Comment by ranguna
13 hours ago
They could make all e2ee chats, group chats. Where instead of a 1-1 chat between two people or many-many chat between a lot of people, they do 1-1+1 or many-many+1, where the +1 is the government. Technically the underlaying company or anyone else still won't have access to messages and e2ee won't be "broken", except for the fact that there's one more party in the key exchange.
Or they scan at the edge on the user's device.
Either way, both are very prone to false positives and and very much privacy invading.
I'd be willing to accept this:
Scan on end user's devices, but never transmit the result of that. Only report it ON the device itself to the user. A false positive when you send a pic of your naked kid to your spouse might show a warning icon asking you if you are sure you want to send it.
Also: for minors (Who is a minor not determined by some central age verification, but by me specifying in the Apple/Android family settings who my kids are) you could make sending certain things it blocking or subject to parent approval. E.g. if my daughter is tricked into sending nudes, it's something that's handled the same as if she wants to install an app or visit a specific web page.
No encryption is ever backdoored. Anything beyond this, e.g. reporting any user actions, would be allowed only through a court, just like any wiretapping always was.
Good thinking. Didn't think of that approach. Gonna start sending huge walls of text to DOS them then if this thing lands
> Or they scan at the edge on the user's device.
So then the user can "just" install their own client.