As the old saying goes, the price of freedom is eternal vigilance.
Prove it. Every statistic I've ever seen shows the exact opposite of this to be true.
This is literally, and provably, untrue. For example:
The Soviet Union: The Bolsheviks initially proclaimed that "the arming of the working people" was essential to prevent "restoration of the power of the exploiters". It was only later that they restricted private gun ownership.
The Nazis: Contrary to popular gun rights narratives, Nazi gun laws actually relaxed restrictions for most Germans while targeting specific groups. Sometimes authoritarianism is the same as populism.
Rwanda: Prior to the genocide, the government systematically distributed weapons to local administrators and militia groups while ensuring targeted populations remained defenseless.
Myanmar: Armed civilian resistance groups formed, but the were essentially wiped out by the overwhelming advantages in air power and heavy weaponry that an actual organized military had. The firearms were useless. Arguably, worse than useless as those who fought back died in large numbers.
Venezuela: The regime armed its supporters while systematically removing weapons from the general population. The population was well armed, they just couldn't fight back against an organized government response.
Really? Why does America, the country with the most guns by far, have the most gun deaths by far? It's very tiring arguing these very obvious points over and over.
No they haven't. Our system of checks and balances has. At no point has there been a civil war in which the US's citizens attempted to fight back against the US military. If there were, the citizens would lose without even presenting a challenge.
That's not true. The US Army spent 20 years and trillions of dollars trying to impose regime change on Afghanistan, but were defeated by a group (the Taliban) that had very little military capability beyond men with rifles and some explosives to make improvised bombs. (Yes, they also had decades-old weapons with which to shoot down helicopters.) Algeria's war of independence from France in the 1950s and early 1960s is another example where a group with very little in the way of military capability defeated one of the most powerful militaries in the world.
I don't necessarily buy the argument that the US should continue with the gun status quo just because all those guns would come in handy in a revolution, but you haven't successfully refuted the argument.
The fact that we packed up and left eventually doesn't really change the fact that the US rolled over the men with guns like they weren't there in the early 2000's.
The Algerians hid within the population and gradually picked at the French, like flies biting a bull. Eventually the French got bored and wandered off to find a new form of entertainment. If anything the French lost to propaganda, not guns.
Yes, but we're discussing a civil war or revolution in the US, where the rebels or revolutionaries would be able to engage in terrorism and to hide within the population -- and where there are so many long guns in private hands that the defending force (the government) probably wouldn't be able to deprive the attacking force (the rebels) of long guns simply by punishing any civilian found with a long gun in their home.
There is a reason people say, "don't bring a knife to a gun fight".
The ALN got guns from donors and sympathizers in Egypt and other Arab countries. In later years, the Eastern Bloc and China also contributed supplies, including guns.
Was there a single significant war, rebellion or revolution in the last 100 years where both sides didn't have a gun for every fighter or almost that many guns? I'm not sure, but I doubt it.
Again though, the French like the Americans in Afghanistan, were not defeated on the battlefield. They lost because they got tired of fighting the natives and the war had become politically unpopular.
Howeer, even if I stipulate that the guns are the thing that made the difference it's irrelevant. The Algerians were not legally allowed to own those guns. So the very promise that their right to bear arms is responsible for their victory is unreasonable from the start. They had no such right in Algeria.
I don't see how your distinction is relevant. Since 1962, it has been the people the ALN wanted to have power (i.e., not anybody in Europe) who have made all the important policy decisions in Algeria. Since the Taliban took Kabul in Aug 2021, they've made all the important national decisions in Afghanistan. All the US's trillions in spending (and about 2800 American lives lost) gives it no say.
Politics were ultimately the thing that won the war, and if it happens here the results will be the same. Our 'well regulated militia' of gravy seals won't even slow the military down in battle, it will be up to the citizenry to wear them down gradually.
I do appreciate your time and the willingness to engage.
Which is a bit complicated here, as the EU has no real constitution and this 'law' (really a regulation) is a blatant violation of the constitutions of countries that did choose to establish secrecy of correspondence.
(there is another process which calls for a convention, but such a convention would have broad powers to change many things and so far the "two sides" (US rules tilt toward two parties rather than more) have been too scared of what might happen to do that)
https://en.m.wikipedia.org/wiki/Twenty-eighth_Amendment_of_t...
Only 59% turn out, and the vote won 67%. So in reality less than 40% of the population were for it.
I have vague memories of people saying that the treaty was indecipherable. The EU were like, "Here, vote yes for this big bag of 'misc', or else"
This wasn't the first time they reran a referendum for an EU treaty. They did it back in 2003!
https://en.m.wikipedia.org/wiki/Twenty-sixth_Amendment_of_th...
If the UK wanted to avoid BREXIT all they had to do was look a few miles to the west for the knack.
And the willingness and ability to enforce it. The current iteration of ChatControl is pushed by Denmark, which is at present the President of the Council of the European Union. The Danish Constitution itself enshrines the right to privacy of communication [0], but this is not stopping Denmark from wanting to ratify ChatControl anyway.
Sometimes there are some mechanisms to block unconstitutional (or other regulation) laws from passing but they're limited
Not sure how that would apply at the EU level or even at the Danish level
I think it’s always the case, no? Unless the unconstitutional law is approved, there is nothing to dispute in court.
What the TLDR of the motivation behind this? Is it just politicians playing to their base (think of the children) or corporate lobbying. or religion, etc?
Seems to me that the negatives of passing something like this are super obvious and dystopian.
Generally speaking, there is a lot of dark money in Danish politics, and the EU has repeatedly flagged Denmark as a country lacking in transparency with regards to corporate lobbying: https://www.altinget.dk/artikel/eu-kritik-af-danmark-puster-...
Generally speaking, the Danish government also tends to behave in authoritarian ways. E.g., Denmark has wilfully violated EU regulations on data retention for many, many years. In 2021, a Danish court ruled that the Danish Ministry of Justice could continue its mass surveillance practices even though they were (and still are) illegal under EU law: https://www.information.dk/indland/2021/06/justitsministerie...
Currently Denmark is also trying to leverage its position as the President of the Council of the EU to legalise, on a EU-wide level, the form of data retention that Denmark has been illegally practising: https://ec.europa.eu/info/law/better-regulation/have-your-sa...
Sometimes it could be malice or personal gains. Sometimes, I think, it could be just a strong bias towards some idea that causes a mental blindness. Such blindness can happen to anyone, at any level of power (or lack thereof), politicians are not unique in this - the only difference is the scope of impact due to the power they have. And we aren't particularly filtering them against such behavior - on the contrary, I feel that many people want politicians to have an agenda and even cheer when they put their agenda above the actual reality, any consequences be damned.
In the charter, the protection of personal data and privacy is a recognized right. So chat control is also probably against the EU law.
I would hope the EU courts would disagree, but I'm not sure if anyone can say until it's tested directly.
> The CLS concludes that, in the light of the case law of the Court of Justice at this stage, the regime of the detection order, as currently provided for by the proposed Regulation with regard to interpersonal communications, constitutes a particularly serious limitation to the rights to privacy and personal data protection enshrined in Article 7 and 8 of the Charter.
https://data.consilium.europa.eu/doc/document/ST-8787-2023-I...
The right to private communications was modified by the ECHR to give an exemption for prevention of crime/protection of morals/etc.[1] and the right to protection of personal data exempts any legitimate basis laid down by law[2].
I imagine they'd be able to figure out some form of Chat Control that passed legal muster. Perhaps a reduced version of Chat Control, say, demanding secret key escrow, but only demanding data access/scans of those suspected of a crime rather than everyone.
Legal rulings also seem to indicate that general scanning could be permitted if there was a serious threat to national security, so once a system to allow breaking encryption and scanning is in place, then it could be extended to what they want with the right excuse.
[1] https://fra.europa.eu/en/eu-charter/article/7-respect-privat...
[2] https://fra.europa.eu/en/eu-charter/article/8-protection-per...
Isn't that pretty much excatly how it is done in Russia, which was ruled by ECHR to be illegal[0]?
https://hudoc.echr.coe.int/fre#{%22itemid%22:[%22001-230854%...
For example, in the EU you technically have the right to freedom of expression, but you can also be arrested if you say something that could offend someone.
Similarly rights to privacy are often ignored whenever a justification can be made that it's appropriate to do so.
I don't know about elsewhere in the world, but here in the UK you don't even have a right to remain silent because the government added a loophole so that if you're arrested in a UK airport they can arbitrarily force you to answer their questions and provide passwords for any private devices. For this reason you often here reports of people being randomly arrested in UK airports, and the government does this deliberately so they can violate your rights.
You probably mean hate speech.
We have laws like that too in Canada. It is a good thing.
It's one thing to be disruptive and enforce immigration law "by the books" but entirely separate to then go out of your way to not enforce it legally while at the same time violating or attempting to violate the constitution on pretty fundamental levels.
So you actually don't have freedom of expression?
Your right to something ends were a right of someone else is violated. That's the case here.
Ah yes, that memorable trifecta: Life, Liberty, and the Right to Never Hear Mean Words.
> violence because then words quickly become a justification for violence
When you don't have a way to fight back and make something stop, without resorting to physical aggression, then your only way is to punch back. When the legal system allows you to fight back, then you can walk away, knowing you can call your lawyer or the police.
Have you had a broken leg? When you're young it's an alright thing to deal with, when you're older it can be life altering (it might hurt forever or alter your gait). However most spontaneous violence doesn't result in broken legs but rather hits to the head which can very quickly end up at CTEs or other brain trauma.
In an equal society, you really don't want actual violence to be on the same spectrum as speech of any kind. One problem is that ~50% of the population has a massive natural advantage in the realm of actual violence. Would a husband beating his wife because of "violent words" she inflicted on him be ok under the "speech is violence" rubric?
https://en.wikipedia.org/wiki/United_States_free_speech_exce...
You can freely express your opinions regarding any political party or head of state and so, but not directly and specifically offend them. You can say "their performance this year wasn't good due to that or this". But cant say "They should eat shit!" or "deserve to be shot" which kinda is also OK because the former doesn't contribute to anything and the latter we all agree is highly immoral or inhumane.
PS: I'm talking from the perspective of Germany, not entirely sure about other countries.
The issue is what is the European Commission willing to do in order to guarantee that fat contract check goes to Palantir or Thorn or whoever has the best quid pro quo of the day.
This is not Stasi this is Tech billionaires playing kings and buying the EC and Europol for pennies on the dollar and with it the privacy of virtually every citizen of zero interest for law enforcement or agencies.
Like, constitution both defines the rights of citizens and the limits of those rights and the same goes for the states.
I feel as if the creators of constitutions think that it is a set of checks and balances...
Just as if how a citizen violates something written in the constitution, the state can punish it.
In the same manner, I believe that the constitution thought that if the state violates some constitutional right of citizen, then citizens can point that out and (punish?) the state as the legitimacy of state is through that constitution which they might be breaking...
I concur (fancy word for believe which I wanted to share lol) you are talking about america. The thing is, revolutions are often messy and so much things are happening in america that I think that people are just overwhelmed and have even forgotten all the stuff happening in the past... Like tarrifs were huge thing, then epstein news then this I think autism thing by trump.
Like, the amount of political discourse is happening less and idk, oh shit, just remembered the uh person deporting thing which was illegal which was done anyway
If these things happened in isolation, they would all have huge actions against govt. but they are happening back to back and so everyone's just kinda silent I think, frankly I believe overwhelmed.
I believe that just as in nepal, in america everyone is whining on social media but nobody's taking action. Nepal blocked social media and so people in nepal were kinda forced to take action irl and it worked kinda nice in the end tbh
So maybe its social media which is enabling this thing.... which is funny to me as I am doing the same thing right now lol
All for sweet internet points tho.
Just a heads up but concur means "agree", not "believe"
Kinda liked it, so thanks lol
An error that should be discussed for generations :sob: /jk
IN all fairness though, I don't know why I wrote concur, I just thought of it and thought it meant believe...
What would be a fancier word of believe if I may ask ya that you would suggest me to use..
Also I am sorry that I made a mistake tbh, I hope ya get it and thanks for correcting me!
The latter has been on my mind for quite some time.
The logical conclusion of "people can't govern themselves generally" kind of gestures at religion as a solution - after all, if man cannot govern themselves, why not rely on a higher power to manage them?
Of course, the problem with that point of view is that from the atheistic perspective, there is no higher power, and from the agnostic perspective, whatever higher power there is is inscrutable and beyond our ken.
This then leads me to the conclusion that religion is ultimately a creation of men, and are thus prone to the same power-corrupting vices as any other institution created by men.
Except that leaves no real solution the problem of the governance of people. And it's a quandary I see no realistic chance of escape from.
Its not that the logical conclusion is "people can't govern themselves generally"
Its that, we have created a system which incentivizes corruption or basically evil things for the most part from TOP TO BOTTOM partially influenced by biological factors beyond our control.
Sure, one answer to the "people can't govern themselves generally" is to decentralize the power.
I live in India and I loathed my political system thinking that it wasn't good and I really appreciated american political system but the more I think about it, fundamentally Indian political system is one of the best actually.
It has 3 levels of decentralization with Strong Right to information and uh multi party system with Even Universal basic income which I came to know from an american which is a real shocker I know.
Yet I still see people begging and there being some chaos, My logical answer to it is corruption from TOP TO BOTTOM which I observed atleast.
I sort of believe that the same thing happens everywhere to be honest if that can make sense...
Like, there is corruption and human evils which is what people select in real life anonymous things as compared to true morality that one can reason through. Simply for one's own profit.
It also might be one of those debates that India might have a good political system but simply the people don't have enough money or something and they want more or everyone does it which is a common answer that I actually hear.
I believe that the reason why people can't govern themselves generally is that there is a biological answer to it in the sense that for people to govern themselves, we would prefer /need an altruist society and in an altruist society, and how the genes which favour a bit of evil in altruist society might reproduce more and spread sort of thus creating an equilibra of sorts and combining with that the idea on how interlinked/interinfluential each of us is to one other through language.
It was a catharsis to me, The answer might be depressing. But its fundamentally logic. Life just sort of happened and then it got way too focused on spreading itself / the one which did survived and boom that's biology which then gets to this political thing...
Like it was sort of meant to happen y'know? atleast that's my current understanding of it. Would love to discuss tho.
It shouldn't, America is two very distinct nations. The shape and nature of those nations vary wildly in classical Baudrilliardian sidewinding progression, but it's rooted in the very early history of British North America. Two distinct primogenitor colonies and societies, Jamestown and Plymouth. Founded for different reasons, in different contexts, by different people. Understanding the disparity is key to understanding a great deal about America. This divide has always persisted. Jefferson was of Tidewater, Hamilton was of Yankeedom. Democrats vs Whigs. Dixie vs Yankeedom. This split persists in history, and is much the reason why America is ostensibly a two party system. Even if the regional divide is not as hard and fast as it once was, even if the matters in which they differ change radically over time, the divide itself will always persist. It's wrapped up in the pre-revolutionary context the country was founded on. America will always be two countries in a trenchcoat, two echoes of wildly different cultures set against each other for dominance. You should always be keen to remember that. The union isn't of 13 distinct colonies, but two distinct cultures always in tension. It's a fundamental structure within our larger cultural blueprint.
The US had a Civil War in the 19th century over the fear of the southern states that the northern states would not only refuse to continue to be complicit in the institution of slavery, but eventually end it.
The seceding states wrote slavery, as well as protections of the property rights of slave-owners, into their constitution.
After the war came the scaling back of Lincoln's planned reconstruction, sharecropping and Jim Crow. There are people alive today who remember segregation.
White supremacy is as American as apple pie.
My question is whether two different cultures can in fact coexist with each other for a single system of governance.
Like, Why do we focus so much on our differences as a species that we forget how much common we are on literally everything.
What is a solution to this problem that's kinda impacting the world right now. America moves in pendulum in a political cycle completely 180'ing but yet at the same time, I feel like no real change is being made against lobbying/corruption which sort of infiltrates the world too.
Bernie sanders and now maybe zohran are the two democrats who are genuinely tryna do something for america which I deeply respect tbh. Yet there wasn't really a way for one to vote for them directly y'know?
Are these differences of cultures really that distinct to basically split a country in half in everything except the borders?
Was there no way of integrating them without having them idk being the way that they are right now?
What cultural group today is Jamestown and which is Plymouth?
It's mostly a book about the civil war, but it introduces some post-revolution pre-war history and names. That gives you more resources to dig up. You should read as much as you can and form your own opinions on that.
It seems like both the spirit of Plymouth and Jamestown are inside the big tent of the Republican party today. But that doesn't sound like what you intended it to mean. Or maybe it is?
That's the part I'm curious about; who is Plymouth and who is Jamestown in 2025 in your eyes?
I should note these geists extend far beyond legitimate political guise.
Right wingers will look you straight in the eye and tell you that they support suppression of gun rights and speech when it hurts their enemies. Their enemies often live many states away. I have seen the entire country flip on an issue just because the context changes.
The bloodless resolution would be to just agree to not hang out anymore. But I think citizens of a once empire would feel somehow aggrieved to lose that empire. So you guys are going to have to figure this out after spilling a bunch of blood.
Constitutions don't enforce themselves. The US constitution has a crystal clear right to bear arms but multiple jurisdictions ignore it and multiple supreme court rulings and make firearm ownership functionally impossible anyway. Free speech regulations have, thankfully, been more robust.
The only thing that stops bad things happening is a critical mass of people who believe in the values the constitution memorializes and who have enough veto power to stop attempts to erode these values.
The US has such a critical mass, the gun debate notwithstanding. Does the EU have enough people who still believe in freedom?
People do believe in freedom of speech in the US, thankfully, even if they've stopped defending gun rights in some places.
EU free speech protections are in the same position gun rights are in the US, and for surprisingly similar reasons.
HN is to a large extent a popularity contest, and people here are more in favor of free speech than guns. the US record on protecting free speech is very good.
You have accidentally properly identified the european problem and precisely the reason that chat control will pass: shortsightedness. If people only rise up to protect rights "they need", soon no rights will be left.
But guns are vastly insufficient in this century to overthrow the state, you basically only harm your fellow citizens with them.
Historically, courts have maintained that legislation is pursued under "good faith". This was the justification for not overturning ACA on the grounds of it being an unconstitutional tax: the lawmakers didn't mean to make it an unapportioned tax, even though it effectively is, so it's okay yall. Washington St just did this with income taxes on capital gains in direct violation of their state constitution a year or two ago.
Where I live, you cannot open carry. That is a direct violation of 2A, but the courts have said it's okay baby because it's not an undue burden to pay a fee and waste a day of your life. Pure nonsense. Just change the constitution for goodness sake.
This is because until the 14th Amendment and the incorporation doctrine, the Bill of Rights only restricted the Federal government, not the States. Prior to the that, state and local governments could (and did) restrict not just firearms, but other rights as well.
Hell, the Bill of Rights still hasn't been fully incorporated, so for instance, despite the 7th Amendment stating otherwise, you don't have the right to a jury trial in civil cases in every state nor the right to indictment by grand jury (5th Amendment).
Of course, some states copied parts of the constitution into their own and had some form of protection, but it was by no means universal. Massachusetts even had a state church until 1833.
It looks like it was drafted by an ESL speaker. It's by far the worst-drafted amendment, grammatically speaking:
> A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear Arms, shall not be infringed.
It's not even a valid English sentence, and it certainly never bothers to define "Arms." Not to mention that, as written, it appears to make it illegal for me to tell you that you cannot come to my house with a gun, because that's me infringing your right. It doesn't constrain Congress. It constrained anyone who wants to take away your right to bear arms.
Sheer lunacy as written. Ungrammatical and implies some insane shit.
But no, you're right, it's crystal clear. Much like how the First Amendment says
> Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press
which in crystal clear terms makes it legal to mass-distribute child pornography. To prohibit it would restrict the freedom of the press.
Until then, the commas are officially part of the text.
That said, the effective meaning of the Constitution is "whatever a majority of the Supreme Court agrees it is."
And to a degree, given the power to impeach Supreme Court justices, "whatever a majority of the Supreme Court agrees it is, and with Congress sufficiently on board to not impeach sufficient justices to force a shift in the balance of the Court."
>>> Remove the first and last comma and the sentence works splendidly
>> Until then, the commas are officially part of the text.
> Comma rules change over time.
Maybe the equivalence of the sentence at drafting, today is without commas?
I had less the current legal interpretation and more the meaning at the time of writing down, as it would reveal itself in current text, in mind, which is relevant to this argument.
KPGv2 pointed out the phrasing of the 2nd amendment is not clear.
GLdRH said "Remove the first and last comma and the sentence works splendidly".
I said that modifying the literal text requires going through the amendment process.
You said "Comma rules change over time."
I reiterated that the literal text does not change except through the amendment process, and also noted that fundamentally the literal words don't matter much as it's up to a majority of the Supreme Court how to interpret any of it.
You then brought up modern language usages of commas.
I replied that how you or I today interpret the text is irrelevant because only the Supreme Court's opinion matters.
At no point in this conversation have I expressed a specific interpretation of the text, so your indication that I chose to tell the discussion about my interpretation seems weird and maybe you're misreading usernames somewhere along the way.
Sorry for that.
> KPGv2 pointed out the phrasing of the 2nd amendment is not clear.
I thought me and GLdRH replied to KPGv2 stating that the 2nd amendment isn't valid grammar and this results in some of the unclarity.
When you have this:
X -> [grammar rules 18th century] -> 2nd amendment -> [grammar rules 21th century] -> ...
> only the Supreme Court's opinion matters.
This is purely about syntactic issues, not about semantics. The Supreme Court applies also semantics, such as the other legal system definitions of the time. I wasn't replying to that aspect.
> [Noun], being [clause], [grammatically correct sentence]
is objectively incorrect English grammar.
Eliding the "being" appositive, you're left with
> [Noun], [sentence].
Unless you're talking to the noun (as in "Hey, you, the well regulated militia! Did you know that the right to keep and bear arms . . . "), it's not grammatically correct.
The people who wrote this proposal said it themselves - "Whilst different in nature and generally speaking less intrusive, the newly created power to issue removal orders in respect of known child sexual abuse material certainly also affects fundamental rights, most notably those of the users concerned relating to freedom of expression and information."
This proposal is illegal. The fact that CJEU at least haven't issued a statement that this is illegal tells you everything you need to know about the EU and its democracy.
This policy for example would be most helpful to enemies to the EU. It would lower the cost of acquiring the data for China and Russia as it allows them to mass acquire data in transmission without incurring the cost of local operations. The easiest system in the world to hack is that of a policy maker.
Yes, it would lower such barriers for countries that are commonly seen today as Europe's adversaries. But in this case, the U.S. (or rather, U.S. organisations and corporations) might be the primary bad actor pushing for ChatControl. See e.g.:
Thorn (organization) - https://en.wikipedia.org/wiki/Thorn_(organization)
"Thorn works with a group of technology partners who serve the organization as members of the Technology Task Force. The goal of the program includes developing technological barriers and initiatives to ensure the safety of children online and deter sexual predators on the Internet. Various corporate members of the task force include Facebook, Google, Irdeto, Microsoft, Mozilla, Palantir, Salesforce Foundation, Symantec, and Twitter.[7] ... Netzpolitik.org and the investigative platform Follow the Money criticize that "Thorn has blurred the line between advocacy for children’s rights and its own interest as a vendor of scanning software."[11][12] The possible conflict of interest has also been picked up by Balkan Insight,[13] Le Monde,[14] and El Diario.[15] A documentary by the German public-service television broadcaster ZDF criticizes Thorn’s influence on the legislative process of the European Union for a law from which Thorn would profit financially.[16][17] A move of a former member of Europol to Thorn has been found to be maladministration by the European Ombudsman Emily O'Reilly.[18][19]"
Additionally, it would not surprise me at all if Palantir is lobbying for this either. Many EU countries, like Germany and Denmark, have already integrated Palantir's software into the intelligence, defence, and policing arms of their governments.
But at the end of the day, while it is convenient to blame external actors like U.S. corporations, ultimately the blame lies solely on the shoulders of European politicians. People in positions of power will tend to seek more, and I'm sure European politicians are more than happy to wield these tools for their own gain regardless of whether Palantir or Thorn is lobbying them.
Politicians should agree to to be executed if they lose an election. Only those willing to risk their lives should be allowed to legislate. This also gives the voters the option of punishing those who pass onerous laws at the next election.
If you need extra zing, this would also apply to recall elections, so they could even be punished early.
Hitler knew if he had lost, he would have been executed. Didn't stop him from going war.
The GP's idea is very bad. Quite to the contrary, losing power should not come with disastrous personal consequences.
Maybe a less extreme version of this is that if you become president you are stripped of all property and become the ward of the state after your term is over, enter a monastery sort of situation, for the rest of your life.
But they will probably think that is only bad when others do it to them.
We can. This has already happened with the fairly recent SALT TYPHOON hacks. China (ostensibly) abused lawful wiretapping mechanisms to spy on American (and other) citizens and politicians. The news at the time wasn't always explicit about the mechanism, but that's what happened.
China wouldn't have been able to do this if those mechanisms didn't exist in the first place.
Solve the problem it's trying to solve, then it won't be proposed again.
That's already here. I think you should consider that this law might be aiming at some other goal.
No, GP is referring to mass collection and analysis of all of your communications. Google, Apple, et. all don’t have that capability today.
Hell, apple can’t even read my text messages, nor do they know I’m writing this - and I’m doing it on an iPhone.
Take Facebook end-to-end encrypted messages for example. There are certain links it won't let you send, enough though it is supposedly E2EE. (I've seen it in situations like mentioning the piratebay domain name, which it tries to auto-preview and then fails. Hacking related websites as well I've seen the issue with.)
It likes to pretend it is a mysterious error, but if you immediately send a different link, it sends just fine. I don't use chat apps much these days, so I'm not sure if others see similar behavior, but I'd wager some do. Facebook is about the least trustworthy provider I'm likely to use, FWIW, so I expect a certain amount of smoke and mirrors from them.
Yes, they (well, google and amazon, I don't have accounts with other vendors) can terminate my accounts, but, to be honest, it is not big deal for me, especially comparing to be dragged out of my house by police, especially now, when I live in EU with residence permit and not full citizenship.
They want to erode people's privacy? Let them walk their talk first and see how that goes.
Yes but.. it can't just be vague exhortations and generalities. I didn't know the pertinent bodies previously, but after GPT'ing on it, it looks like they include:
One is "DG Home," an EU department on security that drafts legislation.
Another is Europol, a security coordination body that can't legislate but frequently advocates for this kind of legislation.
And then there's LEWP, The law enforcement working party, a "working group" comprised of security officials from member EU states, also involved in EU policy making in some capacity.
I think the blocking states should be resisting these at these respective bodies too.
Two cultures: https://benwheatley.github.io/blog/2024/05/25-12.04.31.html
They don't even understand that they haven't. Sure, they've written the words to exclude themselves (e.g. UK's Investigatory Powers Act), but that's just not how computers work.
The people who write these laws, live in a world where a human can personally review if evidence was gathered unlawfully, and just throw out unlawful evidence.
A hacked computer can imitate a police officer a million times a second, the hacker controlling that computer can be untraceable, and they can do it for blackmail on 98% of literally everyone with any skeleton in the closet at the same time for less than any of these people earn in a week.
The people proposing these laws just haven't internalised that yet.
If any of us software developers tried writing a law, all of the lawmakers and enforcers would laugh at how naive our efforts were — that's not us being infants, that's just a cultural difference (making us naïve about what does and doesn't matter), and the same applies in reverse.
> If they didn't know that this law would compromise security, they wouldn't have gotten carve-outs for their own communications.
It compromises their security even with carveouts for their own communications, because computers aren't smart enough to figure out which communications are theirs, nor whether the "I'm a police officer serving a warrant, pinky swear" notice came from a real officer or just from a hacker serving a million fake demands a second.
We need more diverse mobile OSes that can be used as daily drivers. Right now, it's almost a mono-culture with the Apple-Google duopoly. Without this duopoly, centralization and totalitarian temptations would be less likely.
There's GrapheneOS, which is excellent and can be used without Google, but it relies on Google hardware and might be susceptible to viability issues if/when Google closes down AOSP. Nevertheless, they are working on their own device that will come with GrapheneOS pre-installed, which is exciting.
There's also SailfishOS, which has a regular GNU/Linux userland and almost usable at this stage with native applications. As a stopgap, it can also run Android applications with an emulation layer, and plenty of banking ones work just fine.
Take Germany for example. For decades now we have let SPD, CDU, Greens, FDP ruin our country. AFD won't be better by the way. Again and again we vote against our own interest out of stupidity, complacency, or whatever it is. Oh, they want to raise pensions? What a coincidence just before the elections! Aaaand all the pensioners votes are secured for a party that will further ruin the country and line their own pockets. We do the same frickin shit every single time. And now it is so bad, that if we don't do it, then we will get right extreme AFD, that has even less a clue of what should be done, is paid by Pootin, and would fuck up things even faster.
The basic premises, that you are voted out of office, if you do badly does no longer hold here. It's all money and population brainwashing, to vote against our own interest. What our ancestors have built up from the ruins of WW2, we throw out of the window in ever election that we elect the same shitty parties again: CDU/CSU, SPD, Greens, FDP, AFD, Linke, BSW... None of these deserve our trust and vote. It apparently is asking too much of the citizens of a wannabe democratic country to check alternative parties in a Wahlomat before an election, to decide what fits best ones ideas.
European Commission: Commissioners are nominated by elected national governments and must be approved by the directly elected European Parliament.
Council of the EU: Ministers are accountable to their national parliaments, which are elected by citizens.
European Council: Composed of heads of state/government who were elected in their own countries.
European Parliament: Members are directly elected by EU citizens every five years.
With so many levels of indirection, that citizen votes are irrelevant and they don't need to care about it - only about support of major political group at the top. And surprisingly enough Parliment is relatively stable.
>Council of the EU: Ministers are accountable to their national parliaments, which are elected by citizens.
same as above.
i don't advocate for leaving the EU, but this needs to change. Those positions, which are the ones pushing for such legislation usually, need to be held accountable by citizens. At least EC.
No more rotations, or other such bullshit.
Right now EU is sitting in middle ground between federation and trade union, reaping(from citizens point of view) downsides of both systems.
If you want to be a servant to the public be one.
Priva rights are already there in most countries constitutions, but maybe adding the digital part will make it harder to push back.
Is it patently unreasonable? Yes, but cloaked in the “combat corruption” excuse it can be just as effective in a highly-partisan society such as this - just like their “bUt WhAt AbOuT tHe ChIlDrEn” bullshit props up their demands for global surveillance.
But, amongst a few others, there is a technical problem, how do we log in to vote? That mechanism must be unhackable, configurable by computer illiterates, and it must not invade privacy.
Serious question.
We need to accept and celebrate a world in which the capabilities of states are constrained by our innovations, not merely the extremely occasional votes we cast.
After 9/11, the Bush administration was accused of abusing the crisis to expand executive power and the national security state. Those who raised the alarm about things like the Patriot Act were often dismissed as fringe alarmists.
Now, nearly 25 years later, we're seeing the downstream effects of that gradual degradation of democratic pillars.
On both sides, voters and politicians can be influenced by propaganda and campaign finance to accept small, incremental changes that don't seem dangerous in isolation, but can cumulate to crush an empire.
Every democracy carries these risks. Do we think our opponents haven't noticed?
What country would be safe for hosting code that does this that people would also trust in general? Would this be hosted on the dark web or would someone actually be brave enough to host it on their private machines? Would there be DNS that could point to this?
Then how would you install the software? You'd need a way to side-load it, which means you'd want a way to sign it. Which means either adding a new root signing authority or being able to have an existing root authority sell you a signing certificate and not revoke it.
You kind of quickly end up in some weird dystopian cyberpunk setting thinking all of this through.
The most dystopian concept out of everything you mentioned is still "you can't install unsigned software" to me.
If that ever became illegal because encryption then groups of people could simply use scripts or addons to pipe through different types of encoding to make AI fuzzy searches harder. They can try to detect these chains of encoding but it will be CPU expensive to do every combination at scale given there are literally thousands of forms of encoding that could be chained in any order and number.
Mon -> base64 -> base2048 [2]
Tue -> base2048 -> base131072 [3]
...and so on.
[1] - https://irssi.org/documentation/help/otr/
In good approximation, nobody does that.
And anyone who is capable of communicating over PGP won't be covered by ChatControl anyway. They can keep using PGP over whatever they want, or just compile Signal from sources.
> If that ever became illegal because encryption then groups of people could simply use scripts or addons to pipe through different types of encoding to make AI fuzzy searches harder.
I don't think that this makes any sense at all. This is some kind of poor encryption. Either you honour the law and you send your messages in plaintext, or you don't and you use proper encryption. There is nothing worth anything in-between.
If encryption is illegal, those who really need it can still use steganography.
In fact it is exactly zero encryption both technically and legally. By using encoding I would not be breaking the law at all assuming encryption itself is actually outlawed. Encryption is mathematical obfuscation. This is only useful for text to/from the server of course. Local storage is still being scanned which means one still have to use a device that does not have local scanning if the files are sensitive such as financial documents or those files would also have to be encoded. Encoding may not have value to some people but it has value to me. Obviously if I am trying to hide something that is highly sensitive like a master password database then I would probably do something a tad bit stronger, maybe 64 to 256 chains of encoding. This is still sufficient to break fuzzy scanning.
Here's an easy one:
MDExMTAxMTEwMDExMDAwMDAwMT
EwMDAwMDExMTAxMDAwMTExMDEx
MTAwMTEwMDAwMDAxMTAwMDAw
MTExMDEwMDAwMTAwMDAwMDEwMA
oxMDAxMDAxMDAwMDAwMTEwMDAw
MTAxMTAxMTAxMDAxMDAwMDAw
MTEwMDAwMTAwMTAwMDAwMDExMT
AwMTEwMTEwMTAwMTAxMTAxMTAw
CjAxMTAxMTAwMDExMTEwMDEw
MDEwMDAwMDAxMTEwMTExMDExMD
ExMTEwMTEwMTEwMTAxMTAwMDEw
MDExMDAwMDEwMTExMDEwMAo=
I am not a lawyer (are you?), but technically you're wrong.
"In cryptography, encryption (more specifically, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode."
A caesar cipher is encryption. I don't see why chaining encodings wouldn't be. Technically and legally.
Here is a legal definition: [1]
Making text or code unreadable to secure it for transmission or transport. Both the sender, the encryptor, and the receiver, the decryptor, have the means to translate text or code from source language to unreadable, undecipherable gibberish and back. The devices used have a key that is unique to the sender and receiver.
They used the word key. Our court case will have to decide if chained commands are legally equivalent to a "key". It's not even clear to me that is the universal legal definition. Time and grey wigs will tell. If they decide chained commands are a key that could have an interesting precedence on cases involving protecting users data, banking, military secrets, etc...
In the end it's not about making encryption technically impossible but illegal, and if you use it you'll be prosecuted.
It's mainstream platforms who won't be. Those platforms will be mandated to scan their own communications.
There is absolutely no reason to do this weird encoding stuff. Nobody says that it is illegal to encrypt stuff properly.
For what it's worth I myself do not use these platforms. I just want to get people thinking about mitigating options. I use my own self hosted forums, chat servers, sftp servers, chan servers, voice chat servers and so on. Even then it can be useful to obfuscate text and files in the event someone is using a fondle-slab. I try to discourage fondle slabs.
You should refrain from making dangerous suggestions, I think. Some people may actually need proper encryption.
This is just an alternative if people believe they are not permitted to encrypt something. The threat vector in this topic is fuzzy scanning local and remote. ChatControl uses fuzzy scanning. Encoding can do just as good a job of mitigating fuzzy scans as any level of encryption. Even manual intervention should take a lot of effort just as much as brute forcing a simple encryption password. If we are being honest encrypted files are most often protected by a weak password and the cipher/hash are already disclosed and the key space is usually small. LUKS for example discloses cipher, hash, mode making brute force just a factor of compute power. If an app is chain-encoding and the chain is shared out of band I suspect it will take orders of magnitude more compute time to cycle through every possible combination of encoding and compression.
For fun has anyone decoded my simple message in the thread?
This is completely unacceptable.
I feel like we've lost the vocabulary we ought to be using to talk about the legitimacy and role of the state. More people need to read J.S. Mill (and probably Hobbes.) Even today, works by both are surprisingly good reads and embed a lot of thoughtful and timeless wisdom.
I'm going to add this to my repertoire since it's a lot more concise than most of my rantings on the topic
I'm not commenting on the government coming in at unveiling encrypted communications, but certainly a better approach than "governments should be transparent and the people should be opaque" would be "governments should be translucent and the people should be translucent too".
- Palantir Technologies
- 'not-for-profit' Thorn
> The Commission’s failure to identify the list of experts as falling within the scope of the complainant’s public access request constitutes maladministration. [0]
> ... the complainant contended that the precision rate of technologies like those developed by the organisation are often overestimated. It is therefore essential that any technical claims made by the organisation concerned are made public as this would facilitate the critical assessment of the proposal. [1]
> The Commission presented a proposal on preventing and combating child sexual abuse, looking in particular at detecting child pornography. In this context, it has mentioned that support could be provided by the software of the controversial American company Palantir... [2]
> Is Palantir’s failure to register on the Transparency Register compatible with the Commission’s transparency commitments? [2]
(Palantir only entered the Transparency Registry in March 2025 despite being a multi million vendor for Europol and European Agencies for more than a decade)
> No detailed records exist concerning a January meeting between European Commission President Ursula von der Leyen and the CEO of controversial US data analytics firm Palantir [3]
> Kutcher and CEO Julie Cordua held several meetings with EU officials from 2020 to 2023 - before the former stepped down from his role - including European Commission President Ursula von der Leyen, Home Affairs Commissioner Ylva Johansson, and European Parliament President Roberta Metsola.[4]
> The Ombudsman further concluded that Thorn had indeed influenced the legislative process of the CSAM regulation. “It is clear, for example, from the Commission’s impact assessment that the input provided by Thorn significantly informed the Commission’s decision-making. The public interest in disclosure is thus self-evident. [4]
> EU Ombudsman Emily O’Reilly has announced that she has opened an investigation into the transfer of two former Europol officials to the chat control surveillance tech provider Thorn. [5]
[0] https://www.ombudsman.europa.eu/en/decision/en/176658
[1] https://www.ombudsman.europa.eu/en/recommendation/en/179395
[2] https://www.europarl.europa.eu/doceo/document/E-9-2024-00016...
[3] https://www.euractiv.com/news/commission-kept-no-records-on-...
[4] https://www.euronews.com/next/2024/07/18/european-ombudsman-...
[5] https://www.patrick-breyer.de/en/chat-control-eu-ombudsman-l...
EU turns into fascist (policies controlled by corporations) quasi state before our eyes.
If you are working for any crime agency, put away biscuits and move your lazy arse to work!
The EU is by far one of the least corrupt and most transparent organizations in European History, by design and by process.
The fact that I am able to produce all those reference documents in the previous comment is substantial evidence of this.
The issue here is the European Comission. Both in the appointment of Commissioners as well as in the checks and balances against the Comissioners and President of the EC.
To be anti-EU is throwing the baby with the bathwater and more seriously plays into the hands of every geopolitical player around us.
The Ombudsman’s findings themselves show maladministration, secretive lobbying, and conflicts of interest. That’s not a healthy system keeping itself in check; that’s outsiders catching it after the harm is done.
Saying ‘it’s only the Commission’ is like saying ‘it’s only the engine’ when your car catches fire. The structure allows it, the culture rewards it, and the safeguards are paper-thin if not non-existent.
If the EU really is ‘the least corrupt in history,’ then why are Palantir and Thorn shaping surveillance laws (terrorism dressed as such) in back rooms while the public only finds out years later - and law enforcement looks away? That’s not just a bad apple problem - that’s systemic rot.
Like the TPM & Microsoft scare when TPM first started arriving in hardware, and we all thought it would be used to lock out other OSes. Only it's for real this time.
I don't know if this is possible so easily. Does the OS scan the memory of all applications? How does it know what is text and image data?
What if it is encryped or even just obfuscated? Does the OS then track all changes of memory etc?
Or you think it'll just have a rolling keylogger so you can't type in s.th. malicious?
Nothing. That is, nothing until your application becomes popular. I will keep encrypting my emails and they can pound sand once legislation for this makes it to my country. It should be a while before these shenanigans are in every distribution or kernel for Linux.
They want to change the public perception from "Private encrypted communication is good and desirable" to "Encrypted is unsafe. Encrypted could be scary. Encrypted enables Bad People."
In a vain attempt to inhibit access to non-broken cryptography, we will probably see operating systems that allow actual root access to the user -- or even just allowing non-manufacturer-signed executables to run! -- being painted as "unsafe platforms." Apple has already transitioned most of the way to being fully in the "trusted computing" camp, since it takes a great deal of gymnastics to even modify the OS because of the Mac's sealed system volume, and out of the box all executables must be blessed by Apple, meaning governments can put their thumb on Apple to force them to disallow any non-broken crypto tools from being used. I know this can be changed in Settings for now, but that'll probably go away eventually.
Microsoft will be next of course, and Linux will be portrayed as a "hacking tool" by contrast to the commercial OSs.
The same mechanisms that prevent you from breaking law at home, commiting fraud, hurting people, etc. will be used if this law passes. Nothing more, nothing less.
Technocrat delusions on how you'll fight the government with open source are just that. Delusions. They have a wrench and guns.
They go out of their way to warn you it’s not the same level of security as iMessage.
> Notarization for iOS and iPadOS apps is a baseline review that applies to all apps, regardless of their distribution channel, focused on platform policies for security and privacy and to maintain device integrity.
by the time they do the kids can just vibecode another chat app for themselve
The ultimate goal is for computers to run only authorized programs and to license and monitor development tools like the Soviets monitored typewriters.
For example, an individual can generate AI images of Hollywood actors using Stable Diffusion and a decently powerful computer. Said individual had the right to share those images online with a community.
Now however the sharing and distribution of said images is considered illegal in my USA state.
So, are the images said individual created and shared three years ago subject to prosecution? Even if the law went into effect 3 months ago?
No. The right not to be tried for actions that weren't crimes at the time is pretty universally applied in the west (I am not aware of the legal situation in other parts of the world, but I imagine it's honored there too). (Article 7 of the European Convention on Human Rights for the EU, Article I, Section 9 & 10 of the constitution for the US)
> So, are the images said individual created and shared three years ago subject to prosecution?
Generally, criminal acts are judged according to the rules of the jurisdiction where they happened, so I wouldn't be too worried about this. This isn't a universal rule though, so you won't find it enshrined in constitutions or treaties.
CSAM is just the excuse, as it is with any other laws of this nature in the past.
Chat Control would only make this sort of thing more frequent.
But nevermind, We love the EU! /s
* of their rights to privacy
* their right to live in a democracy
* the value of warrant based search vs nazi SS style
* I want them to enjoy at -least- as much privacy as I currently enjoy
* I don't want rando creeps reading their personal messages and keeping them forever, there's a reason memory fades, it lets us grow as people
ChatControl would run locally on your phone. It would compare the images that you receive/send to a list of illegal images, and if you happen to deal with one of them, it would report you.
How is that destroying your democracy?
Disclaimer: I am against ChatControl, but too many people seem to not understand what the problem with ChatControl is.
Those passive surveillance systems have a chilling effect on democracy, just like mandatory ID on social media, and provide politicians a lever so convenient that you know that it will be used, especially in the EU.
Exactly! That's the problem!
It's not killing the encryption, it's not sharing all your communications with the government. Those are invalid arguments. The problem is that whoever controls the proprietary part of ChatControl (and that includes the list of illegal material) can abuse it to e.g. detect political opponents, or whatever they can imagine.
I am just asking that we use the valid arguments against ChatControl. I read a lot of invalid arguments that won't help convincing politicians that it is a bad idea. They need to understand why it is a bad idea, the real reason.
Say the police knocks at my door and asks me nicely to read my messages, I will show them. Doesn't mean I don't care about them being encrypted when I send them over the Internet.
Also I don't care that "the vast majority of people" prefer Facebook chat to discuss online. That they are free to do so doesn't mean I shouldn't be free to preserve the secrecy of my communications.
My point is that ChatControl does not say that all your communications will be shared. And you will still be able to send encrypted messages with Signal, and your ISP won't be able to read them, and Signal won't be able to read them. So it's not true that it won't preserve the secrecy of your communications. If used correctly, it will preserve the secrecy of almost all your communications. And it would be possible to have a version of ChatControl that would absolutely preserve the secrecy of all your communications (e.g. by only using a list of hashes instead of machine learning).
Maybe you think that you should be free to have illegal material on your phone, but I am not sure the rest of the population agrees. If one could prove that ChatControl never made a mistake (e.g. it's just a hash comparison) and that the list of illegal hashes is never abused, then I'm pretty sure most people would find it okay.
The problem is that we cannot prove that, and in fact it's pretty clear that it is fundamentally difficult to make sure that the list of hashes is not abused. Even more so if instead of a list of hashes it is a machine-learned set of weights.
So ChatControl would be a powerful tool that is difficult to audit, and that therefore could be abused by whoever controls it. This is the risk, this is what we should be talking about.
> the proposed legislation includes exemptions for government accounts used for “national security purposes, maintaining law and order or military purposes”. Convenient.
POTUS is very specifically NOT a member of the military. Elected civilian control was the whole point. Even Eisenhower had to (temporarily) give up his general rank to serve as president.
I do understand your core point tho.
While I understand it… there is no need for any exemption if the bad, stupid law will not be in place at all ;)
Doesn't all that just force everyone who has something to hide to use something else, less obvious?
I mean, look at how many technically savvy people use Telegram and think it is "safe".
Ever heard of top government officials mistakenly inviting a journalist in a group sharing top secret information?
Its hard because everytime this gets defeated all the EUSSR people just wait a year and try again…
There is no excuse for this and it is a stain on EU history for even letting this go so far.
Anyone proposing this should not only be sacked but also referred to de-radicalisation / anti-terrorism programme in their country and forever banned from holding any kind of public sector office.
There is no excuse.
If terrorism is defined as using violence or threats to intimidate a population for political or ideological ends, then “Chat Control” qualifies in substance.
Violence doesn’t have to leave blood. Psychological and coercive violence is recognised in domestic law (see coercive control offences) and by the WHO. It causes measurable harm to bodies and minds.
The aim is intimidation. The whole purpose is to make people too scared to speak freely. That is intimidation of a population, by design.
It is ideological. The ideology is mass control - keeping people compliant by stripping them of private spaces to think, talk, and dissent.
The only reason it’s not “terrorism” on paper is because states write definitions that exempt themselves. But in plain terms, the act is indistinguishable in effect from terrorism: deliberate fear, coercion, and the destruction of free will.
You can argue legality if you like, but the substance matches the textbook definition.
They're such proponents of privacy that they've actively started encrypting as much as possible for decades but now that the EU is about to break all that they're silent.
They raised such a fuss when the FBI asked to decrypt that single iPhone years ago, but now that millions are on the line... nothing?
With regards to the FBI incident, Apple said at the beginning of their statement, “This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.”
The EU is proposing a law. People assure me their laws are democratic and reflect the will of the people. Who is Apple to reject the outcome of public discussion?
The FBI letter was written in a context where an agency was acting without the support of the public. That’s why the framing was all about misuse of the All Writs Act and lack of Congressional blessing for the requested power.
Right now this debate is oriented mostly around the fact that surveillance today is not a good deal—consumers give up their privacy and get nothing in return. But is there a tipping point? Technology draws us closer, day by day, and the threat matrix will become more sophisticated as time moves forward.
Most individuals on HN are privacy absolutists but one should recognize that tradeoffs exist. That tradeoff is just not compelling today, but that doesn't mean that will always be the case. If you go to China, where everything and everyone is surveilled, I think you'd be surprised to find that many Chinese don't mind. They feel incredibly safe and don't have to worry about being victims of crimes, having their packages stolen, walking around late at night alone, etc. Walking around in China with absolute peace of mind around my own personal safety is a very eye-opening experience as someone coming from the US. I've always advocated for stringent privacy protections; but when giving that up buys you absolute safety in your immediate environment, that's not an experience you forget.
I'm certainly not saying I'm a proponent of living in a surveillance state—I'm simply noting that tradeoffs exist and a sort of re-balancing is constantly occurring, which is just interesting to be aware of.
One presumes it would make terrorism easier if you could hack in and find out where your target is at any given time. What they're doing. What their plans are for this evening.
Also I think one could probably point to the current US president as proof for why this is an insane idea. Imagine if he really did have access to everything we say.
> .. like smaller, less traceable bombs, or chemical weapons that are easily accessible and lead to higher casualties ..
it's very easy to build a bomb, you just need to "google" and make your shopping... Killing random people in the street is easy too, you have, among others, knifes - very easy to buy and commit a crime in side streets, etc.
> it's very easy to build a bomb [...]
Yeah, what I'm saying though is that these attacks are not happening at a scale though that is large enough for people to need to worry about their own safety personally. Your personal chance of dying in a terrorist attack is so low that it's not worth thinking about (unless maybe you live in the middle east). I'm simply noting that this might not always be the case. It's easy to imagine, with better weapons, that terrorists become much more prolific in their ability to kill; under which scenario people could be willing to give up more to have more peace of mind.
you can always establish encrypted channel via DH over stenography in plaintext messaging, and just use any encrypted protocol.
if hardware is compromised a black market for such devices will surface.
Worst case scenario you create gigantic one time pads and just use them.
the whole idea is flawed as you get neither security nor privacy. in fact - it actually opens you to abuse if encryption is backdoored. Not to mention it being a gigantic slippery slope argument.
and most importantly - how to you ensure that you can ALWAYS trust your government with such powers?
Probably, but I think you are giving most bad actors too much credence. Tyler Robinson took several precautions to cover his trail in his assassination of Charlie Kirk—but he also told many individuals about his plan on discord, as well as other non-encrypted channels, etc. Not all bad actors are sophisticated in the same way.
I wouldn't trust the government with the power. If the scenario I'm posing were to actually occur, it's only a matter of time until the gestapo starts showing up at the houses of innocent individuals. This sort of thing happens in China.
Still, again, if the threat is big enough, I am curious to ponder what role individuals would want government to take in using surveillance to reduce actual human deaths in terror attacks (or any type of attack, for that matter).
you're comparing organized crime, which this is supposed to combat - with a lone gunman. Stupid criminals will always exist.
>Still, again, if the threat is big enough, I am curious to ponder what role individuals would want government to take in using surveillance to reduce actual human deaths in terror attacks (or any type of attack, for that matter).
the purpose of this isn't to stop deaths. It is to entrench state power, increase agencies budget... and as they have to demonstrate that they are useful it will turn either into totalitarian hellhole with plenty 'making example of' public cases... or some attacks will go through on purpose to justify their budget after cuts...
Imagine a future where aliens invade, and all of our civil rights have to be suspended in order for society to be re-focused on fighting an existential war against the invaders. I suppose this sci-fi hypothetical could happen and if it did happen then the sacrifice might even be necessary. But it's not happening now, and it's entirely reasonable to classify it as both (1) unlikely, and (2) an incredibly bad outcome we should hope that we never have to face.
It is true that many Chinese citizens don't give it a thought.
But there's no demonstrable cause and effect going on there.
If the employees of the state were subject to the same exact surveillance, then maybe it might be palatable.
Curiously, the Star Trek Universe exists in such a scenario. A common trope is asking the computer for evidence of a crime, where someone is at any time, etc. I've never heard complaints about this supposed contradiction between the utopia vision of Star Trek and the omnipotent, all-seeing computer.
But we all know the reality... a tale as old as time. The state will exclude themselves from the surveillance, and it will eventually be used as a tool for authoritarianism. It's only a matter of time with something as powerful as this.
Em. I think feeling incredibly safe has more to do with the media telling people that no crime exists and all criminals are caught, rather than a reality of zero crime.
There is evidence that crime started being systematically under-recorded in China since they started assessing police on proportion of recorded crimes they solve.
https://archive.is/20250624235740/https://www.economist.com/...
This sort of shared expectation of courtesy and safety is more common there; and it exists because of the surveillance state. I'm not advocating to live in a surveillance state; they're oppressive—the cons certainly outweigh the pros. There's no debating that. But the silver lining in that is borne of that cost is one that I think people there enjoy.
The current EU political class has completely lost their Mandate of Heaven, they command 0 respect because they’re spineless empty bureaucrats looking for a cushy consulting job after they’re done being lobbied by their future employers.
Even if your utopian idea makes sense, I don’t trust the EU politicians to bring it to life, just virtue signal
On your tangent about China, the people there are feeling so absolutely safe that they have the urge to install metal bars on every window of almost every home.
What I mean is, if we have super bombs or whatever, we would also certainly have unbreakable encryption. I mean, we have unbreakable encryption now basically.
So we're back to square one - terrorists terror, civilians are oppressed.
Also, if such weapons DO exist, the first people to use them would be government. Of which you cannot organize against, because you let them break your communications.
> These scanning systems get it wrong most of the time. [...] Irish law enforcement confirms this: only 20.3% of 4,192 automated reports actually contained illegal material.
Wrong most of the time that they report something. Technically correct, although a somewhat tricky formulation.
Literally next paragraph:
> Even with hypothetical 99% accuracy (which current systems don’t achieve), scanning billions of daily messages would generate millions of false accusations.
This is a different accuracy percentage: here the author means 99% of all messages, not only the reported ones, which the previous 20.3% referred to. Furthermore, these two paragraphs together sound very fishy: if current systems are not accurate enough to generate "millions of false accusations", presumably (?) they generate at least that. But with the 20.3% true positives fraction, that would mean hundreds of thousands true accusations per day.
Which part am I misunderstanding?
Also they will have the legal power to force the popular operating systems to enforce generic keylogging/packet capturing and whatnot.
The same reason as why streaming services are being ditched in favor of piracy will happen to social media.
Does anyone believe that predators commit those heinous offenses because of the availability of encrypted channels to distribute those products of their crimes? I sure don't. The materials exist because of predators' access to children, which these surveillance measures won't solve.
Best case scenario (and this is wildly optimistic) the offenders won't be able to find any 'safe' channels to distribute their materials to each other. The authorities really think every predator will just give up and stop abusing just because of that? What a joke.
More likely of course, those criminals will just use decentralized tools that can't be suppressed or monitored, even as simple as plain old GPG and email. Therefore nothing of value will be gained from removing all privacy from all communication.
Plus, the fact you could use/make AI/LLM/etc generate nefarious content that is hard to tell is fake, tells you the abuse isn't even what they are interested in.
The theory is based on the documented fact that most crime is poorly thought through with terrible operational security. 41% is straight up opportunistic, spur of the moment, zero planning.
It won't stop technologically savvy predators who plan things carefully; but that statistically is probably only a few percent of predators; so yes, it's probably pretty darn effective. There are no shortage of laws that are less effective that you probably don't want repealed - like how 40% of murderers and 75% of rapists get away with it. Sleep well tonight.
Some individuals will find a way to distribute and consume child pornography no matter the cost. But other addicted individuals will stop consuming if doing so becomes so laborious because they are consuming or distributing on the margin. I.e, imagine the individual who doesn't want to be consuming it, who knows they shouldn't—this type of deterrent may be the breaking point that gets them to stop altogether. And if you reduce the amount of consumption or production by any measure, you decrease a hell of a lot of suffering.
But anyway, the goal of this legislation is not to drive the level of distribution to 0. The goal of policymakers could be seen charitably as an attempt to curtail consumption, because any reduction in consumption is a good thing.
Let's say you're actually texting in a group. Even if you use perfect operational security, odds are terrible that all members of your group will perfectly uphold the same level of security every time they share their content.
One is going to slip up. He's going to get arrested. And he's going to turn the whole group in to reduce his sentence. Everyone else meanwhile has their operational security become proof of intent, proof of deliberation, proof of trying to evade authorities. They thought they were clever with the encrypted ZIP files, but the judge and jury are going to be merciless. I don't think most authorities have a problem with that.
It has everything to do with censorship and complete control over people’s ability to communicate. Politicians hate free speech and they want to control their citizens completely including their thoughts. This is true evil.
This is pushed by parties that have a good track record of preserving integrity. That’s why it’s so surprising.
But existing corruption is neither necessary nor sufficient for what we see here. Wrong axis.
EU is (mostly, and relatively speaking) un-corrupt as governments go; more corrupt places (and also authoritarian places) will write fantastic laws that they just straight-up ignore.
* Which won't work anyway: consider that the US military had to issue statements and bans because fitbit was revealing too much about military bases.
But it is not even dismantling privacy. ChatControl would run client-side and only report what's deemed illegal. Almost all communications are legal, and almost all of the legal communications wouldn't be reported to anyone at all. They would stay private.
The problem I see is that the "client-side scanner" has to be opaque to some extent: it's fundamentally impossible to have an open source list of illegal material without sharing the illegal material itself. Meaning that whoever controls that list can abuse it. E.g. by making the scanner report political opponents.
This is a real risk, and the reason I am against ChatControl.
But it isn't dismantling privacy per se.
EDIT: I find it amazing how much I can be downvoted for saying that I am against ChatControl, but that argument X or Y against it is invalid. Do we want an echo chamber to complain about the principle, or do we want to talk about what is actually wrong with ChatControl?
It's nice to say "those politicians are morons who don't understand how it works", but one should be careful to understand it themselves.
You can't for a second imagine how that could possibly go wrong?
The hashes are "only for what's deemed illegal" because just trust me bro. There won't be any false-positives because just trust me bro. Even if you do believe the Governments are fully trustworthy and don't care about false positives of your own personal images or messages being passed around law enforcement, most systems like this have usually also eventually been compromised by other parties (like CALEA which was used by China and other adversaries for years). Even if you fully trust the Government, we can't actually be sure the un-auditable list of hashes are only from them, or whether adversaries have compromised the system to add their own hashes. And we don't know that the mechanism that sends our private messages (from a real match, or a false-positive, or an adversarial added hash) are only going to authorised parties or if somebody else has managed to add themselves in (like has happened with "lawful intercept" systems in the past).
So even when claiming it's only for combating the most heinous crimes, the system is too dangerous.
I can, and that is why I am against ChatControl. But many many comments here say stuff like "it breaks encryption", and that's not actually what it does.
The debate should focus on what ChatControl cannot solve, not on details it could solve. If you spend your day complaining about something that can be solved, politicians will (rightfully) say "I hear you, don't worry we will solve that".
> There won't be any false-positives because just trust me bro.
"There will be false-positives, but they won't have any impact on you". You find it invasive? 99% of people don't care, they already give all their data to private companies like TooBigTech.
> whether adversaries have compromised the system to add their own hashes.
So what? Legal material gets reported to the authorities, they see it's legal, and they realise that the list has been tampered with.
> And we don't know that the mechanism that sends our private messages
"Don't worry, we will make the code open source, you'll be able to audit it!"
> The hashes are "only for what's deemed illegal" because just trust me bro.
YES. That's my problem with it. It can be abused because fundamentally we cannot audit those hashes. We don't want to create a system that gives that power to whoever controls it.
As someone coming from authoritarian state, this is such an alien line of reasoning to me. By definition, those in power want more power. The more control over the people you have, the more power you get. Ergo, you always want more control.
It's easy to overlook this if you've spent your entire life in a democratic country, as democracies have power dynamics that obscure this goal, making it less of a priority for politicians. For instance, attempting to seize too much power can backfire, giving political opponents leverage against you. However, the closer a system drifts toward autocracy and the fewer constraints on power there are, the more achievable this goal becomes and the more likely politicians are to pursue it.
Oh, and also politics selects for psychopaths who are known for their desire for control.
This is not what 'by definition' means.
That is often a variant of Hanlor's razor brought up on questions like this. How do certain actors turn reliably to a course of action that is so damaging - but to any expert or even rational mind seems stupid! That can't be what they want?!
I do not think that this reasoning holds.
Hannah Arendt, when writing about totalitarism, came to the conclusion that there is a kind of complicity between evil and thoughtlessness. (I am still trying to find her exact words on this.)
Neither of these statements is as axiomatic as you think they are
Each of them has a large budget to hire several staffers presenting every issue to them in ways they understand best, each government has a huge apparatus of various departments with domain experts analyzing every situation from every reasonable perspective and if all of that fails, barely and university or institute would fail to respond to a request for input from an elected official.
Any and all ignorance of any significant politician is by choice. You can't push the oppression a decision causes to the maximum you'll get away with at that point in time without understanding the issue first.
Yes, the framing is disingenuous, but so is yours. You're seriously suggesting that any policy that doesn't 100% eliminate a problem is a joke?
And if you say both - how would you rate the relative severity of the two problems? Specifically, if you had to pick between preventing the rape of a child, and preventing N acts of CSAM distribution, how big would N have to be to make it worth choosing the latter?
Today its the pedophiles and 15-17-philes (those are this fake group adolescent, which are also tried as adults when convenient).
Tomorrow, its the adult sex workers.
Then its the fringe group's topics that is on the outs with the majority.
Then they come for you, and nobody is able to speak up because they banned protests.
... To paraphrase Martin Niemoller.
It seems obvious that it is entirely the former and not at all the latter. In other words, N is positive infinity. Am I missing something?
I only care about kids being hurt. And I think this view is close to consensus.
What's worse for you? Being raped as a child. Or, having people sexually gratify themselves looking at images of you being abused; using those images to groom other children, or to trade and encourage the rape of other children?
You might as well ask someone which eye they prefer to have gouged out with a blunt screw.
Let's do both: try to stop child sexual abuse and try to stop images of abused children being used by abusers.
I have a hard time imagining this will be more than 10% effective.
This proposal is a joke
It is now only recently possible to dragnet in mass many communications, store, and analyze them. The past decades have brought new threats to privacy democracy through breaking encryption at the state scale.
Were most people encrypting their handwritten letters? Were most people encrypting their messages before sending them by SMS or with WhatsApp? Really?
But ChatControl won't prevent the encryption for anyone who is not the receiver of the reports. And the receiver is the equivalent of "law enforcement", right?
Not without legal proceedings. The population would have been absolutely outraged if the government just decided to read all of their mail one random day in the 90s.
There's a reason the whole idea was supposed to be a conspiracy theory, the population literally didn't believe something like that could happen.
Nobody would want to carry a microphone recording them 24/7 and storing everything on a server, but everybody is fine with TooBigTech simply promising that they don't store the data.
We have to accept that people are fine with the idea. The problem (both with the connected mic and ChatControl, btw) is that it can be abused. That's the problem. Again: we have to convince people that it is at risk of being abused. Not that they should be outraged. They just are not.
Instead they notify you that you gave them perpetual license to reuse your data.
It's a tool that could be abused, but I wouldn't say that it is enough to kill a democracy all by itself.
Chat control takes away one liberty from democracy.
Ask any half decent go player what will happen to that stone if we just ignore the attack upon it?
You don't have the liberty to avoid that, today. By design.
My point being that if one could prove that the ChatControl detection is only running locally and that it is only reporting what's acceptable to report, then it wouldn't hurt your freedom (except for your freedom to do illegal stuff, but that's the whole point).
The problem is that it is not possible to prove this. Fundamentally. We need to talk about that. Not throw some "it will kill democracy because you should trust me when I say it".
That key will leak eventually, it's too juicy a target.
You describe chat control as if it's just an AI csam scanner that runs locally on your phone, like what apple did recently-ish.
Chat control is so much more than that, and so much worse
That's not my understanding. My understanding is that ChatControl will run client-side scanning and report what is deemed illegal.
This is not a master key to all communications.
On the contrary, it is an argument in favour of extending ChatControl to using machine learning for detecting such cases.
The problem, again, is that we don't want to have an opaque system that can be extended to surveilling new things, because it's very difficult to audit and make sure it is not abused.
Today nobody uses snail mail. This proposal is the equivalent of proposing to read everyone's private letters back in the day.
Technical details are technical details
Chat Control amounts to routine, warrantless interception of private communication. Something you see in states like the USSR.
[1] https://www.westernstandard.news/news/liberals-push-bill-to-...
And then you'll get into a scenario that the government will punish you for wrong-speak, like when people had their bank accounts frozen for donating to the trucker protests. Or they will turn off your access to social media the way the Biden Administration did during the Pandemic.
I think a more charitable reading is that any policy that doesn't 100% _target_ a problem is a joke. This policy doesn't have a plausible way that it will protect children from being victimized, so I think it's reasonable to remove the "think of the children" cloak it's wearing and assess it on the merits of whether encryption is beneficial for the social discourse of a society.
Of course it does. "It will detect and report messages from predators to children, therefore preventing the child to get to the point where they send revealing pictures or meet the predator in person". Done.
Most abuse happens from people known to the child, and of that portion, most are family members. It seems like there is sufficient opportunity in-person comms to route around this limitation.
Moreover, even the communications that do happen online can still easily happen through encrypted media; presumably the perpetrators will simply move to other ways of communicating. And kids, at least kids over 10 or so, don't seem like a demographic particularly likely to follow this law anyhow.
There's another nuance worth considering: by and large, parents _want_ their kids to have access to encrypted communications. I'll happily assist my kiddo in maintaining good opsec - that's much more important to me than some silly and uninformed policy decision being made far away by people I've never met.
https://web.archive.org/web/20210522003136/https://blog.nucy...
So, the kids are still going to be where the encrypted comms are. I still think it's reasonable to say that the protections offered to kids by criminalizing encryption are implausible.
Sure, but it means that at least some happen from people unknown to the child. If ChatControl doesn't cause any problem but helps preventing those abuses, then it's worth it. The question is: what are the problems caused by ChatControl?
Saying "only a minority of children get abused this way, so it's not worth it" won't go far, IMO. It's not a valid argument against ChatControl in itself.
> presumably the perpetrators will simply move to other ways of communicating.
The perpetrators have to contact kids over apps that the kids use. Like Snapchat or TikTok. It's not like the kids will routinely install a weird app to talk to weird people...
> parents _want_ their kids to have access to encrypted communications.
But ChatControl doesn't remove the encryption! It scans everything locally, before it gets encrypted and sent.
> by criminalizing encryption
It's not criminalizing encryption: it's forcing a local scan on your device. Just like there are already scans happening on clouds for non-E2EE data.
Don't get me wrong: I am against ChatControl. For me the problem is that I see a potential for abuse with the "list" (whether it's a list or a sum of weights) of illegal material. This list cannot be made public (because it's highly illegal material), so it's hard to audit. So whoever has control over it can abuse it, e.g. to find political opponents. That's my problem with ChatControl.
Can you point me to the doc that says all this?
Admittedly I didn't yet bother looking for the official ruling since those are massive, and media sites were just politicising it.
In fact, even if zero children are ever trafficked or abused going forward, and pedophiles only use old photos of children from 30 years ago, merely having these images is still an issue.
Conversely, the vast majority of sexual abuse of minors doesn’t involve images and goes unreported. "Considerable evidence exists to show that at least 20% of American women and 5% to 10% of American men experienced some form of sexual abuse as children" (Finkelhor, 1994). "Most sexual abuse is committed by men (90%) and by persons known to the child (70% to 90%), with family members constituting one-third to one-half of the perpetrators against girls and 10% to 20% of the perpetrators against boys" (Finkelhor, 1994).
In short - if they wanted to reduce child abuse, scanning everyone’s communications for CSAM would not be the most straightforward way to go about it.
* First, this is not what politicians do. What they want is to look like they are fighting it.
* Second, what is your more straightforward way to fight CSAM? Asking for a backdoor is pretty straightforward, I find. I would rather say that fighting CSAM is more difficult than that.
Did you get my last sentence?
"In short - if they wanted to reduce child abuse, scanning everyone’s communications for CSAM would not be the most straightforward way to go about it."
What would be the most straightforwand way? Install a camera in every home?
Yes, abuse is usually more to be found inside families. And the solution kind of complicated, involving social workers, phone numbers victims can call, safe houses for mothers with children to flee into, police officers with sensitive training who care, teachers who are not burned out to actually pay attention to troubled kids ...
I am against ChatControl. But I am amazed by all the bullshit arguments that people find to criticise ChatControl.
If you have more control, obviously it's easier to track criminals. That's not the question at all. The question is: what is the cost to society? A few decades ago, all communications were unencrypted and people were fine. Why would it be different now? That's the question you need to answer.
This might catch the odd moron sharing stuff on Facebook or on their phone, but I doubt it will stop the average offender was is already going out of their way to use encrypted apps/services.
But okay great, at least you catch the morons I guess, but at what cost? Here in the UK it's pretty common to be arrested for tweets at it is. There's no doubt in my mind this will be used to catch individuals committing speech crimes who are currently getting away with it because they share their opinions behind closed doors.
I strongly believe it will catch the average offender. The average human doesn't have a clue about cryptography.
It won't catch all of them, of course. My point is that it is invalid to say that it won't catch anyone.
> but at what cost?
EXACTLY! The problem is that whoever controls the list of illegal material can abuse it. We fundamentally cannot audit the list because the material on this list is highly illegal. There is a risk of abuse.
Sure, but wouldn't they quickly learn once people are getting caught?
And predators who get in contact with kids have to do it over social media that the kids use. Those ones would be affected by ChatControl.
But privacy-less society will be implemented by then... Just a question: why they want no privacy at all costs ??
So all communications aren't stored outside of your device, right?
You also will not know if your message is flagged, so if you are ever in doubt about how your message will be categorized, you will have to assume that it will be flagged and sent to storage for an unknown amount of time
Feels a bit hypocritical to accept one and not the other.
Really, I think that the problem with ChatControl is that it is a weapon for surveillance. Not because of the false positive, but because whoever controls it can decide what gets reported. Depending on how a government evolves, that could be very dangerous. And we have examples of governments evolving like this in history.
And what makes you think we don't?
It's much, much easier to stop new incursions into our privacy than to claw back privacy we've already lost. And it's much, much easier to stop the government from violating our privacy than to stop megacorporations accountable to no one for anything other than profit from doing so.
I think seeing hypocrisy here is being extremely uncharitable.
IMHO there are valid arguments against ChatControl that are not "you see what you allow TooBigTech to do to you? Well with ChatControl you would allow much less to the government. Isn't that terrible?"
A strong argument against ChatControl, IMO, is that it builds a powerful tool of surveillance. Not because "someone fairly random will see false positives", but because someone in power (e.g. a president) could abuse it to maintain their power (e.g. by targetting political opponents).
I share your other concern, but I think it's related to the one I mentioned. Suddenly false positives turn into true positives, but for things that were totally unrelated to the initially stated goals of Chat Control.
But people are talking about both - the ridiculousness of the premise that this would help combat this and additionally of course the cost of privacy.
It's beyond encryption. Teenagers sending each other pictures could get flagged by AI etc. Any of your messages and images having potential to get falsely positively flagged.
The only valid argument I see against ChatControl is that fundamentally, you cannot know what it is reporting. It's not like if there would be an open source list of illegal material together with the hashes, right?
If you cannot audit what is being reporting (with whatever means necessary to make sure it is doing what it should be doing), then whoever controls it could abuse it.
That's the problem. That's the reason not to implement it. But it's completely overwhelmed by the flood of invalid arguments.
Really? The only one?
By definition, they must state what is actually illegal, lest I be hidden laws with hidden punishments.
And those lists of 'illegal' need to be publicly disclosed, so we are aware.
At least in the USA a naked picture of someone who is 17y364d old is 'child porn', but that extra day makes it 'barely legal'. But yet, most USA jurisdictions say that 16y can have sex. Just that pictures are EVIL even if you take them yourself.
Again however, I tend to more agree with Stallman that CSAM or child porn picture possession should either be legal or have a mens area attached, and not strict possession. Its proof of a crime, and shouldn't in of itself be a crime.
But because a picture is a crime, we get these horrific laws.
I don't need to murder you in order to say that murdering you is illegal, do I?
Of course they don't have to publish CSAM material in order to say that this is illegal CSAM material. If you could go get CSAM material at your local library, nobody would be talking about scanning it with ChatControl...
Again, we need to know the exact year and day. 17y364d is illegal but 18y is legal.
That picture does NOT have enough information to determine if its legal or not. And even as simple as 1 day can be the difference between legal and not.
And of course, is also thethe hypocrisy of sex being legal at 16, but pictures are 'child porn', when they are demonstrably NOT children.
So yes, MANY pictures already exist that do have more than enough information to determine that they are VERY ILLEGAL.
If you can't apprehend that, I don't know what to tell you.
Or are you saying that we should not care about the others?
ChatControl will protect some kids. If your argument is "yeah, shit happens", you won't convince anyone. If your argument is "yes, but at a great cost for society", then you need to explain what the cost is.
Saying "your freedom" is worth exactly as much as "but CSAM" when said from the other side. It's not enough. What is the tangible risk of ChatControl?
Constitution says I can. The country is governed by people.
Is it worth it? Well that's the question, and I am against ChatControl so I think it is not worth it. But if you try to convince a politician that scanning every single communication cannot ever help law enforcement, then good luck. Because you are wrong.
Why not taking valid arguments against ChatControl instead?
A few decades ago, a user base using whatever was available was about 99% lower than now. As well as governments were so illiterate that they could not read with the tech they had even those unencrypted messages.
a small number of units or individuals
It is not the case anymore.
I believe that politicians believe that AI models can do this well without negative consequences. But I also think they forget that a model with 99.99% specificity applied to ten million messages will still falsely label 1000 as harmful.
So why are criminals not being tracked? Seems like there's a shit ton of cameras everywhere but stores are still locking everything valuable behind glass. The benefits of this stuff never seem to materialize in practice.
That's my point: there are good arguments against ChatControl. Better focus on them.
> Does anyone believe that predators commit those heinous offenses because of the availability of encrypted channels to distribute those products of their crimes?
Who says that? I don't think they say that.
> The authorities really think every predator will just give up and stop abusing just because of that?
Nope, they think they will be able to arrest more predators.
> More likely of course, those criminals will just use [...]
You'd be surprised how many criminals are technically illiterate and just use whatever is the default.
gmail? google drive?
More likely it's ironically so that the people cannot oppose such policies as they won't be able to organize when all comms are tapped.
- People who go into government want power over others, and they'd therefore prefer more power than less at every junction
- The population put up very little resistance in general - e.g. as we saw with COVID, they'll freely let the government put them under house arrest and destroy their businesses, to protect them against a bug only slightly deadlier than the flu
- However they do need some pretext - with none at all, impinging on people's civil liberties would cause confusion, and the people might even ponder grumbling about it, which would be unnecessarily messy for everyone involved
- Hence they simply need to lay out some half-assed pretext, just to make it easy for people to internally justify their further loss of rights, so that they don't have to have any uncomfortable thoughts like "maybe I should disagree with this?"
- "Think of the children" is a nice easy one. It's basically a farcical meme at this point, but that doesn't affect its effectiveness, for the reasons described. You could use this for literally anything, no matter how extreme (I'm sure for instance the Nazis used it as one reason for exterminating Jews - to protect "Aryan" children & their future etc)
Assuming that the regulators are fully aware of the above points, it's not very hard to speculate what the real intentions behind all of this are.
The sad part is that it would only take one attempt to codify the opposite into privacy laws as a basic right, should anyone ever bother to take up that gauntlet.
I don't think so. If they were, it would actually be better: one can have sympathy for insanity, and at least isolate it, if not treat it.
Instead, it's extreme insecurity combined with limitless regard for infallible authority. The thought that the hoi polloi might write or say things that are beyond scrutiny is intolerable. That's the insecurity part. And all intolerable things must be criminalized, because in Europe, laws infallibly fix everything. That's the authority part.
That's not insanity. That's just how you behave when you imagine it is your mandate to perfect the world and indulge hubris sufficient to believe you have the wisdom to do so.
EU seems to be really good at some things, but this is an example of a legislation that can do way much harm than benefit.
They choose something sensitive as a pretext to push their agenda.
I mean for the actual legit user. Pedophiles will still be able to use encrypted mail, Android phone that are not Google certified and so free to sideload anything, or even just passworded zip.
If this gets pushed through, you will gradually lose control of your government much like how the people of the UK already lost control of theirs.
What are you going to do when the government's interests inevitably drift out of alignment with yours? Start a political movement? You will have the police knocking on your door for criticizing the establishment.
Start a revolution? You have no weapons. You can't even organize a resistance because all channels of communication are monitored.
You have neither the pen nor the sword. There is no longer an incentive for the government to serve you, and so it eventually won't.
No amount of protest will recover the freedom you once had. You're heading towards a society where everyone feels oppressed but no one can do anything about it.
Please stop funding, allying with and protecting the manufacturers of surveillance tools. Stop exporting Palantir products and importing privacy-destroying devices from businesses like Greyshift and Cellebrite. Insist that the US government stop shielding hackers-for-hire like NSO Group who indiscriminately lease their products for discriminatory and illegal purposes. Stop defending "OEM" control that we have all known is a stand-in for federal steering since the Snowden leaks. Stop marketing E2EE while backdooring server and client hardware for "emergency" purposes.
Do that, and you'll never be accused of hypocrisy again. Signed, a US citizen.
I hereby promise not to buy any weapons systems from Palantir or use Cellebrite if I forget my phone's PIN code. Am I one of the good ones now?
LOL. People nowadays don't start revolutions not because of weapons or lack thereof. It's because they're thoroughly entertained and fed; even the entire political circus is a sort of morbid reality show: people tune in to the news to shake their head in disgust at today's latest antics, and will do so tomorrow, because it's all panem et circenses for grown-ups.
The Internet has become the greatest instrument of mass control ever created in the history of the world. It's done. As long people have their Doordash and Netflix, and are too busy working or scrolling instead of thinking deep thoughts, and reading anarchist philosophy, the kings has nothing to fear.
Also, no need to single out the EU. The entire government-as-reality-TV is well and truly an American creation, and your three-letter agencies don't even have to pass any laws to collect information about its citizens. We're all in the same shit, my brother/sister.
That's literally how we got here. People got a taste of unmitigated unprecedented freedom online for the last three decades, and found it so gross that they allowed things to swing the other way.
Even one decade ago, the threat of SOPA/PIPA rallied the internet successfully. Just over a decade later, we're at the point of allowing age verification, for morality's sake, without hardly a peep. The cypherpunks are losing, hard, and honestly, deserve failure for how well their utopia turned out.
European citizens (and soon, American ones too) are discovering that they never held the cards. When you ask your OEMs, cloud providers and DNS resolver who's side they're really on, it's not yours. You, the customer, hold no guillotine over their head.
You're trying to frame the classic authoritarian power grab and desire to fully control the plebs as push from the society. This doesn't sound convincing.
Half of US states now have age verification for pornography; three will be requiring age verification to even download apps soon. There is indeed a push from society to get the internet under control, even if the EU is not necessarily connected the same way.
This is a huge, unprecedented reversal of opinion over the last decade that has almost completely gone over HN's head. The EFF, TechDirt, HN, Reddit view of the world has been tried, found wanting, and is being rejected. The EFF which once rallied the internet against SOPA/PIPA... currently is yelling into a void. Nobody believes in a free internet anymore.
Civil liberties, like elections and liberal principles in general, are unfortunately only popular when the right side (coincidentally one's own) is winning
The worst thing one can do nowadays is blame the masses for their ignorance, thus turning us against each other, while the powerful do whatever they want. Divide and conquer.
The people you mention, whoever they are, are grossed out by human nature.
That happened the moment European countries surrendered their sovereignty to EU.
Which of course is false.
> The principle was derived from an interpretation of the European Court of Justice, which ruled that European law has priority over any contravening national law, including the constitution of a member state itself.
"The majority of national courts have generally recognized and accepted this principle, except for the part where European law outranks a member state's constitution. As a result, national constitutional courts have also reserved the right to review the conformity of EU law with national constitutional law"
And guess why and how they are able to do that - that's right, by retaining full sovereignty of their own justice systems. Even obeying rulings of the ECHR is purely a matter of courtesy more than anything, as neither EU nor ECHR have any enforcement mechanism beyond withholding funding, as many EU member states have proven time and time and time again.
I can't say what it takes in every country, but in Denmark the procedure is as follows :
- The proposed change must pass a vote in parliament.
- There must then be an election to parliament.
- The new parliament must also vote in favor of the proposed change.
- Finally a popular vote must pass with at least 40% of all eligble voters voting for it. If less than 40% of eligble voters vote (regardless of where they cast their vote), the proposition fails.
It probably goes without saying that changing the Danish constitution is not a task taken lightly. The Danish constitution also explicitly forbids giving up soverenity.
My impression is that the UK in particular has that problem. Other european countries take the more pragmatic and sane option of... simply ignoring the EU.
Which ones exactly, and please be specific.
>>control of their currency
I mean, no one was forced to take the euro? The countries that did it agreed to it at their own state level first. And there are many countries that have agreed to it initially and then changed their minds and didn't do it. Yeah sounds like loss of sovereignty to me.
>>a removal of democratic elections for leaders
I'm sorry I think I must have been sleeping in the last 30 years - when did that happen, exactly?
One of the awful things about this proposed legislation is that what I quoted you saying is not true. Software like PGP is easy to use, and criminals already do. The government has absolutely no possibility of breaking RSA the way things are now, and as such scanning all messages will do nothing other than prove more definitively that criminals are still beyond their gavel. In reality, the only individuals who will get spied on are regular people who don't open their terminal just to send a text; exactly the people who should not be spied on in the first place.
When the government realizes this invasive legislature is ineffective, they will probably crack down even harder. After all, what we are willing to accept from rulers has by the looks of it already increased dramatically. I wonder if it at some point it becomes illegal simply to posses encryption software on your personal devices, perhaps even possession of prime numbers that could theoretically be used in modern encryption. How far will the government go to take this illegal math from you?
There is way too much existing deployed systems depending on alternative open source systems, and a mn incentive to use them to keep using old hardware.
And way too strong a strategic incentive not to depend on US tech alone.
https://www.smokingonabike.com/2025/01/04/passkey-marketing-...
The thing people don't seem to realize about the recent Android announcement that they're going to require digital signing for distribution is that it's not about moderating apps. The objective is to make sure developers are forced to disclose their identity when publishing apps because that allows rich companies and individuals to wield the justice system like a weapon. They won't ban something like ReVanced because all they need to do is make sure the system allows others to take legal action against the developers.
The other thing that people don't realize, like some of the sibling comments here, is that using older hardware and tools can only go so far. Normal people aren't going to do that and people that go out of their way to do it are going to be making themselves a target.
There's already a chilling effect in place. All of my teenage relatives were given a mini lecture to absolutely not post about the Charlie Kirk incident on social media and to avoid talking about it in private chat. I still haven't seen an explanation for how the messages in this incident [1] ended up in the hands of authorities.
But he said he had made the joke in a private Snapchat group and never intended to "cause public distress".
The only way to "protect the children" is through education, not by forcing them to have a digital paper trail for their whole life.
Criminalize encryption. Oh you're using cryptograhy? Well then clearly you are a child molesting, money laundering, drug trafficking terrorist. No need to actually decrypt anything when cryptography is incriminating evidence unto itself.
Computers are subversive. Cryptography alone can defeat police, judges, governments and militaries, and computers have democratized access to cryptography to the point even common citizens have it. They cannot tolerate it.
It's a politico-technological arms race. They make their silly laws. We make technologies that completely nullify those laws. They need to increase their overall tyranny just to maintain the exact same level of control they had before. The end result is either an uncontrollable, ungovernable, unpoliceable population, or a totalitarian state that surveils, monitors and controls everything. There is no middle ground.
We are rapidly advancing towards this totalitarianism, and we are eventually going to find out if the people have what it takes to resist and become ungovernable.
One day we will need government signatures to run software on "our" computers. All the free software in the world won't help if we can't run it. The only way to resist that is to somehow develop the means to fabricate our own chips at home. Computer hardware fabrication must be made as easy as 3D printing random objects. Anything short of this and we're done for. Everything the word "hacker" stands for will be destroyed. Our privacy will be destroyed. Our freedom will be destroyed. It's over.
I've seen local judges give interviews to television networks about high profile cases where they were nearly foaming at the mouth with rage over end-to-end encryption. Cryptography is whatever causes that.
Unlike which country? The US I presume? I see very much a lack of any revolutions in the US, and the most resistance done in the past few decades was done by people with no weapons.
I'd say most revolution-like movements of any kind in the US since the Civil War happened without weapons.
As a UK citizen, can you explain your reasoning here? We haven't implemented anything like the chat control proposal and while a few politicians have brought up similar ideas, there is a lot of pushback against it.
If a porn site checks my ID against a gov database, the gov now knows I went to that porn site. That is a loss of both anonymity and privacy.
>If a porn site checks my ID against a gov database, the gov now knows I went to that porn site. That is a loss of both anonymity and privacy.
This is not necessarily true. It is possible to design systems much more like CRL than OCSP, including identity or even just age verification systems. Consider the FedGov sharing a list of public keys tied to identities of people over the age of 18, updated daily, while issuing corresponding private keys to citizens. The citizens could use their private key to sign a challenge issued by the adult media website, who would simply verify that the public key tied to the signed challenge response exists on the list of all public keys tied to identities of people over 18 issued by the fedgov.
With this system, adult websites would not need to send any identifying information to FedGov, nor would private citizens be disclosing any identifying information to the adult website - not their name, not their address, not even their date of birth, just cryptographic proof that they're in possession of a private key that corresponds to the identity of an adult.
Sure, kids could still conceivably obtain cryptographic private keys, just as they can obtain photographs of state-issued government ID that are currently used for age verification.
The real problem with schemes like these isn't the technical feasibility, but rather the capacity of the citizenry to understand and perform their own cryptographic key management.
What you mean is, bad actors are eroding our democracy using anonymity to avoid negative repercussions, but Fox News, OANN, Newsmax hosts, etc, with their names and faces attached to their message, have hurt democracy far worse and more efficiently than internet trolls, and with even less pushback.
[1] https://factually.co/fact-checks/justice/uk-social-media-arr...
How much do you trust your current government with the extensive surveillance apparatus they have created?
How much do you trust the next government?
What about the government after that?
Anyways, the control of speech isn't only in surveillance, it's ingrained deeply in culture, taboos, education, etc.
I have talked to religious people before, they all exhibited a certain characteristic, you could talk about somethings but you can't touch on other things, their mind won't accept it, so they bug and start saying nonsense.
I've noticed the same thing with most people when it comes to certain subjects, you'd be talking to an educated person with a relatively high IQ and a mind that is capable to think critically in certain domains, yet once you point out something their mind has been trained to deem anti cultural (like for example who controls what), they turn into Agent Smith and they stop listening to reason.
Anyways, this is HN so what I'm saying is that the control of the controllers is already absolute, it's been linearly increasing for years, they'd cause something then tighten their control of us for "our safety", until one day we get enough and some take out the guillotines and others the bald eagle etc. been happening for millenia, if we as a species were able to rebel on authority before s*it absolutely hit the fan, history would've been a lot cleaner.
Already happened. That this keeps getting put forward is the evidence. Representative democracy, is not a democracy at all.
Sic semper tyrannis.
We still have Euros. As long as enough companies and rich folk are more on our side than theirs, the government still has some incentive to serve us.
I know, I know - money and politics, wealth and power, they go together at the high end. But there is the oft forgotten long tail, the rich and powerful at the scale of a city, a neighborhood, a niche market. Those tend to side with communities they live in, and in aggregate they still have plenty of pull with the rulers (which in stable times they use to block all kinds of potentially useful legislation, but still, good to have them come the hard times).
Weapons won't matter all that much anyway, for several reasons:
1) Life, especially in the EU, is not like in an American action movie;
2) Citizens here may be significantly less armed, but the same is true of government officials, and even law enforcement is significantly less armed. It kind of evens out, unless military gets involved, but at that point all bets are off - no different than in the US.
3) Firearms have a habit of magically appearing in bulk the moment a revolution starts. When it happens, it's a good indicator you should GTFO somewhere far away, as you're being played by whoever is supplying the weapons to your side.
I don't think that's a correct comparison. If shit ever did hit the proverbial fan, you can bet that any US military walking around an American city would be constantly worried about getting a lead injection from any Tom, Dick or Harry who's got a firearm.
I don't think the same can be said for the vast majority of European cities (assuming the military gets involved).
And then in many scenarios, that Tom, Dick, or Harry gets returned the favor, except with a tank round or worse. If the military remained organized, or at least large factions of it did, it would considerably outclass the general population in both intelligence and firepower / strike capabilities.
Soldiers would be on edge and vulnerable, sure, just like in the conflicts of the past few decades, but overall the military would retain a significant advantage.
Tanks are obsolete weapons - esp in urban areas. They would be taken out by cheap drones. And you are forgetting that for every active US soldier there are ~3x retired and opinionated soldiers. Many of them know tactics to take down armor. And how to train civilians.
Arguing over irrelevant details; all that can be true, and the military can therefore respond not by firing tank shells but by drone strikes, which many of the retired soldiers don't know how to respond to because almost all knowledge of modern drone warfare is in the Russian and Ukranian militaries right now.
In this scenario, if the US civilians were very lucky, the US military have learned nothing from the was Russian and Ukranian forces battle today; likely real scenarios are much messier, internal splits within both military and civilians on Trump/not Trump (different to Dem/Rep) lines, militia with ??? training, criminal gangs taking advantage, reduced international trade (perhaps except for whover supplies drone parts who may prop up both sides at the same time to maximise reveue, perhaps not because that's China and they want factories not rubble piles made out of factories), etc.
https://www.nhnieuws.nl/nieuws/212970/om-waarschuwingsschot-...
Thank you, that was interesting. And impossible to find for those who don't already know the details.
Even the upper middle class in Europe is poor as hell with barely any savings.
When have companies and rich folk ever been on ANYONE's side but their own?
Your arguments are terribly naive.
Only because of the immense wealth, freedom and culture brought by generations of struggle and tenacity. If it isn't defended, it can go away quickly, but the current generation probably won't bear the costs. I doubt that Europeans in the 22nd c. will enjoy such a comfortable life, though.
What are you on about, mate?
Always this cope from Americans. A broad revolutionary movement will have sympathisers in the military and police. They can raid the governments armouries. The IRA became infamous for arms raids.
A little bit off-topic but so called president of the EU is not elected, nor are the figures in so called EU commission :)
EU needs to be made more democratic or we need to severely limit its power, as its original intent, because the current show is just a farce.
The other parts necessary is transparency and democracy but those are on other orthogonal axis.
I can meet my MEP in the supermarket. I can write to him an email and he will reply personally. This is a non-issue.
Give it time. As long as democracy/liberties are not taken away they will heal.
We'll still end up with a Reform government lead by Farage in the next election.
There is little hope if the AFD takes Germany. There might not be much of an EU left soon.
Instead of fighting this unmitigated march towards fascism, all the EU is concerned with is chat controls and further limiting the freedoms of its own population.
Ultimately, those with all the money and power will still have all the money and power, fascism or not. It's just that under fascism, they think their power is easier to maintain, so they will short-sightedly choose fascism.
That will lead to war, will lead to a big reset and then we'll repeat the exercise in 2120 when we've all forgotten, again, that concentrating power in the hands of the few has one inevitable outcome, taught by history again and again and again.
What the world will look like by then, who knows. Hotter, more hostile, digitalised to the point of humans and machines becoming nearly indistinguishable? Who knows.
I suppose there's a chance of this also being the precipice of the great filter and then there won't be anyone to quibble over these sorts of things.
Maybe a new civilisation of intelligent beings will pop up from the savagery of nature. But they will also apply 'survival of the fittest' to all strata of their society and here we go again.
This is not the case for the EU institutions, where the EP is the least powerful body by far. While the EP 'elects' the head of the Commission and confirms the members, it does not choose them. It is not possible to be elected head of the Commission without being nominated by the European Council. This is so far removed from a democratic process we can't really call it an election.
In the EU, no party runs with a candidate for the commission. Those are decided only after the election and are often people that would have lost a party votes if they were known in advance.
On the other hand there is a majority of other citizens which don't have the economic means, who are the victims of this bill, they never haf control of the government and don't want this bill to pass.
Classless "citizens" don't exist. This is capitalism working as usual. Oh, and get in touch with reality please, there is no country where "citizens" don't have guns, it's just not all the citizens.
1. Have you ever texted someone from EU? You are now chat controlled too.
2. EU is pumping billions to foreign countries to promote EU values. How long until they condition this "help" with chat control?
I feel unease when it comes to ChatControl; I don't want my devices to run proprietary, opaque algorithms on all my data. And it feels like it fundamentally has to be opaque: nobody can't publish an open source list of illegal material together with their hash (precisely because it is illegal). That is why I don't want ChatControl: I would want someone to formally prove that it cannot be abused, just because of what it means. The classic example being: what happens if someone in power decides to use this system to track their opponents?
But most comments and most articles talk about anything but that, with honestly weird, unsupported claims:
> It's the end of encryption
How so? What appears on my screen is not encrypted and will never be encrypted, because I need to read it. We all decrypt our messages to read them, and we all write them unencrypted before we send them.
> It won't fight CSAM
Who are you kidding? Of course it will. It will not solve the problem entirely, but it will be pretty damn efficient at detecting CSAM when CSAM is present in the data being scanned.
> With ChatControl, every message gets automatically checked, assuming everyone is guilty until proven innocent and effectively reversing the presumption of innocence.
When you board a plane, you're searched. When you enter a concert hall, you're search. Nobody would say "you should let me board the plane with whatever I put in my bag, because I'm presumed innocent".
> While your messages still get encrypted during transmission, the system defeats the purpose of end-to-end encryption by examining your content before it gets encrypted.
Before it gets encrypted, it is not encrypted. So the system is not breaking the encryption. If (and that's a big if) this system was open source, such that anyone could check what code it is running and prove that the system is not being abused, then it would be perfectly fine. The problem is that we cannot know what the system does. But that's a different point (and one of the only valid arguments against ChatControl).
> Proton point out this approach might be worse than encryption backdoors. Backdoors give authorities access to communications you share with others. This system examines everything on your device, whether you share it or not.
How is it worse? Backdoors give access to communications, this system (on the paper) does not. This system is better, unless we admit that we can't easily audit what the system is doing exactly. Which again is the one valid argument against ChatControl.
> The regulation also pushes for mandatory age verification systems. No viable, privacy-respecting age verification technology currently exists. These systems would eliminate online anonymity, requiring users to prove their identity to access digital services.
This is plain wrong. There are ways to do age verification anonymously, period.
> Police resources would be overwhelmed investigating innocent families sharing vacation photos while real crimes go uninvestigated.
How to say you don't know how the police works without saying you don't know how the police works? Anyway, that's the problem of the police.
> Google’s algorithms flagged this legitimate medical consultation as potential abuse, permanently closed his account and refused all appeals.
The problem is the closing and refusing of appeals.
> The letter emphasizes that client-side scanning cannot distinguish between legal and illegal content without fundamentally breaking encryption and creating vulnerabilities that malicious actors can exploit.
Then explain how? How is it fundamentally breaking encryption and creating vulnerabilities? Stop using bad arguments. If you have actual reasons to go against ChatControl, talk about those. You won't win with the bullshit, invalid arguments.
> ChatControl catches only amateur criminals who directly attach problematic content to messages.
Yep, that's an argument in favour of ChatControl: it does catch some criminals. How many criminals are professionals? Do you want to make it legal to be an amateur criminal?
Don't get me wrong: I am against ChatControl. Because of one argument I believe to be valid: we fundamentally cannot know what the algorithm doing the scanning is doing, so those who control it could abuse it. Of all the discussions I have seen against ChatControl, I haven't seen another valid argument. But this one is enough.
Stop saying bullshit, start using the valid arguments. And maybe politicians will hear them.
Just to be clear: thanks for talking about ChatControl and for bringing visibility to the topic! And I am on your side!
It is not enough to know what the algorithm is doing. It also needs to be possible (for the average user as well) to stop it from doing reprehensible things. If a client-side scanning algorithm is actually searching for e. g. political content, it is possible to detect it via reverse engineering, but merely knowing it won't solve the problem, but instead lead into self-censorship.
https://www-dr-dk.translate.goog/nyheder/viden/teknologi/ana...
It is very obvious that he doesn't understand e2e, yet he will not listen. Bro couldn't even read the Wikipedia page
You can ban this at a provider scale, but you simply can't track or enforce custom implementations at a small scale.
From the European Convention on Human Rights[1]:
ARTICLE 8
Right to respect for private and family life
1. Everyone has the right to respect for his private and family
life, his home and his correspondence.
2. There shall be no interference by a public authority with the
exercise of this right except such as is in accordance with the
law and is necessary in a democratic society in the interests of
national security, public safety or the economic well-being of the
country, for the prevention of disorder or crime, for the protection
of health or morals, or for the protection of the rights and freedoms
of others.
My layman understanding of the usual process is like, we want surveillance over those people and if it seems reasonable a judge might say ok but for a limited time. Watching everyone's communications also seems at odds with the principle of proportionality[2].
[1]https://www.echr.coe.int/documents/d/echr/Convention_ENG
[2]https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:12...
"... except such as is in accordance with the law"
And the "interfering" coming from ChatControl is that "some algorithm" locally scans and detects illegal material, and doesn't do anything if there is no illegal material.
> Watching everyone's communications also seems at odds with the principle of proportionality
It's a bit delicate here because one can argue it's not "watching everyone's communications". The scanning is done locally. Nobody would say that your OS is "watching your communications", right? Even though the OS has to "read" your messages in order to print them on your screen.
Note that I am against ChatControl. My problem with it is that the list of illegal material (or the "weights" of the model deciding what is illegal) cannot be audited easily (it won't be published as it is illegal material) and can be abused by whoever has control over it.
No what? Everyone has been hating on the spying Microsoft has been doing in windows for years. How do you ask this with a straight face.
Would you say that a minimal install of Linux or *BSD is "watching your communications"? It has to "read" your data in order to show them to you, but you wouldn't count this as "watching communications" or "surveillance". Siri running locally is not considered "surveillance".
The problem is when your data is exfiltrated, which is what you complain about with your Microsoft example. But again that's not what I meant.
Technically, I did not say it, I wrote it. Normally, the way it works is that you don't take a single sentence out of its context and then say it's wrong. You take the context.
I specified my thought in the next sentence:
> Even though the OS has to "read" your messages in order to print them on your screen.
Nobody would say that the OS is watching your communications, even though the OS has to "read" your messages to print them on your screen.
It is about control and purpose, "my OS watches my communications" is true but weird to say because there's an expectation, unless compromised, that the OS is under my control so no problem. A third-party controlling the local scan of all my data specifically to report whatever it wants is a huge problem.
Too often are some specific issues left insufficiently addressed for too long and it seems like the answer ends up like, ok we give up, here's some collective punishment, that should do the trick.
And that is exactly my point: you fundamentally can't audit what ChatControl is doing, because you don't have access to the "list of illegal material" (precisely because it is illegal). So whoever controls that list could abuse it.
I see lot of weird arguments like "it's breaking encryption" and "it's destroying democracies". It's wrong. The problem is that it may be abused if your democracy doesn't work as well as it should. And it's good enough an argument to be against ChatControl.
My whole point is that it's not constructive to throw baseless complaints at ChatControl: there is a valid argument against it (still looking for more), and we need to use it.
The phoning home part is the key difference.
It's a good campaign, but let's say national elections are coming, one should know which politicians are in favour or against.
How else can we let our opinion be known other than by voting for the right politicians?
The author says that "the system" will scan data. What "system"? Android? Windows? Linux?
If system means "an application" - how would it come to my OS? Pre-installed? By whom? On Linux??
Everyone owns their key and uses it to exchange their info with others.
Its not complicated and has existed for ages.
Simple fact is people should learn more about IT and exercise more control over their affairs instead of handing it over to corporations.
https://data.consilium.europa.eu/doc/document/ST-10131-2025-...
This legislation appears to be aimed at "services" offered to the general public that provide encrypted messaging, particularly the facility to share URLs, images and video
This proposed legislation does not appear to contemplate internet service providers as encrypted chat/messaging service providers
It stands to reason that internet subscribers who do not use encrypted chat services offered to the public by third party intermediaries, aka middlemen, would not be affected by this legislation
The legislation imposes an obligation on encrypted chat service providers, i.e., non-parties to the communication, to scan _someone else's_ private messages
Obviously, this obligation to scan someone else's messages would not apply to internet subscribers communicating with each other peer-to-peer, i.e. it would not apply to the parties to the communication
It is interesting how HN commenters seem to assume that if this legislation were enacted, Europeans would continue to use these third party services, e.g., for planning the next revolution (the top comment is hilarious)
The legislation is only targeting "Big Tech" and wannabe Big Tech "platforms", it is not targeting encryption per se.^1 It is targeting _those companies'_ use of encryption
1. Law enforcement use of encryption is explicitly excluded
It was never a good idea to let "Big Tech" intermediate communication over the internet. These companies are not a source of "privacy". Their "business model" is based on mass surveillance. As mass surveillance data collectors, "Big Tech" is an alluring and easy target for any government, a "one-stop shop" for law enforcement. There is less need for government surveillance when "Big Tech" is doing it for them
And the worst part - EU is so democratic that we even do not elect most of the people.
https://edri.org/our-work/chat-control-what-is-actually-goin...
We judged this sort of behaviour from countless other countries in the past. At the end of the day, everybody ends up wanting more control.
> There is no on-device scanning without compromising privacy. Scanning that can detect child abuse can also detect human rights activists, investigative journalists, and so on. I imagine this technology can be easily used by the government to identify journalists by scanning for material related to their investigation.
> On-device scanning is a fabrication that Apple foolishly introduced to the mainstream, and one that rabid politicians bit into and refuse to let go.
And I'll add this: Citizens lose of their right to privacy is the death of their democracy.
Compliance overhead alone will kill a bunch of smaller messaging apps that can't afford all the regulatory stuff.
immibis•4mo ago
jjice•4mo ago
dekken_•4mo ago
bigyabai•4mo ago
Sounds to me like the EU is looking to get a more formal approval to act on data they already have.
EasyMark•4mo ago