On of the reasons I work on metadata resistant tools like @cwtch_im is that I expect arguments like those made by the DPA to gain momentum in the coming years.
"you don't need encryption backdoors because you can undermine encryption with metadata collection and/or surveillance"
Metadata surveillance is already ubiquitous, it's already what states build capability and capacity for - they already know they don't *need* encryption backdoors.
Encryption backdoor gambits often seems like straw men intended to make metadata surveillance look good.
We need both - effective content encryption and metadata resistant systems that prevent any kind of surveillance.
And I am very much on the side of the argument that says we need to build systems that have those properties by design rather than by policy however...
...if legislation-based privacy is your thing then you need to *start* from the idea that devices & service providers should be obligated *not* to leave identifying information laying around on/in devices / billing systems / logs / flash memory etc.
You can follow @SarahJamieLewis.
Tip: mention @threader on a Twitter thread with the keyword “compile” to get a link to it.