What you can do: https://www.patrick-breyer.de/en/posts/messaging-and-chat-control/#WhatYouCanDo
Contact your MEP: https://www.europarl.europa.eu/meps/en/home
Edit: Article linked is from 2002 (overview of why this legislation is bad), but it is coming up for a vote on the 19th see https://www.patrick-breyer.de/en/council-to-greenlight-chat-control-take-action-now/
My point being, what are they going to achieve with this? Ask WhatsApp to pass over their encryption keys?
It should be pretty obvious that you shouldn’t be sharing sensitive stuff on chat apps controlled by the NSA. Use element with encryption or something, maybe Briar etc. What are they going to do if you insist on using apps which use asymmetric client-side encryption, break TOR? Force you to use symmetric encryption and give the government your decryption keys?
I don’t see how they are going to spy on sensitive details of Europeans with this. They might as well ban phones completely if they want to limit communication.
These laws are being passed by politicians who generally don’t understand technology. What they will achieve is a reduction in privacy and liberty for every citizen in the EU and easier methods to clamp down on dissent. Just because it’s not technically perfect or difficult to implement fully doesn’t mean it’s not a threat. It’s one step closer totalitarianism, and what’s stopping totalitarianism is everyday people, one step at a time, battling it back.
A more cynical take is that they understand very well, but are being compensated by big tech for looking the other way.
Good people often can’t comprehend how evil people work, and they say “everyone makes mistakes”, or “they don’t understand fully”. Because we want to think that everyone is mostly good.
It’s not like that. :/
Well I get that they are stupid, but unless it’s their fetish to catch 14 year olds trying to spread rubbish propaganda, I doubt they’re going to get much. Any reporter, activist and consumer knows that anything they put on these apps goes straight to the NSA’s and MI6’s AI algorithms at the very least, and now they’re going to go to the rest of Europe.
Yes, we should be protesting against this. Does Europe have an equivalents of the EFF to fight for such rights?
I have to strongly disagree, you overestimate what people know/can/want to do. Some, sure, but not the majority. They either stay ignorant or are too lazy. Just look at add blocker usage. I can not even imagine to live without them, but here we are, I am the tiny minority! Most either do not care or are too stupid or somehow happen to not know about them.
It’s literally in the article: They want to use client-side scanning. The client already has the data decrypted. This is much like what Apple wanted to introduce with CSAM scanning a while back. It’s a backdoor in each client and it’s a matter of time until it will be abused by malicious entities.
Yea, it is clear if there is just one closed-source app. But if we’re talking XMPP/Matrix - they have multiple open-source clients, even if some of them does introduce scanning, no way it wouldn’t be forked to remove it.
If a messaging service is non-compliant, the government could theoretically take action with court orders against domain owners, server owners or pursue anyone hosting a node in case of a distributed setup. In a worse case scenario, they might instruct ISPs via court orders to block these services (e.g. The Pirate Bay in some countries)
You are 100% right.
They can’t ban encryption, yet they can make it difficult. If all noobs don’t use encryption, only the pros are left. That means they only have to spy on 10 instead of 100 people. Those that don’t use encryption aren’t interesting.
The problem is that they can’t spy on the 10 and hence they spy on the 90 and wait for the 1 guy making a mistake and becoming one of the 90.
Prism has broken AES-256???
It is more likely that Prism can use android exploits to read data before it is encrypted by the client
Tomorrow liberty probably dies :(
If this is what’s scaring you about the death of liberty, then boy do I have a dumptruck full of passed acts and legislation that dwarfs this in comparison. Liberty died a long time ago.
I bet I’m at least as much of a leftist as you are, but taxes don’t pay for public infrastructure. In fact taxes don’t pay for anything. In the EU, taxes are paid in Euros, the same currency that the European Central Bank can create at will. Why would the European states need to collect taxes denominated in the currency the EU creates? They don’t.
Taxes have many purposes. Most importantly they define the area where a given currency is used (if you tax in a given currency, you force the people to earn it to be able to pay for it). But they also serve to disincentivize certain behaviours (tax on alcohol or tobacco), to remove money from the economy to prevent macroeconomic imbalances (if the state creates too much money without removing enough through taxes, there might be some problems), or simply to reduce inequality by charging more taxes to wealthier people or companies.
This is an important point, because it shifts the framing of taxes from a made up “we all need to contribute” mindset, to a more realistic “ok where do we want to remove money and by how much, what do we want to disincentivize, and how can we reduce inequality”. And it also shows that states can pay for things without the need to collect taxes for this, for example we saw this during COVID, when sizeable amounts of money were created to give an impulse to the economy and to the people who temporarily lost their income sources.
I just did my part and wrote an email.
So first it’s client-side scanning for CSAM. Not without some nobility. But the problem is once you wedge open that door it’s technically possible to do it for other things and so you become compelled to.
It’ll move from just CSAM to stopping and tracking “propaganda” as deemed by them which will be narrow-ish at first (anything pro-Russia, RT links, etc) but gradually expand over time to anything outside the mainstream branded as extremist (and guess what, privacy advocates will definitely fall within that label). And once that’s in place the private stake-holders, copyright holders will come knocking, they’ll say rightly so “hey you have the capability right now, we demand you implement client-side scanning to detect copyright violations” and then that will be ordered by a court, further enshrined by a law and oh look now you can no longer send political thought that the ruling regime disagrees with, can no longer surf the high seas, and so on and so forth. Congratulations and please enjoy living in the “garden” of Europe.
Well. Now seems to be a good time to be ashamed to be Belgian.
Shameful politicians :(
Reading it, it looks like it doesn’t require invasive oversight as long as the chat apps and app stores have sufficient detection and such.
really, that’s what such places already should have, considering how much profit they make off of our data
It does require invasive oversight. If I send a picture of my kid to my wife, I don’t want some AI algorithm to have a brainfart and instead upload the picture to Europol for strangers to see and to put me on some list I don’t belong.
People sharing CSAM are unlikely to use apps that force these scans anyway.
The proposal only does so under specific circumstances, which makes sense. Try to read more than three words before your respond
