If a country like the UK decided to ban end-to-end encryption, how would they even enforce it? I understand that they could demand big companies like Apple stop providing such services to their customers and withdraw certain apps from the UK App Store. But what’s stopping someone from simply going online and downloading an app like Session? I mean, piracy is banned too, yet you can still download a torrent client and start pirating. What would a ban like this actually prohibit in the end?
Rules and enforcement are different.
If you make the behavior illegal, you can use that behavior to prosecute people you don’t like. Even if you can’t really control every instance of that behavior. Like speeding laws
If encryption is illegal, then every company operating legally in your country will not offer encryption. Making it very unavailable to the majority of people. That’s 80% of your problem right there. The other 20% will persist, but if they become a problem you can target them with the above law about using illegal math.
It’s not about perfection, it’s about layered defense to weaken your enemies. And when you see the people in your country as the enemies of the government, then you’re going to see a lot of threats.
So this would yet again only affect the people who are not the problem while the people they intend to target with said ban would remain more or less unaffected.
Maybe not entirely, governments probably aren’t thrilled that something that was once an obstacle to authorities when dealing with a small group of dedicated individuals now extends to huge portions of the population for any and every investigation where their communications might have helped authorities build their case so you can see why they might try and remove that obstacle for themselves.
They absolutely intend to Target the people who will be affected. The stated use case is an excuse, but once a government gets a capability it never gives it up.
Partly correct.
It’s true that anyone with nefarious intent would still be able to encrypt things.
However, it means law enforcement doesn’t need to bother decrypting things to make arrests.
People here are generally going to be distrustful towards the government, and for good reason, this feels like gross overreach imho, but at the same time, I think it’s a little naiive to view all potential terrorists as tech savvy enough to know to use the right open source encryption package. I’m sure this would help them catch some percentage more of attackers.
Again, to be clear, I don’t think that’s remotely worth the damage that unencrypted messaging can do, but there’s enough examples of incompetence and bad opsec amongst criminals to think that someone would just continue to use whatever is most convenient or what their friend told them is good.
Like the TSA?