Jurisdiction seems to be slowly becoming a big factor again, as political movements gravitate towards digital sovereignty and politically motivated data administration.
It’s a case of law enforcement no doubt trying to assert their presence rather than approach through the reasonable channels like a phone call or email. It is nothing more than pure thuggery.
No doubt the real nail was this:
Australian E-Safety Commissioner which require all online services to collect a phone number or email address from users,” Linton said.
Good thing services like Mastodon exist with services all over the world which simply do not have to abide by ridiculous invasions of privacy.
Whether or not employees continue to work abroad is another question. If code is written and then reviewed by people in other countries it will make it difficult to slip a backdoor in there ie a Technical Capability Notice (TCN), which in the case of something like Session is not feasible (decentralized and E2EE).
It would seem the main reason for this is to present a legal entity in a country which actually has proper privacy laws (a lot of countries do not simply because they want to keep the big tech companies happy). No doubt if they remained legally in Australia, the government would throw it’s weight around with the Google and Apple stores to “have it removed for people because not complying with their rubbish legislation”.
4 Likes
This just got to show once again, that in many ways, your privacy on any E2EE is only as strong as the privacy laws of the country jurisdiction the company resides in.
That said, when I first heard about this, I didn’t think Sessions would need to move to Switzerland, because their messaging app aims to be anonymous and doesn’t require a phone number.
After reading the article, it became clear that Sessions was right in their decision because the Australian government just passed a new law to require apps like them to collect phone numbers.
I suspect that at some point, probably years from now, there will be a concentration of privacy companies in Switzerland, and that other countries may see that as a red flag, and may pressure Switzerland to loosen its laws.
1 Like
Seems to be a trend. Have been working with some governments Europe and they are looking increasingly to link National IDs to social media and online presence. The idea seems to be there to combat misinformation (specifically by officials spooked by AI) but if course it will be used to curb on dissent and speech. Imagine internet forums without the anonymity 
The tech is also very much there to implement stuff like this. That’s why I have been telling people to make this an issue in local, regional, national, and EU Parliament elections. Privacy will become more political than technological slowly, since the tech has become slowly more and more robust, while legislation has walked the opposite way.
2 Likes
I disagree with that, because even with this, they still gained nothing useful.
Perhaps, but then there will always be other places which don’t.
There will always have to be limits on that, as processing sensitive national IDs requires some effort and can’t simply be done by any website or service. Would you give your government ID to some random internet forum, mailing list operator or matrix server? I think not.
1 Like
FWIW I am in Australian and confirm that one can still create a Session account using the app.
Yes, Australia is OTT on limiting any semblence of privacy
The idea is to turn national id into something similar to Google sso, so you don’t actually need to trust anyone except the ID provider. Still at policy creation stage though, let’s see when they put in up for feedback.