981
Surveillance strategies in the UK and Israel often go global
this post was submitted on 21 Feb 2026
981 points (99.0% liked)
Privacy
46564 readers
1361 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 6 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
So literally everyone in the UK using any website that uses TLS is now a hostile actor?
Essentially everyone's a criminal which is a huge boon for the government. They can now get rid of anyone they want at any time, legally.
That's what the governments in 1984 could do as well.
That is longstanding, the US and the UK both have been writing laws broadly enough for them to take down anyone for them, or at least charge, we all just trust it won't be abused, but as we've seen with the uk and their bad faith terror designations, that trust is misplaced, and the mask is coming off society. They aren't pretending anymore, and cynically think "democracy" such as it is, is already dead in all but name, it's only the citizenry that doesn't know it yet, and or is contesting it.
TLS is not typically considered end-to-end encryption. It's transport encryption.
I don’t get it. E2ee is about encryption in transit not encryption at rest. TLS sounds exactly like e2ee
E2E is about the sender encrypting, and only the intended receiver decrypting, with nothing in the middle able to read the data.
TLS is not designed for that, as the server you connect to is not necessarily the intended receiver, yet it can see everything.
With E2E, you can send data to a server, which is not the intended receiver, and it won't be able to read it.
Your explanation assumes that scope and scale are part of the definition which it is not.
If you keep zooming in or zooming out the definition of E2E keeps changing under your statement.
If the only knowledge a system has is between a sender and a receiver (Which satisfies even your definition of "intended recipient") then TLS is E2E encrypted.
The definition of E2EE has evolved since the concept surfaced. You seem to be stuck with the original meaning.
TLS does not fit the modern definition.
Yes the technical term has evolved but did the term evolve in the legislation definition of it?
If not, then the technically correct usage doesn't matter which is a point I've made in another comment as well.
And in my previous comment, I am pointing out the logical inconsistencies. Not that I agree or disagree with the technical terminology. You seem to be conflating a logical explanation/call-out of logic holes for my opinion, which it is not
The legislation definition is the exact problem. The Investigatory Powers Act 2016 defines 'encryption' functionally — any process that renders data unintelligible without a key. That definition hasn't been updated since. So yes, the technical term has evolved, but the legal hook hasn't moved with it.
The result is that the same mathematical operation — a hash, a signature, a key exchange — sits in different legal categories depending on framing. TLS on a commercial website is fine. The same TLS on a messaging app that declines to provide a backdoor is suddenly 'obstruction.'
That's not a security policy. It's a political preference encoded as technical language. The legal definition isn't tracking the technology; it's tracking the threat model of whoever wrote the bill in 2016.
Do they strictly define end to end encryption in this bill?
If not, then yes, TLS is "end to end" as the sender encrypts the message, and the receiver decrypts it. Each "end" to each "end" is encrypted, satisfying the semantics of the term.