The EU Court ruled that “Backdoors may also be exploited by criminal networks and would seriously compromise the security of all users’ electronic communications. The Court takes note of the dangers of restricting encryption described by many experts in the field.” Any requirement to build in backdoors to encryption protocols for law enforcement agencies could also be taken advantage of by malicious actors.
The EU Court of Human Rights’ also builds on their acknowledgment that “mass surveillance does not appear to have contributed to the prevention of terrorist attacks, contrary to earlier assertions made by senior intelligence officials.”
As the EU Commision’s Chat Control Bill directly targets undermining secure end-to-end encryption, it now looks to be in trouble. In its current version, the Chat Control bill would require the scanning of content on your personal devices, including that which is sent via end-to-end encrypted messenger apps or encrypted email. At some point, providers would be required to either break this encryption to allow the scanning of content or scan content once it has been decrypted and is readable.
On February 13th, Europe received an early Valentine’s gift from the European Court of Human rights when they banned any laws that aims to weaken end-to-end encryption. This ruling is a major stumbling block for the EU Chat Control Bill, but does it really mean that Chat Control is dead? There are many reasons why Chat Control should never become law, we’ve collected the turn of events and steps you can take to help prevent this dangerous bill from ever being passed!
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
The European Court of Human Rights is independent from the European Union, and viceversa. They are not related.
EU Court or ECHR? ECDH is not EU.
To be fair to the rest of the world, European institutional organizations do not make any sense at all.
Ok…but next month chat apps need to be interoperable. How can that be done without harming the encryption?
By them having a common e2ee protocol?
Free software apps don’t have a common protocol let alone proprietary ones.
E2EE doesn’t require servers to have access. See Matrix for federated messaging with encryption support
And when matrix legally must be interoperable with Skype, which doesn’t have e2ee? Goodbye e2ee.
I think the idea is that only the big platforms have to offer a protocol for interoperability You could always disable that in matrix or chat with someone on another chat protocol unencrypted.
But the real advantage is that someone on those big chat apps can just switch to a different (more secure) app without loosing his contacts. Basically this should be a huge boost for open source and trustworthy messaging apps. At least from what I’ve read here:
https://www.eff.org/deeplinks/2022/04/eu-digital-markets-acts-interoperability-rule-addresses-important-need-raises
Or welcome e2ee in skype.
We have less than 1 month left on the deadline. Which direction do you think this is going to go?
Matrix bridges already do this. They take what would be e2ee and then decrypt the message and dump it into another app unencrypted. This is how legislators break encryption.
Obviously. For e2ee to function both clients should use same e2ee scheme. In theory you can e2ee matrix with xmpp, but in practice either matrix client should support xmpp message format or xmpp client should support matrix message format.
Still better than nothing and you still get e2ee between matrix users anyway.
Finally some good news among all the recent doomerism.
Well… see y’all again in 2 yrs when they try to push it through under a new name
You mean 1 month when the interoperability deadline goes into effect
Yes, these things are never dead. They just come back under a different name / pretensions until they pass.
I have said it before and I’ll say it again: Politicians that push for legislation that has previously been ruled as unconstitutional should be charged for willfully trying to literally break the law.
And anyone in position of power/trust should be punished twice, once for the crime and again for doing so in a position of power.
Sounds nice in theory, but it works both ways: It would make political progress very difficult. Imagine a scenario in which e.g. trans rights are being rejected as unconstitutional in the past. The same politicians are then trying again in a different political climate year or decades later. This would be illegal according to your proposal.
Not to mention, it would be fairly trivial to circumvent this by using different politicians from the same party or an aligned interest group.
Sounds like the constitution would need to be updated in that case. But there has been no successful constitutional challenges for trans-rights, so it wouldn’t apply in this case.
Then the constitution that would prohibit trans rights would need to be changed first. If politicians want to remove the constitutional right to privacy in order to allow spying on your own constituents, then go ahead and own the fact that you want to undermine the right to privacy. Don’t hide behind “oh, this will totally not affect law-abiding citizens”.
Some social progress such as death penalty abolition or gay marriage often pass with short majorities, and constitutional changes usually require exceptionally large majorities.
Then that’l require more fighting. I however doubt that the constitution of most countries place huge blocks on giving people more freedom.
I don’t understand your point. The problem is not the constitution blocking the change, the problem is that to change the constitution you generally need a much larger majority that is often not achieved when a freedom is not yet widely accepted by the population. So this would block some socially progressive laws too.