So Britain went ahead with their Online Safety Bill… I’m not entirely sure they understand how the internet works. It’s not national, it’s one giant set covering the world. You’ll easily wind up with Facebook being required by Indian law to take down a post while British law states that it can’t be taken down. So Meta would have to choose which law to break.
The most contentious part of the bill is that requirement to install government-sponsored scanning software on devices to get around end-to-end-encryption. If we assume for the time being that every phone in the UK has such scanning software, communication with anyone in the UK will have three parties, the interlocutors and the British government.
I’m not sure how to make all UK phones carry scanning software either. If a frenchman enters the UK, will scanning software be installed on his phone then? Normally people have control over what is installed on their phones so that seems unrealistic. This extends to British people as well. Is Google required to force government scanning software onto anyone running Android and connecting to a British telecommunications tower? Similarly Apple with iPhones? That seems like it leaves them open to law suits in other jurisdictions as they have installed software on someone else’s phone.
By and large I don’t think tech giants will impair their product to accomodate one country of 75 million people. It will be interesting to see what Britain does in response. Blocking Google, Facebook and so on seems like a reasonable response but that will cause their islands to catch fire very soon(metaphorically speaking).
Then there’s the PR issue. The bill might have done better before Snowden but I don’t think people are very inclined to trust governments generally. Giving people end-to-end-encryption means not even the service provider can access the contents, let alone the governments. People are not keen on what amounts to government-sponsored spyware forcibly installed to get around end-to-end-encryption.
It should be noted of course that end-to-end-encryption doesn’t require Signal or WhatsApp. It can be arranged easily with gpg. Using a Yubikey is very secure but gpg with something like Qubes OS is pretty darn good as well.
The EU’s DSA is less intrusive thus far. It represents the entire block of 600-something million people and based on the GDPR there is likely to be wide adoption there. I’m no fan of the “right to be forgotten”(Google shouldn’t be required to eliminate search results if the original content is still there, it’s a half-measure to force them to hide it in search results) but tech giants have chosen to comply.