Cruella WimpyPrat ever gets anywhere near #10

      1. NewModelArmy

        Re: Contracts must comply with laws

        We only have to wait until tomorrow (25th October 2023) to find out if letters have been sent into the 1922 committee to get rid of Sunak.

        It will be fun to see if Cruella or another fascist type tries to get in as PM before the next election.

    3. DevOpsTimothyC

      Re: Contracts must comply with laws

      If I read correctly the OSB requires tools to be used IF they have been developed. Couldn't the contractual clause be as simple as 'never develop tools that would allow messages to be decrypted by anyone except the sender and intended recipient?"

    4. Snowy Silver badge
      Mushroom

      Re: Contracts must comply with laws

      If contract law overrode the law then any one doing anything illegal with others would just have them sign a contact saying they would not co-operate/working with law enforcement and then the law would not be able to go after them!!

  3. Anonymous Coward
    Anonymous Coward

    If the UK government wants to torpedo all high tech in the UK

    This bill will do it. It will also mean there will be zero attorney-client privilege in the UK.

    1. Mike 137 Silver badge

      Re: If the UK government wants to torpedo all high tech in the UK

      "there will be zero attorney-client privilege in the UK"

      Just like there's already no patient-doctor privilege in the UK - it all goes to a central NHS databank. Next they'll come for the confessional.

      1. BebopWeBop
        Facepalm

        Re: If the UK government wants to torpedo all high tech in the UK

        It does in England - different counties you know.

    2. Anonymous Coward
      Anonymous Coward

      Re: If the UK government wants to torpedo all high tech in the UK

      That's already the case effectively. See:

      https://www.craigmurray.org.uk/archives/2023/10/incredibly-i-face-investigation-for-terrorism-defence-funds-appeal/

      1. Anonymous Coward
        Anonymous Coward

        Re: If the UK government wants to torpedo all high tech in the UK

        Murray is an arse to put it mildly

        1. Anonymous Coward
          Anonymous Coward

          Re: Murray is an arse to put it mildly

          so he deserves everything, legal, semi-legal.... Hell, why stop there, he's na arse, so...

        2. BebopWeBop

          Re: If the UK government wants to torpedo all high tech in the UK

          He appears to be - but that does not mean he has not rights.

  4. Graham Cobb Silver badge

    Open Source?

    I thought Element was open source? I realise that commercial customers will want to use a supported product but do Element make it possible to verify that the product you are using was built from the same source that is published?

  5. Anonymous Coward
    Anonymous Coward

    https://www.channel4.com/news/online-safety-bill-debate-could-it-lead-to-unprecedented-paradigm-shifting-surveillance

    1. Snowy Silver badge
      Trollface

      Not sure it is a shift "they" have always wanted to spy on the little people. By little people I mean anyone that is not them or their friends (and I'm not sure they do not want to spy on them too)

  6. StrangerHereMyself Silver badge

    Activate

    I don't think the clause will ever be activated because it will mean communications service providers will leave the UK behind.

    But it is an unacceptable time bomb for users of paid encrypted communications services so I can understand they want assurances or at least notification when it's being activated.

    1. Alan Brown Silver badge

      Re: Activate

      RIPA already makes it a criminal offence for them to hint that it's happening

      I forsee a bunch of canary traps being set (if not set already)

      1. StrangerHereMyself Silver badge

        Re: Activate

        I doubt it will be seen as a violation of RIPA if they suddenly decide to leave the UK. And I doubt the US will allow its Big Tech executives to be extradited to the UK over this.

  7. Anonymous Coward
    Anonymous Coward

    may, when "proportionate and necessary," ask to see encrypted messages.

    Relax

    I'll need some information first

    Just the basic facts

    Can you show me where it hurts?

    ...

    Okay, just a little pinprick

    There'll be no more, ah

    But you may feel a little sick

  8. Ashto5

    George Orwell 1984

    It was a story of how things COULD go bad

    UK / USA / EU

    It was not meant to be a guide book on how to do it

    Surveillance capitalism

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like