Tech Companies Face Criminal Charges If They Notify Users of UK Government Spying

An anonymous reader writes: Last week, Yahoo became the latest company promising to alert users who it suspected were being targeted by state-sponsored attacks (excepting Microsoft, who made a similar announcement just today). Twitter, Facebook and Google had previously assured their users that they would be warned of any potential government spying. The UK, it seems, isn't happy about this. They are pushing through a bill that will punish the leaders of any company that warns its users about British snooping with up to two years in prison. Specifically, UK ministers want to make it a criminal offense for tech firms to warn users of requests for access to their communication data made by security organizations such as MI5, MI6 and GCHQ.

End game?

What's the end game with all this? At what point do people decide not to let this crap happen, and what steps do they take to enforce it? I honestly can't imagine a civil rebellion going anyway, even in a country like America where so many people are already armed with guns. Politicians obviously have no interest in backing down. It's like a new cold war.

Re:End game?

[Endymion]

What's the end game with all this?

China is showing us one of the possible end games. Facebook is already patenting features along those lines. Combined with omnipresent spying, this "new" type of oppression will work. It's a terrifying future.

It's like a new cold war.

Dan Geer describes our situation as a cold civil war. It would be useful if more people recognized that.

Re: End game?

[kheldan]

There is not going to be any revolution. Anywhere. Ever.

Yeah, I'm sure the leaders of all the Arab Spring countries thought exactly the same thing. It would be difficult, but not impossible, for it to happen in a 1st-world country, but the consequences for the rest of the world would be devastating.

Re: End game?

There's more than one way to revolt. I agree that the "open warfare by flag waving troops" isn't going to happen. But what's far more likely is that, more and more, people simply... stop. They stop buying things other than necessities. They stop going out in the evenings. They no longer participate in society. No marriages. No offspring.

It looks like just another economic downturn at first. But there never seems to be an upturn again. Slowly, slowly, things just get a bit worse, and a bit worse, and a bit worse. Because people stop participating.

That's when governments will really go crazy. Because there's no leader of a resistance to arrest. None of those flag-waving troops to battle. There's nothing they can do. Can you make people go to the movies? Force bowling teams to form at the point of a bayonet? Demand people volunteer at the homeless food lines?

Societies build social capital over decades and hundreds of years. They can use up all that capital just as slowly, as people simply no longer give a damn. That's when things end, not with a bang, but with a whimper.

Re: End game?

The Arab Spring was a movement wanted and supported by Western powers and, especially in Lybia, it would have gone nowhere without direct Western intervention. For a more realistic outcome to any attempt at rebellion, see Tian an Men... While you still can.

Re:End game?

[flopsquad]

Your post is thought provoking, which makes it all the more frustrating you've succumbed to one of the least useful fads in modern internet culture: the everywhere video-ization of content that really just wants to be text.

Not trying to be an ass :) I honestly wanted to follow those links and read what you were talking about and then... oh, YouTube.

Re: End game?

[fnj]

The end game is: governments get what they want, a vocal minority huffs and puffs and ultimately resigns to the inevitable, the rest of the population gets on with their lives. There is not going to be any revolution. Anywhere. Ever.

Eat shit, fuck off, and die, o cowardly anonymous statist pig. There have always been revolutions and rebellions, and there will always be revolutions and rebellions. Counting on the masses to remain opiated indefinitely is a LOSER'S policy.

The establishment has certain advantages in terms of having vast, well-supplied agents of oppression, but it also suffers the disadvantage of being highly identifiable (nowhere to hide), and possessing much infrastructure which has to be protected.

Re:End game?

[DigiShaman]

Sounds like an opportunity for an AI project; to transcribe audio from a YouTube video into text. And it if was truly smart (it's not there yet) it could could summarize.

Re:End game?

[wxxy___]

What's the end game with all this?

Imagine a boot stamping on a human face - forever

Re: End game?

[dryeo]

A lot of the driving force behind the Arab Spring was rising food prices. Hungry people will revolt, even here in the west and the powers that be know this and will keep the population well fed and entertained.

Re: End game?

[Terwin]

They no longer participate in society. No marriages. No offspring.

You think people are going to stop fucking because they are mad at politicians...? Or that people would cause their own economic downturn and willingly give up their jobs, and in turn food & shelter? Uhhh... No thanks.

Ever heard a phrase to the effect 'This is not a world I would want to bring a child into'?

Between abortions and contraceptives there is no need to stop having intercourse, just stop having babies. Without immigration, the population of 'first world' countries is already shrinking.

Also, the worse the economic climate, the more people will save their money against future problems. Not everyone, but those with discretionary income will be more inclined to save it up or put it somewhere safe as opposed to making more purchases or making riskier investments.

Have you heard the phrase 'jobless recovery' much in the last few years?

I doubt it is any sort of intentional protest, but if people do not have confidence in their leaders, they will tend to hold back.
(if you are stuck with the choice between Trump and Hillary, and the one you want least wins, will you celebrate by going out and buying a car?)

Re: End game?

[Dahamma]

Ever heard a phrase to the effect 'This is not a world I would want to bring a child into'?

Have you ever seen the TV show "16 and Pregnant"? (if not, you're lucky. It seems like it was meant to be a warning, but then horribly miscalculated teenage stupidity and turned into an aspiration).

You seem to think that the majority of the population is made up of reasonable, logical-thinking people who actually think before they act. I think you need to go watch Idiocracy, it's becoming more of a documentary than a comedy.

Re:End game?

[gweihir]

Well, the problem with a surveillance state is that it neutralizes control instances. It usually devolves into a police-state pretty fast and then more slowly into fascism. Fascism is however inherently unstable, as it kill productivity and prosperity. Usually the start wars because that is a temporarily effective means of deviating attention from how bad things are. And in the end, at some point, these regimes collapse. It can take quite a while though. If the Germans had been a bit less greedy and a bit more well-managed, they could have gotten quite a bit into the "1000 Year Reich" for example.

So, no actual end game, just greed, fear of a free population, arrogance and stupidity. The usual.

Piss off!

[khasim]

Part of the proposed legislation would require tech firms to store usersâ(TM) data for up to twelve months, including a record of every internet site visited, and allow government agencies unfettered access to the data.

I have problems with that.

While the bill is being put forward as a deterrent against terrorism, online monitoring at this level has been banned in the US, Canada, and every other European nation.

And that is the problem. This will do NOTHING to DETER a terrorist.

If you want that, then you look for specific sites that they are going to right now. Not a year ago.

Looking at records from a year ago will only result in more "why didn't you connect the dots" crap from the idiots demanding more of this.

The bill could also allow the UK government to demand that companies weaken the encryption on messaging services such as WhatsApp and iMessage to enable agencies to evesdrop on conversations, a proposal that Apple is strongly against.

If the UK government can crack it then so can the Chinese government and the Russian government.

Does the UK government really want the Chinese and Russians spying on the communications of British citizens?

Re:Piss off!

[cdrnet]

How is this any different to National Security Letters which the US uses broadly to the same effect? The UK just want the same...

What About Not Notifying Users?

Can the act of failing to communicate be construed as notifying users? For example, consider the case of TrueCrypt where the original developers announced that they would no longer be developing or maintaining TrueCrypt and "helpfully" suggested that users install Microsoft BitLocker instead? Now you're getting into layers of abstraction and how certain groups of people might interpret a communication or a lack of communication. Laws prohibiting communication are rarely effective, except perhaps in the short run and on a temporary basis, so it's hard to see how this law will be any more effective than previous failed attempts.

State-Sponsored Attacks != Government Requests

[jaa101]

The summary is confusing two separate situations:

State-sponsored attacks are when a government agency hacks or social engineers or otherwise obtains your data against your will AND against the will of your service provider. That's what Yahoo and Microsoft are talking about. They can safely and legally tell their users about these attempts because, if for no other reason, they can claim they don't know who's responsible for the hack.

Official government requests for users' data, like US National Security Letters, are where the government uses legal compulsion rather than trickery to obtain the data. Obviously governments can and do add legal requirements to not inform affected end users. In Australia the laws even forbid revealing that there has not been a request for users' data; no warrant canaries for us!

Re:I forget the name for it

[jaa101]

Warrant canaries. Governments can make them illegal too. Or, at least, they can in Australia; maybe the US's constitutional protections around freedom of speech could make it harder there, but I wouldn't bet on it.

How are these the same thing?

[wonkey_monkey]

Yahoo became the latest company promising to alert users who it suspected were being targeted by state-sponsored attacks

Google had previously assured their users that they would be warned of any potential government spying

UK ministers want to make it a criminal offense for tech firms to warn users of requests for access to their communication data

The first two situations involve the government going after the companies' users without notifying the companies

The last situation involves the government issuing a request to the company for information.

Seem like two different things to me.

Re:How are these the same thing?

[AmiMoJo]

Indeed. What is troubling though is that law enforcement should be required to ask a court for a gag order, so that there is oversight and an opportunity to challenge it. It shouldn't be the default.

MI5 want it to be the default because they hate oversight. They argue that it takes too long etc, but it's essential. I'd rather die in a terror attack than have them run amok with this power.

As always, encrypt everything.

Re:Brexit, please!

[Opportunist]

Who the fuck would want them back?

China would be so proud!

[Bamfarooni]

China would be so proud!

Re:Stop doing business in the UK

[hughbar]

Yes, please do, we can do without Modelez, Goldman Sachs (et al.), Monsanto, KFC, Coca-Cola, McDonalds, Spire Health, Dollar Financial Group (payday loans) and the NFL. Close the door on your way out, thank you.

Worrying logical consequences

[John+Allsup]

Thus, thinking from a logical perspective, it makes sense to assume, by default, that we are being spied upon, that GCHQ, MI5, Mi6, NSA, CIA etc are snooping on all our internet transmissions, that all ISPs and tech companies are in cahoots with the intelligence services, and that the reason there's 'no evidence' is because of explicit legislation banning the dissemination of such evidence. Suddenly paranoia, delusions and conspiracy theories start to become sensible, rational and logical.

Re:I forget the name for it

[Richard_at_work]

Uh, for something to be a warrant canary, it has to be generally known that its a warrant canary - thats the entire point of it, it has to be fecking obvious.

Or do you think a company can come up with something hush hush that only certain members of its secret club would know about, except that all its customers are invited to that club and initiated into the secrets? Yeah, lets see how swearing 5 million people to silence about the "not a warrant canary *wink*" turns out...

Re:Here's one of 'em

[cgmurray]

The text helps. Here is an insightful quote: The four verities of government are these: . Most important ideas are unappealing . Most appealing ideas are unimportant . Not every problem has a good solution . Every solution has side effects Although I'd say those are the four verities of not just government but *any non-trivial centralization*. Certainly applies to any IT department.