The US tech companies want substantial changes to the proposed law. They are rejecting demands for weaker encryption to allow security services access to their services,
want assurances that the British authorities will not force them to hand over data held in other countries
and urge the government not to introduce a legal duty on companies that could require them to hack the accounts of their own customers.
the US tech companies say they are concerned the law will set a dangerous international precedent as “we anticipate that other countries will emulate what the UK does here”.
The bill would give the police and security services access to the records of every UK citizen’s internet use without the need for judicial authorisation. However, should agencies want the content of communications, they will need the authority of the home secretary and a new panel of judicial commissioners.
Many Silicon Valley companies offer communications services using “end-to-end encryption” that makes it hard for third parties to intercept information being transmitted. Security services want the ability to intercept messages sent through these systems using “back doors” that only the authorities can access, rather than attempt the difficult process of decrypting the messages.
But in their written evidence the US companies said: “We reject any proposals that would require companies to deliberately weaken the security of their products via backdoors, forced decryption or any other means.”
The five groups also want assurances over “extraterritoriality” — such as demands that companies must hand over information held in data centres housed in other nations, which could force a company to contravene another country’s data-protection laws.
Posted from Diigo. The rest of my favorite links are here.