Submission + - UK gov't can demand backdoors, give prison sentences for disclosing them (arstechnica.co.uk)
An anonymous reader writes: Buried in the 300 pages of the draft Investigatory Powers Bill (aka the Snooper's Charter), published on Wednesday, is something called a "technical capability notice" (Section 189). Despite its neutral-sounding name, this gives the UK's home secretary almost unlimited power to impose "an obligation on any relevant operators"—any obligation—subject to the requirement that "the Secretary of State considers it is reasonable to do so."
There is also the proviso that "it is (and remains) practicable for those relevant operators to comply with those requirements," which probably rules out breaking end-to-end encryption, but would still allow the home secretary to demand that companies add backdoors to their software and equipment.
That's bad enough, but George Danezis, an associate professor in security and privacy engineering at University College London, points out that the Snooper's Charter is actually much, much worse. The Investigatory Powers Bill would also make it a criminal offence, punishable with up to 12 months in prison and/or a fine, for anyone involved to reveal the existence of those backdoors, in any circumstances (Section 190(8).)
There is also the proviso that "it is (and remains) practicable for those relevant operators to comply with those requirements," which probably rules out breaking end-to-end encryption, but would still allow the home secretary to demand that companies add backdoors to their software and equipment.
That's bad enough, but George Danezis, an associate professor in security and privacy engineering at University College London, points out that the Snooper's Charter is actually much, much worse. The Investigatory Powers Bill would also make it a criminal offence, punishable with up to 12 months in prison and/or a fine, for anyone involved to reveal the existence of those backdoors, in any circumstances (Section 190(8).)