Comments by "" (@redtela) on "Online Safety Bill: The BIG Debate" video.
-
1
-
It wasn't a terrible definition of asymmetric public key cryptography, I'll let it slide.
There is a way for tech companies to comply, without breaching privacy laws. Take Facebook or WhatsApp as an example - using the service to send a message within a web-browser is NOT end-to-end encrypted. The user sends a plaintext message to the server, and the server then encrypts. When using the app on a mobile device, the message is typed in, encrypted and then sent. So the way to comply with the Online Safety Bill is to automate a scan for keywords (and image hash values, etc), prior to encryption.
A court would likely find that an automated scan in the interests of public safety (be that child abuse, domestic violence, terrorism, etc) does not constituent a breach of privacy.
So, why are tech companies opposed to it? Simply, it's an arms race to the bottom. Lets say that the system gets implemented to check the hash values of an image. People sending the images can just edit the image, change a few pixels, such that the change isn't visible when viewing it, but now the hash is completely different. Lets say that the system looks for keywords, so instead of "plant a bomb" I say "plant a tulip." Or I simply send a voice message instead of text, or a video instead of a picture. Those can be interpreted too, but it's much harder to get right, and again, in a voice message, I can still just say "I'm going to plant a tulip in the garden."
1