The most obvious mechanism is a constitutional amendment, but in the U.S. the only amendment to be drafted and adopted in modern times is the 26th amendment (1971), 54 years ago. (The 27th amendment had a weird status where it was belatedly adopted with a 200-year delay.) It's hard to imagine many constitutional amendments actually being passed now because it's been challenging to find consensus on many things within U.S. politics lately.
I don't know that the EU at a supranational level has any mechanism at all to ban future EU directives. Maybe they could decide to remove something from the list of areas of competence of the EU? But Chat Control is under the "Area of Freedom, Security and Justice" and I can't imagine the EU deciding that that should be abandoned as an area of Union competence.
Edit: The international human rights treaties, at least in regulating law enforcement, have tended not to follow the idea that some kind of regulation or law enforcement power is completely off-limits, but just that they need procedural safeguards -- especially for surveillance and investigatory powers. In this case, Chat Control opponents (including me) would like it to be completely off-limits, but the human rights instruments arguments might more naturally go into "did they create enough surrounding rules and mechanisms about how it's used and how it's regulated?" rather than "can we just say governments just can't make this rule?".
It's the task of parliaments, governments, and courts to reevaluate and resolve all these contradictions over and over again. It's tedious and takes a lot of resources, but that's the price for democracy.
Yet still that was never enough for a clear and definitive "no".
It is very likely that the people in favor of this would still try to push it through, or let that happen. They know that the legal battle afterwards to determine its unlawfulness would take years.
And during that time it could already be put it place. And once the legal battle is over (and likely won) severe damage is done and they could still adapt the law or just offer companies to continue doing this "voluntarily". And personally I wouldn't count on Apple, Google, or Facebook to roll this back quickly in that case once they've put it into place.
Speech is restricted the world over for things (fraud, threats, libel/slander, secrets, and more), and we're almost universally in favour of that.
It's a balancing act, and the point where we set the balance is difficult, and constantly changing (should we allow speech that encourages the persecution of other people, sometimes called "hate speech" or should people be allowed to advocate for the murder/rape/extermination of other human beings because of the way they look)
That's not to say that private communication can't already be illegal; mere 'conspiracy' is a crime in many places. Yet the level of surveillance that would be enabled by legislation like Chat Control is greater than any other in history. Even notorious agencies like the Stasi had to pick and choose their targets based on prior suspicion, simply because of the logistics involved in traditional surveillance.
We don't fully know what effects this kind of unceasing, universal monitoring would have on society, and what little historical precedent exists doesn't bode well. Restrictions on public speech however are pretty well understood; we've had censorship in various forms pretty much everywhere in the world at one point or another. We can look to history for lessons about what happens, and can properly discuss (even if not agree!) about when censorship is good or bad for society.
Sure, there is the rollercoaster, ups and downs, small wins and losses going on all the time. But look at the general trends - these freedoms that we enjoyed are by and large being chipped away, it's all trending down, worldwide. It's two steps back, one step forward. Maybe CC doesn't get put in place this particular time, but they will ram it through eventually, at some point the right angle will be found to make the right people vote for it. Then the battleground will move onto something even more egregious, and so on. I'm not seeing why there would be a sudden reversal of this trend in the coming decades.
No matter what the state says, or what legislatures pass what laws, we're going to continue to live out our right to general purpose computing, including sending only what we choose to send over the wire, and encrypting content as we see fit.
Now let's talk about something else.
By way of example: in the United States, the 1st amendment to the constitution guarantees freedom of "the press" - it is referenced not by the right to print what one wants, but specifically in reference to the technology of the time, the printing press.
It's obvious that our evolutionary trajectory is one in which widely distributed general purpose computing is normal.
Making laws that contradict this is just childish, and at some point the adults in the room need to be willing to ignore them.
Civil disobedience involves breaking the law with full knowledge that it's illegal, to protest injustice.
In fact the proposed chat control law has an exception for government agencies
People are not going to stop sending each other their boobs or penii, and while that remains the case, encrypted messaging will thrive.
Ok, maybe these are not weasel words in this case. The CDU probably wants to present itself as a friend of the people using a popular issue that they don't really care about. My suspicion is that this is exactly why the ChatControl issue is brought up yearly. It distracts people from wars, the economy etc., there is a big discussion and finally the government graciously comes down on the side of the people. Each and every year.
Were this true, some politicians would do it for that reason. It would need to get a lot of attention to be an effective distraction, and it does not. The mainstream press barely covers the issue. Many people who would be directly harmed by it don't even know what's being considered.
It's no wonder we see the countries that oppose this as well. Makes one think. Sweden's case is peculiar given their military opposed it. I wonder what's going on there.
¹ Quelle = source, TKÜ = Telekommunikationsüberwachung = telecommunication surveillance. aka installing trojans on your devices.
But then, I hear you. You're German and have no regard for the lives of Poles. Typical.
Blame the Jews, the immigrants, the trans, and then people will grudgingly accept the Gestapo, ICE, prosecution without proof or courts.
Which then allows you to target the opposition without proof.
https://en.wikipedia.org/wiki/Censorship_in_Germany
https://www.lto.de/recht/hintergruende/h/russia-today-verbot...
I'm borderline not joking that there should be warning labels like those on cigarettes on the ballot when voting.
That's the problem with these proposed laws.
We (privacy advocates) have to constantly fight and win over and over again. The nations that want this mass spying only have to win once.
We need a way to permanently stop these proposals once defeated the first time so that they cannot just continue to try over and over again until it passes.
We do have a way to reinforce our position, though!
We can design and consume technology that makes this hard.
We can stop working for companies that build centralized platforms for messaging.
We can teach our neighbors how important rights to privacy and speech are in language that they understand.
There can be enough friction that this becomes harder for politicians. Remember the Reddit Sopa and Pipa protests? - that was pretty epic! I don't think Reddit will help us in its current state, but we can absolutely mount those defenses on Wikipedia, Mastodon, Bluesky, and others.
And we should continue to move off of platforms that don't align with our freedoms. And build our platforms in a way that encourages "normies" to join.
Physical hardware can be controlled, yes. Decentralization and obfuscation similar to TOR is probably needed here.
It is the same as free speech. You can say what you want, but you can go to jail for saying the wrong thing in many countries.
Shooting someone is also "just physics", yet many governments have been known to frown upon it (depending on the context).
> if they say no to your forgetting to scan the case of water on the bottom of your cart, you're going nowhere.
> if they say no to your hacked cable box, you're going nowhere.
> if they say no to your speeding, you're going nowhere.
> if they say no to your weed, you're going nowhere.
> if they say no to your growing a mushroom and mailing it to your friend, you're going nowhere.
There's a whole spectrum of how illegal something is to consider. People break the law every day for a range of reasons from accident, to ignorance, to convenience, to want, to need, etc.
If people all started talking through letter mail, you'd get Letter Control, they wouldn't just forget about it because it's not the internet. If the people somehow become smart and coordinated enough to move to some cryptographically-secure method of communication, your government will probably outlaw the equipment and actions associated with using it in the first place instead of trying to decrypt all communications.
The goal is control of information, and the way of doing that is to force everyone to use unsecured communication with no feasible alternatives. I wouldn't expect kid glove treatment with that, unlike speeding or minor shoplifting.
Article in German: https://netzpolitik.org/2025/eu-ueberwachungsplaene-unionsfr...
ZeroConcerns•2h ago
-ChatControl, as it is currently defined, is not going to happen, because it's absolutely stupid and would make impossible, amongst other things, online banking
-Yet, there is a growing and legitimate demand for lawful interception of 'chat' services. I mean, "sure, your bank account got emptied, but we can't look into that because it happened via Signal" just isn't a good look
-So, something has got to give. Either 'chat' services need to become 'providers of telecoms services' and therefore implement lawful interception laws, or the malware industry will continue to flourish, or something even more stupid will happen
Pick your poison.
RiverCrochet•1h ago
ZeroConcerns•1h ago
RiverCrochet•1h ago
I don't know what you mean by this.
> But please note that I did not list "online banking becoming impossible" as a likely outcome.
No, but it should be a likely and maybe even desired outcome, especially if a justification for surveillance is the prevention of online banking fraud among other crimes.
> Merely malware continuing to be state-sponsored, or certain communications to be surveilled.
Norms and mores change over time, so the only conclusion is that "certain communications" will become "all communications" at some point in the future. I'd love to be proven wrong.
iamnothere•1h ago
gr__or•1h ago
JoshTriplett•1h ago
Something does have to give: the constant demands for interception capabilities on end-to-end encrypted protocols. Those demands must be thoroughly destroyed every time they rear their head again.
qwopmaster•1h ago
PickledJesus•1h ago
The two sides in this debate seem to be talking at cross purposes, which is why it goes round and round.
A: "We need to do this, however it's done, it was possible before so it must be possible now"
B: "You can't do this because of the implementation details (i.e. you can't break encryption without breaking it for everyone)"
ad infinitum.
Regardless of my own views on this, it seems to me that A needs to make a concrete proposal
ZeroConcerns•1h ago
Apps like Signal don't entirely fall within the scope of these, which is the cause of the current manic attempts to grab more powers.
My point is that these powers grabs should be resisted, and that new services should be brought into the fold of existing laws.
The prevailing opinion here seems to be that, instead, state hacking should be endorsed. Which, well...
qwopmaster•1h ago
If you want to prosecute people send physical goons, which are of limited quantity, rather than limitless, cheaper and better by the day pervasive surveillance of everybody and everything.
ZeroConcerns•1h ago
OK, sorry to keep repeating myself here, but... I strongly oppose any kind of "panopticon" like ChatControl.
What I would like to see, is, say, Signal complying with lawful interception orders in the same way that any EU telecoms provider currently does.
So, provide cleartext contents of communications to/from a cleary identified party, for a limited time, by judicial order, for a clearly specified reason.
> pervasive surveillance of everybody and everything
This is exactly what lawful intercept laws are supposed to prevent. And yeah, of course, abuse, but under a functioning rule of law there are at least ways to remedy that, unlike with mass surveillance and/or malware...
NobodyNada•32m ago
Those statements simply aren't compatible.
Right now, Signal is designed by cryptography experts to provide the best privacy we know how to build: messages are only readable by you or the intended recipient. "Lawful intercept" necessarily means some additional third party is given the ability to read messages.
It doesn't matter what kind of legal framework you have around that, because you can't just build a cryptosystem where the key is "a warrant issued under due process." There has to be a system, somewhere, that has access to plaintext messages and can give law enforcement and courts access. The judges, officers, technicians, suppliers, and software involved in building and using this system are all potential vectors by which this access can be compromised or misused -- whether via software or hardware attacks, social engineering, or abuse of power.
Maybe your country has "functioning rule of law", and every single government official and all the vendors they hire are pure as snow, but what about all the rest of us living in imperfect countries? What about when a less-than-totally-law-abiding regime comes into power?
You're proposing that we secure our private conversations with TSA luggage locks.
Zak•9m ago
https://en.wikipedia.org/wiki/Salt_Typhoon
ZeroConcerns•6m ago
No -- that's an incredibly reductive summary, and the attitude you display here is, if left unchecked, exactly what will allow something equally ridiculous like ChatControl to pass eventually.
There has been plenty of previous debate when innovations like postal mail, telegraph traffic and phone calls were introduced. This debate has resulted in laws, jurisprudence, and corresponding operating procedures for law enforcement.
You may believe there are no legitimate reasons to intercept private communications, but the actual laws of the country you live in right now say otherwise, I guarantee you. You may not like that, and/or not believe in the rule of law anymore anyway, but I can't help you with that.
What I can hopefully convince you of, is that there needs to be some way to bring modern technology in line with existing laws, while avoiding "9/11"-style breakdowns of civil rights.
macawfish•1h ago
And how in the world can we have safety if relational trust is suffocated before it can even take root?
Please use your imagination! Those aren't the only options if we embrace trust as essential rather than looking at any need for it as a liability.
dylan604•52m ago
lukan•1h ago
Do you want the police to regularily intercept and check your signal chats for fraud and crime so this does not happen, or what is the point here?
ZeroConcerns•1h ago
No, that's not how lawful intercept laws work.
I want police to be able to obtain a judicial order to intercept, for a limited time, in cleartext, the (Signal chats, or whatever other encrypted communications) of identified parties reasonably suspected to be involved with criminal activity.
ChatControl is not that, and it's one of the reasons it's a nonstarter.
lukan•1h ago
They already have that in most (?) jurisdictions by now.
With a warrant, they can install a virus on the device that will then do targeted surveillance.
ChatControl is bad, because it is blanket surveillance of everyone without warrant.
ZeroConcerns•1h ago
Yeah, and that sponsors an entire malware industry!
I don't really know how I can make my position any clearer, but...
-Malware: bad!
-ChatControl (encryption backdoors): bad!
-Inability to do any kind of law enforcement involving "the Internet": double-plus bad!
-Enforcement of existing lawful interception laws in the face of new technology: maybe look at that?
lukan•51m ago
You could state in plain words what do you propose as an alternative.
I read what you wrote, but have no idea what you propose.
ZeroConcerns•22m ago
It's literally the last item in my list?
But to further clarify: I would like existing lawful interception laws to be extended to services like Signal.
Not in the sense that any EU country should be able to break Signal crypto (as ChatControl proposes, and which I think is an utterly ill-advised idea), but that competent law enforcement agencies should be able to demand unencrypted Signal communications from/to an identified EU party, for a limited time and purpose, upon a (reviewable) judicial order.
Most, if not all, EU countries currently have similar laws applying to telegrams, snail mail, email, telephony and whatnot. If you don't like those either, that's fine, but that's the status quo, and I would like to see that extended to services like Signal, as opposed to incompetently dumb measures like ChatControl...
ori_b•1h ago
Should Thailand be granted access to enforce their lease majeste laws, for example? https://en.m.wikipedia.org/wiki/L%C3%A8se-majest%C3%A9_in_Th...
Who gets to decide what gets made available to who?
pona-a•1h ago
ZeroConcerns•28m ago
We're taking about ChatControl here, so law enforcement of EU countries, under their respective laws, into which EU law should have been incorporated
> Should Thailand be granted access to enforce their lease majeste laws
Same answer as "should Thailand be granted arrest rights to enforce <whatever>": they submit a legal assistance request to the country where the alleged crime occurred.
In the case of a lawful interception request for "lease[sic] majeste" reasons, I'm pretty sure this would be immediately rejected.
But, if not, the EU subject of such interception would have lots and lots of avenues to get redress.
Again, and I'm getting sort of tired from repeating myself: "lawful interception" does not mean "indiscriminate surveillance at the whim of whomever" -- it is a well-defined concept that has been used to determine which telegrams and mail pieces to open and which telephone calls to record for ages now. Your country absolutely does it, as we speak, no matter where you live. It's just that modern technology has far outpaced the scope of this legislation, and things like ChatControl are (incompetent) responses to that.
ChatControl is not a good idea, and has very little chance of becoming reality. But to stop dumb proposals like this from coming up over and over again, something has got to give.
ori_b•20m ago
Hikikomori•1h ago
mattnewton•1h ago
ZeroConcerns•1h ago
There's a different set of laws for that...
rstat1•1h ago
ZeroConcerns•1h ago
But, in a jurisdiction with a functioning rule of law, these abuses can be spotted and remedied.
Doing the same for mass surveillance (such as ChatControl) or state-sponsored malware is much harder.
I'm advocating against ChatControl and malware, and proposing existing lawful interception frameworks as an alternative. But, apparently it's not my day :)
awesome_dude•1h ago
The reason we know is because authorities were able to place listening devices into the rooms that they were in, or surveil them from other buildings.
mattnewton•10m ago
I’m still unconvinced that this make’s law enforcement’s job so hard that something has to give.
DeepSeaTortoise•1h ago
If you're the victim, just hand over the relevant chats yourself. Otherwise, just follow the money. And if the attackers are sitting in a country whose banks you can't get to cooperate, intercepting chat messages from within that country won't do you any good either.
Also, if someone has malicious intent and is part of a criminal network, the people within that network would hardly feel burdened by all digital messages on all popular apps being listened in on by the government. These people will just use their own private applications. Making one is like 30min of work or starting at $50 on fiverr.
ZeroConcerns•1h ago
Because if lawful interception of in-transit messages is not possible or permitted, hacking either the client or the server becomes the only option.
You may enjoy reading https://therecord.media/encrochat-police-arrest-6500-suspect.... Or just downvoting me. Or both.
DeepSeaTortoise•12m ago
Of the serious criminals, the only ones you'll be catching are those with low technical knowledge (everyone else will just be using their own applications) and the Venn diagram of those with little tech knowledge and those whose digital privacy practices could deceive law enforcement resembles AA cups against a pane of glass.
Regarding Encrochat, it is no surprise that an (unintentional?) watering hole gathered up a bunch of tech-illiterate, the fallacy is that those people wouldn't have been caught if they weren't allowed to flock to a single platform for some time.
Would some people have not been caught until much later or even not at all? Sure, but if LE would do its job (and not ignoring, or even covering up, well known problem areas and organizations for years to decades), only those of low priority.
Is that little gain worth creating a tool to allow Iran or similar countries to check every families' messages if they suspect some family member might be gay?
Hard nope.
> Or just downvoting me.
Don't worry, I rarely do that and that's not just because I can't...
marviio•1h ago
Tuna-Fish•1h ago
Why on earth would mass intercept be necessary or even help in that?
If you got scammed by someone, then you can contact the police and hand over your message history. Why would the cops be interested in someone else's message history for this?
ZeroConcerns•1h ago
Lawful interception is not "mass intercept."
It's the ability to surveil traffic from/to a clearly identified party, upon a judicial order for specific reason, for a limited time.
ChatControl, on the other hand, is mass interception. I'm against it. Most people in the EU are against it. But to prevent things like ChatControl coming up over and over again, a basic tool to combat Internet crime is required.
zwnow•1h ago
LudwigNagasena•1h ago
If people speak up and say "take away our rights" at a referendum, let that be their decision, not a political backroom deal.
[1] https://eur-lex.europa.eu/eli/reg/2021/1232/oj
[2] Article 10 at https://www.gesetze-im-internet.de/englisch_gg/englisch_gg.h...
ZeroConcerns•1h ago
Lawful intercept laws exist in most, if not all, EU countries.
It's just that super-national overlay services like Signal don't entirely fall within the framework of those.
So, there is now a choice: expand interception powers indefinitely (a.k.a. ChatControl, which, to make things crystal-clear, I'm 100% against), or bring new services into the fold of existing legislation.
LudwigNagasena•38m ago
layer8•1h ago
Don’t give them any ideas!
rstat1•1h ago
That anyone thinks this blatantly obvious attack on free speech is actually going to be used only for law enforcement is wild to me.