What aspects of computing tech should we further criminalise?

What tech should we criminalise more? NOTE: A negative vote is a vote for less regulation


  • Total voters
    19
Can we agree that there is only a semantic difference between "It is a criminal offence to use end to end encryption without a government backdoor and we will lock you up if you break the law" and "End to end encryption is regulated such that it must always have a government backdoor and we will lock you up if you if you breach of the regulations"?

If we apply this to booze law in the UK it becomes "It is a criminal offence to buy alcohol under 18/distil your own and we will lock you up if you break the law" and "Alcohol is regulated such that you have to be over 18 to buy alcohol/need a distillation licence and we will lock you up if you if you breach of the regulations". It is a bit more of a stretch, but not more.

Apply that to the sorts of regulations that are being suggested and it seems to me that both descriptions would be close enough to that that there is a mostly semantic difference between them.
I don't think we can agree. I think you are being ridiculous and you presumably think I'm being pedantic.
 
I don't think we can agree. I think you are being ridiculous and you presumably think I'm being pedantic.
The big point is that if you can describe the same thing as either criminalisation or regulation then it serves the interest of those who want the law. At the point when the individual citizen wants to do a particular thing they either can or they cannot, it matters not how the rule is described.

If you could define an objective test that one could apply to decide if any particular legal regime is properly described as criminalisation or regulation that would probably either demonstrate the point I am trying to make better than I can or make me agree.

Equally, if you could describe how the use of these tools could be legally restricted such that it would be more accurately described as regulation than criminalisation that could help.

If I have a go with perhaps the most "regulationy" type of the laws, the General Data Protection Regulation (GDPR). I think we can agree that it can very well be described as a [somewhat weak] regulation on data processing. In the real world one of the biggest effects it has had is reduce the number of cold calls. The reason it has done that is because if you do cold calling in the UK there is a non-zero chance that the police will come around and the legal system will punish you. That is in no practical way different to if processing data was criminalised, as long as the punishment was the same.

BTW, I think I am being pedantic and you are missing my point.
 
The big point is that if you can describe the same thing as either criminalisation or regulation then it serves the interest of those who want the law. At the point when the individual citizen wants to do a particular thing they either can or they cannot, it matters not how the rule is described.

If you could define an objective test that one could apply to decide if any particular legal regime is properly described as criminalisation or regulation that would probably either demonstrate the point I am trying to make better than I can or make me agree.

Equally, if you could describe how the use of these tools could be legally restricted such that it would be more accurately described as regulation than criminalisation that could help.

If I have a go with perhaps the most "regulationy" type of the laws, the General Data Protection Regulation (GDPR). I think we can agree that it can very well be described as a [somewhat weak] regulation on data processing. In the real world one of the biggest effects it has had is reduce the number of cold calls. The reason it has done that is because if you do cold calling in the UK there is a non-zero chance that the police will come around and the legal system will punish you. That is in no practical way different to if processing data was criminalised, as long as the punishment was the same.

BTW, I think I am being pedantic and you are missing my point.
I would accept that regulation can in some cases be an effective ban or criminalisation of an activity, but I would not accept that the 2 are the same.
Many things are regulated with out being banned.
 
Can we agree that there is only a semantic difference between "It is a criminal offence to use end to end encryption without a government backdoor and we will lock you up if you break the law" and "End to end encryption is regulated such that it must always have a government backdoor and we will lock you up if you if you breach of the regulations"?
i think the difference is more than semantic. both are bad, but latter does make it somewhat harder for non-government to breach and cause problems without access to backdoor themselves. the determined and capable will do it anyway, but there is a difference between being compromised using encryption with govt backdoor vs just using none, and i'm not sure it's trivial.
 
I would accept that regulation can in some cases be an effective ban or criminalisation of an activity, but I would not accept that the 2 are the same.
Many things are regulated with out being banned.
Would you agree that any regulation inherently involves banning some activity? Even if that is "doing X before you fill in a form".
 
No, limiting is not the same as banning.
I am only carrying on because I want to understand where our failure of understanding is. To go back to your example of alcohol, I think all these statements are true/reasonable to say:

Alcohol purchase is banned/criminalised in Iran
Alcohol purchase is regulated/limited in the UK

Alcohol purchase by under 18s is banned/criminalised in the UK
Alcohol purchase by under 18s is a subset of Alcohol purchase

Some alcohol purchase is banned/criminalised in the UK

You can replace "alcohol purchase" with "use of encryption", "processing of PII", "building death robots" and "by under 18s" with "without a backdoor", "without legitimate interests" and "with autonomous decision making" and the logic applies.
 
I am only carrying on because I want to understand where our failure of understanding is. To go back to your example of alcohol, I think all these statements are true/reasonable to say:

Alcohol purchase is banned/criminalised in Iran
Alcohol purchase is regulated/limited in the UK

Alcohol purchase by under 18s is banned/criminalised in the UK
Alcohol purchase by under 18s is a subset of Alcohol purchase

Some alcohol purchase is banned/criminalised in the UK

You can replace "alcohol purchase" with "use of encryption", "processing of PII", "building death robots" and "by under 18s" with "without a backdoor", "without legitimate interests" and "with autonomous decision making" and the logic applies.
Our differewnce goes back to your saying you can't see there is much of a line between criminalising and regulating.
I am saying there is a clear difference.
If you criminalise something you prohibit it to everyone. If you regulate it you might prohibit it to some people or at certain times or set limits on its purchase etc.
 
Our differewnce goes back to your saying you can't see there is much of a line between criminalising and regulating.
I am saying there is a clear difference.
If you criminalise something you prohibit it to everyone. If you regulate it you might prohibit it to some people or at certain times or set limits on its purchase etc.
I am totally convinced this is a semantic question. Back to your booze example, if the "something" is defined very specifically, say me, right now, buying this particular drink from this particular shop then that something could be regulated and not criminalised, assuming I am over 18. If the "something" is defined exactly the same but assuming I am under 18 then it is both regulated and criminalised. As soon as the "something" encompases both "somethings" then it both regulates and criminalises. Any real world legislation that the government could pass regarding IT tech will necessarily both regulate and criminalise if it is to have any effect.

I can also add the political side of my insistence. There is no regulation of encryption that will stop people encrypting kiddie porn that does not involve punishment for people who use PGP. This law will be "regulations of encryption". There is no way that if it stops kiddie porn being encrypted it will not criminalise my current legal use of PGP.
 
Last edited:
I am totally convinced this is a semantic question. Back to your booze example, if the "something" is defined very specifically, say me, right now, buying this particular drink from this particular shop then that something could be regulated and not criminalised, assuming I am over 18. If the "something" is defined exactly the same but assuming I am under 18 then it is both regulated and criminalised. As soon as the "something" encompases both "somethings" then it both regulates and criminalises. Any real world legislation that the government could pass regarding IT tech will necessarily both regulate and criminalise if it is to have any effect.

I can also add the political side of my insistence. There is no regulation of encryption that will stop people encrypting kiddie porn that does not involve punishment for people who use PGP. This law will be "regulations of encryption". There is no way that if it stops kiddie porn being encrypted it will not criminalise my current legal use of PGP.
I don't agree. There is a big difference between banning something and limiting something.

As I understand it proposals on encryption are aimed at requiring technology companies to provide a "backdoor" that law enforcement/intelligence agencies can use/abuse. Arguably a bad thing but it wouldn't criminalise your using encryption for legal purposes.
 
I don't agree. There is a big difference between banning something and limiting something.
If you are limiting something, then those bits that are beyond the limit are banned. That is all I am saying.
As I understand it proposals on encryption are aimed at requiring technology companies to provide a "backdoor" that law enforcement/intelligence agencies can use/abuse. Arguably a bad thing but it wouldn't criminalise your using encryption for legal purposes.
That is only true as long as I am not providing that to someone else. The current proposals would be a ban on companies providing secure communication to individuals and is likely to cause many companies to exit the UK market. That is quite precisely described as a ban on the current services.

Also it will not do anything to help the stated problem of kiddie porn. To do that they need to restrict individuals using encryption.
 
Last edited:
If you are limiting something, then those bits that are beyond the limit are banned. That is all I am saying.

Its not what you originally said.
That is only true as long as I am not providing that to someone else. The current proposals would be a ban on companies providing secure communication to individuals and is likely to cause many companies to exit the UK market. That is quite precisely described as a ban on the current services.

Also it will not do anything to help the stated problem of kiddie porn. To do that they need to restrict individuals using encryption.

The trouble is the individuals sending kiddie porn or whatever via encrypted communications do not advertise that they are doing so.
We do have a problem with porn, kiddie and otherwise.
I worked in C&E Prosecutions in the 90s and most of the porn we were prosecuting people for importing then was mild compared to what is easily available on the web.
I hate to imagine what the stuff people find necessary to encrypt is like. We shouldn't consider the issue of encryption as if it was somehow separate from the uses being made of it.
 
Its not what you originally said.
I originally said:
I am not sure there is much of a line between criminalisation and regulation. In each case you are saying do what we say or get punished.
What I meant is that you draw a line through all laws such that one side is criminalisation and not regulation and the other side regulation and not criminalisation. Any law that regulates something, such that to break the regulations incurs punishment, must by its very nature criminalise something.

Perhaps it would be clearer if I use a law I support. I said this earlier:
If I have a go with perhaps the most "regulationy" type of the laws, the General Data Protection Regulation (GDPR). I think we can agree that it can very well be described as a [somewhat weak] regulation on data processing. In the real world one of the biggest effects it has had is reduce the number of cold calls. The reason it has done that is because if you do cold calling in the UK there is a non-zero chance that the police will come around and the legal system will punish you. That is in no practical way different to if processing data was criminalised, as long as the punishment was the same.
Do you see what I mean by the GDPR being an inherently regulatory law, that criminalises (quite rightly) some activities? If it did not criminalise those activities it would not be an effective regulatory law.
The trouble is the individuals sending kiddie porn or whatever via encrypted communications do not advertise that they are doing so.
We do have a problem with porn, kiddie and otherwise.
I worked in C&E Prosecutions in the 90s and most of the porn we were prosecuting people for importing then was mild compared to what is easily available on the web.
I hate to imagine what the stuff people find necessary to encrypt is like. We shouldn't consider the issue of encryption as if it was somehow separate from the uses being made of it.
I am well aware of this. Making a law such that offering the current service that signal and whatsapp offer will incur punishment will do nothing to impact either the issue of illegal kiddie porn or legal but harmful porn.

Most things that people want to encrypt are not to do with porn.
 
Last edited:
I originally said:

What I meant is that you draw a line through all laws such that one side is criminalisation and not regulation and the other side regulation and not criminalisation. Any law that regulates something, such that to break the regulations incurs punishment, must by its very nature criminalise something.

Perhaps it would be clearer if I use a law I support. I said this earlier:

Do you see what I mean by the GDPR being an inherently regulatory law, that criminalises (quite rightly) some activities? If it did not criminalise those activities it would not be an effective regulatory law.
[/QUOTE]

I see what you mean. What you originally said meant something quite different IMO.

I am well aware of this. Making a law such that offering the current service that signal and whatsapp offer will incur punishment will do nothing to impact either the issue of illegal kiddie porn or legal but harmful porn.

Most things that people want to encrypt are not to do with porn.

Most phone calls and snail mail is not to do with porn or other criminal activities but its long been accepted that within limits (frequently abused) the police and intelligence agency had access to them. Relatively new technologies that are replacing them aren't covered by existing regulation and do need regulation. I'm not saying currently proposed regulation is ideal, I'm no expert on the issue, but some regulation is clearly required.
 
None of those should be illegal

I like encryption, why should I allow tech companies to read all my texts?
 
Most phone calls and snail mail is not to do with porn or other criminal activities but its long been accepted that within limits (frequently abused) the police and intelligence agency had access to them. Relatively new technologies that are replacing them aren't covered by existing regulation and do need regulation. I'm not saying currently proposed regulation is ideal, I'm no expert on the issue, but some regulation is clearly required.
This is not true at all. Not only do they still have all the powers they had over phone calls and snail mail, they have a massive advantage over those days with the Regulation of Investigatory Powers Act 2000/Part III which allows imprisonment for up to five years for not revealing a key that the police BELIEVE you have. They do not need to prove you have it, and after the five years they can always ask again and lock you up for another five years.

This is all about letting them look at the data without either a warrant or your knowledge. And I will repeat, it does nothing to advance the stated aims.

Exactly what problems clearly need a solution, and what laws we could introduce to solve them is the point of this thread. I agree that the problem of unfettered data processing and autonomous weapons are significant and deserve a lot of attention. The current government suggestions about encryption seem to be much more effective at clamping down on a popular movement such as environmentalism than harmful pornography, and no one has even tried to make a cohesive argument to the contrary. They are very likely to damage the UK economy. I see nothing to support about them.
 
This is not true at all. Not only do they still have all the powers they had over phone calls and snail mail, they have a massive advantage over those days with the Regulation of Investigatory Powers Act 2000/Part III which allows imprisonment for up to five years for not revealing a key that the police BELIEVE you have. They do not need to prove you have it, and after the five years they can always ask again and lock you up for another five years.

This is all about letting them look at the data without either a warrant or your knowledge. And I will repeat, it does nothing to advance the stated aims.

Exactly what problems clearly need a solution, and what laws we could introduce to solve them is the point of this thread. I agree that the problem of unfettered data processing and autonomous weapons are significant and deserve a lot of attention. The current government suggestions about encryption seem to be much more effective at clamping down on a popular movement such as environmentalism than harmful pornography, and no one has even tried to make a cohesive argument to the contrary. They are very likely to damage the UK economy. I see nothing to support about them.
Given that there is a problem what alternatives are you proposing?
 
And here I thought that this thread was about discussing problematic aspects of computing tech. Instead it's nitpicking and bickering about the nuance between "banned" and "regulated".
 
Top Bottom