HackerNews中文版

我是英国公民，也是学术工作者。我给当地的国会议员写信，强调了苹果公司高级数据保护功能被移除所带来的问题，以及这一功能曾被安全部门推荐作为良好实践的例子，并指出端到端加密（E2EE）如何能够减轻许多历史上因大规模数据泄露而造成的网络安全风险，给社会带来了巨大的伤害。令我惊讶的是，我的国会议员同意了我的观点，并将我的信转发给了内政部，可能是因为信件内容较长且引用了许多资料。我认为《黑客新闻》的读者会对以下的回复感兴趣，遗憾的是，正如我所预料的那样，回复的内容表明他们并没有实质性地回应我所提出的观点。 ------------ 2025年3月20日丹·贾维斯 MBE 国会议员安全部长伦敦马沙姆街2号 SW1P 4DF www.gov.uk/home-office 尊敬的安妮丽丝·多兹国会议员：感谢您于2月28日代表您的选民米勒先生（注：这不是我的称谓）致信数据保护和电信国务部长，关于媒体报道的数据访问问题。您的信件已转交给内政部，我作为安全部长对此作出回复。正如您所理解的，我无法对操作安全事务发表评论，包括确认或否认任何此类通知的存在。这是历届英国政府出于国家安全原因所持的长期立场。历届英国政府在网络安全问题上也一直明确。我们需要确保能够对儿童性侵犯者和恐怖分子采取行动，同时确保保护人们的隐私。英国政府非常重视隐私，并在保护人权方面享有良好的国际声誉。我们知道数据访问是具有侵入性的，数据访问仅在特定情况下并在严格的保障措施下进行。在关于端到端加密的广泛且长期的辩论中，不同政党的政府已经得出结论，科技公司需要确保端到端加密仍然具备保护儿童免受性侵犯者侵害和保护国家免受恐怖分子威胁的保障。这一担忧在世界其他国家的政府中也得到了共鸣。认为网络安全与执法机构的数据访问相互矛盾的说法是错误的。在线平台可以在拥有强大网络安全措施的同时，确保能够检测到儿童性虐待和其他犯罪活动。我希望这封回复能让米勒先生对政府在保护隐私方面的承诺感到安心，同时也确保能够对在线严重威胁和犯罪行为采取行动。再次感谢您的来信。丹·贾维斯 MBE 国会议员安全部长

查看原文

I am a British citizen, and an academic. I wrote to my local MP, highlighting the problems associated with the removal of Apple's Advanced Data Protection, how it was previously recommended by the security services themselves as an example of good practice, and how E2EE can mitigate many cybersecurity risks that have historically caused huge amounts of harm thorough bulk data breaches.Much to my surprise, my MP agreed with me and forwarded my letter on to the home office, probably because it was lengthy and filled with citations.I thought the audience of Hacker News would be interested to read their response below, which is, unfortunately, as expected, and frankly indicates that they did not engage substantively with what I had to say. ------------ 20 March 2025 Dan Jarvis MBE MP Security Minister 2 Marsham Street London SW1P 4DF www.gov.uk/home-officeRt Hon Anneliese Dodds MPDear Anneliese,Thank you for your letter of 28 February to the Minister of State for Data Protection and Telecoms on behalf of your constituent, Mr Miller [NB: that is not my title!] about media reporting concerning access to data. Your letter was transferred to the Home Office, and I am replying as the Security Minister.As I know you will understand, I cannot comment on operational security matters, including confirming or denying the existence of any such notices. This has been the longstanding position of successive UK Governments for reasons of national security.Successive UK governments have also been clear on the issue of online safety. We need to ensure that action can be taken against child sexual abusers and terrorists at the same time as ensuring there are safeguards for people’s privacy. The UK Government takes privacy very seriously and has a strong international reputation for protecting human rights. We know data access is invasive, and access to data only happens in particular circumstances and under strict safeguards.On the wider and longstanding debate about end-to-end encryption, governments of different parties have concluded that tech companies need to make sure that end-to-end encryption still has safeguards to protect children from sexual predators, and to protect the country from terrorists. This concern is also shared by other governments around the world. The suggestion that cybersecurity and access to data by law enforcement are at odds is false.It is possible for online platforms to have strong cybersecurity measures whilst also ensuring child sexual abuse and other criminal activities can be detected.I hope that this response will reassure Mr Miller of the Government’s commitment to the protection of privacy whilst also ensuring action can be taken against serious threats and criminality online.Thank you again for your letter.Dan Jarvis MBE MP Security Minister

内政部对我关于苹果ADP移除问题的回应