Historic agreement on chat control proposal: European Parliament wants to remove chat control and safeguard secure encryption.
You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 84 users / day
- 537 users / week
- 1.5K users / month
- 6.58K users / 6 months
- 1 subscriber
- 2.3K Posts
- 53.2K Comments
- Modlog
Let’s gooooo!
I’ll pray to Allah that this doesn’t get reintroduced to fuck us in the ass a couple years later. Y’all pray to whoever else to cover our bases.
I’ll pray to u.
Google and Facebook in shambles.
this does not affect Google, Meta or any other Big Tech at all. This law was trying to break encryption or do some sort of client side scanning. And it didn’t got approved.
This does not force Google or Meta to encrypt your chats if they weren’t doing so. Or to remove their own backdoors in the encryption if they had them. It’s just a law that was not passed. So your comment does not make any sense.
PS: it’s not like Google or Meta care too much about encrypting the contents. They’ll happily take your metadata which is super valuable. This is what Meta does with WhatsApp.
Actually, isn’t this a win for big tech companies? The gvt can’t surveil us, but Whatsapp can use and sell big data.
In my opinion, the most significant achievement lies in giving justice authorities the power to make decisions regarding time-limited and targeted enforcement responses. Regardless of the technology employed, it is crucial to have independent decision-making processes that prioritize the preservation of individual liberties.
I think the headline is missleading, if I understand it correctly.
ChatControl is already possible, and implemented for major communication service providers that most of the people use. It’s just not mantadory.
The article states that they decided that they will not blanketly require it, but I don’t think it says anything about rolling back the first version of ChatControl that’s already in effect.EDIT: I was wrong, the article actually does mention it, even though on pretty vague terms:
The new law would have required breaking end-to-end encryption (E2EE) as the companies would be required to scan messages. CSAM is just the pretext they use to compromise all communication. Same as “think of the children” is used to steal other rights.
That is true, but can’t they (a company that wants to, not the goverment) do that already if they want to, under ChatControl 1.0? And I wouldn’t say that whether a service is E2EE or not makes any difference here - scanning private user messages shouldn’t be allowed, whether they are encrypted or not. IMO if ChatControl 2.0 passed and was made mantadory for everyone, the fact that it is mostly noticable on E2EE apps is only a side-effect of blanket surveilance, and not the main issue with the proposition.
What’s the point of them agreeing that they will let the 1% of users of E2EE services keep their privacy, while they already scan 90% of communication (I mean, just GMail + FB/IG + iCloud, that is already being scanned, makes for most of the worlds communication) for the past year or so?
Now I’m curious whether Facebook/Instagram, who does offer encrypted chats and also scans all your content under ChatControl 1.0 voluntarily, also scans the encrypted chats or not. I’d vager they do, but that’s just a speculation.
But they did briefly mention that they will begin “phasing out” chatcontrol 1.0. I wonder what does that means, and how long will it take.
That’s the goal of end-to-end encryption. To make it impossible to scan. With E2EE company doesn’t have the decryption key, so there is no legible content to scan.
P.S. It’s still possible to collect metadata like when or who the message was sent, which is why services like WhatsApp which have E2EE are not recommended, but the content is safe.
Isn’t it though? We moved past the non encryption communication being safe a long time ago. And just because they will phase the old law, it doesn’t remove the ability of companies to still scan the messages or cops to request that data from those companies. Those companies still have access to the server and your encryption key where your messages are stored. E2EE on the other hand makes it technically impossible even if they want to do that or court orders them to do that.
Facebook says they plan to roll out full E2EE by 2024.
Quick politics primer. The EU Parliament is not all-powerful. It cannot even propose legislation (yet). The EU is still mostly a confederation so it’s the governments that hold the reins. But the EP has to say yes for anything to pass. And since it is essentially a consultative body, the EP also tends to contain at least a handful of earnest idealists and specialists (usually Germans) who know when to say no, and how to amend legislation. They are often from the Greens-EFA parliamentary group and sometimes from the liberal Renew group. That is likely what happened here, yet again. It is very important for EU citizens to vote for these parties and candidates in EU elections. The next election is coming up in 6 months.
More likely they were forced to change course due to public lobbying allegations and “expert” list comprised of big tech and cops being exposed.
To me this means:
They couldn’t figure out how to do it, or
It was too expensive to implement, and
They’ll just get the NSA to share the data with them at a fraction of the cost
You forgot one:
Ha, yes. I was thinking about that after I posted the comment.
Yeah, they wanted to do something very, very impossible and easily to skip… XD
How is it impossible? Just proxy all the SSL connections, use MITM certificates and break/inspect the data, capturing it to your own PCAP Servers.
EDIT: There’s more to it than that, but these are some of the fundamentals.
removed by mod
Nah, better to I2P or Tor: they don’t need certs at all.
The people who care will.
removed by mod
removed by mod
Excuse me? You just pay the Appletree wizards for their magical rectangles. Simple
I hope it encompasses enough so companies can’t worm their way around it.
If a politician takes a decision, it’s not democratic
Please attend a very basic civics class
removed by mod
No. Non. Nein. Nie. Nei.
Representation is not anti-democratic
the illusion of choice :)
Even better, the EU Parliament is elected by Proportional Vote, so it’s one of the most democratic institutions in the World, even beating most national parliaments in Europe (most of which have some kind of electoral circles system that gives more representatives per-vote to large parties than smaller parties).
Wouldn’t you prefer the people to vote on something so important as your privacy?
I used to be a lot more pro direct Democracy until I went through the whole Brexit thing whilst living in Britain.
One look at the polls over there right now on the question “Is Britain better outside the EU” compared to what it was back at the time of the vote, should answer just how well informed the voting decision of a large percentage of people was back when they did cast their vote.
Looking around after that, I started noticing how most people will not abstain when they fell they’re not well informed enough to make a decision but instead tend to feel they have to make a choice even though they’re ill-informed (or worse, have no clue they’re ill-informed), plus if there is one thing the Leave Vote in Britain showed me is that ill-informed voters are way easier to push to make a certain choice purelly with appeal-to-emotion and other manipulative non-rational “arguments” than the well informed.
Representative Democracy has massive problems, but at least those people do it as their work (so do have the time to dive into issues and have easier access to experts), and I suspect that most of the problems of it can be solved or ameliorated by improving the process of selecting representatives and maximizing the independence of the Judiciary Pillar of Democracy (you see the worse kind of stuff in places with Justice Systems which aren’t independent or are weak, and/or voting systems mathematically rigged to promote a Power Duopoly by giving more representatives to larger parties).
Sure, but I vote for the party and people that aligns itself with my interests, so indirectly I do. I have also thought about attending some local meetings to talk with those representing me about some issues.
I recognise that you may not feel represented well within your system. That does not imply a failure of representation as a system of government, but could speak to the implementation of yours.
It’s not a direct democracy, but elected democracy is still democracy.