Hacker News new | past | comments | ask | show | jobs | submit login
Chat Control Must Be Stopped – Now (threema.ch)
960 points by andrew918277 6 months ago | hide | past | favorite | 320 comments



I too instinctively bristle at this kind of legislation. It's likely to be abused, with many false positive that make it more effective at sweeping up innocent people, while the guilty just find workarounds.

But all coming on here and saying "ooohh, this is bad, innit!" is not very interesting, and unlikely to prevent it.

Why is the EU doing this? Which political groups are supporting and opposing it? Why now? How are vendors responding? How does it affect non-EU countries?


There are organizations which are selling AI tools to filter content. For instance, Thorn, a US organization founded by Ashton Kutcher and Demi Moore, is building such tools and heavily lobbying for Chat Control in EU. "Ashton Kutcher is a tireless advocate."

https://balkaninsight.com/2023/09/25/who-benefits-inside-the...


Also concerning that he seems to have more input on policy than all EU citizens together. This democracy the EU is implementing is becoming a joke.


"Kelso would've wanted the surveillance state, and he banged Eric's sister so he is someone to look towards for moral guidance"

"Oui oui!"


> But all coming on here and saying "ooohh, this is bad, innit!" is not very interesting, and unlikely to prevent it.

I disagree - this is how the internet can strengthen democracy.

Upvoting and commenting makes this post hit the top of HN and stay there. This makes it visible to many EU citizens who can reach out to their MEP's to ask them to vote against it. Seems a pretty effective strategy to me as someone living in a non-EU country.

Although agree that we should also be discussing the questions you raised.


Complaining is the first step and a necessary one. But complaints need to be turned into critiques and more steps need to be taken.

I'll state that as an American I'm quite unhappy with this as I know the regulations will also affect me and the truth of the matter is that I have a much smaller voice in this matter due to not being a European citizen. I do have additional worry since it was not that long ago which we saw the results of authoritarianism in Europe (though it did result in the strengthening of my country). And my concern is that authoritarianism creeps, often with good intentions but poor foresight. My biggest fear is that we did not learn the great lesson from WW2, in that Germany did not in fact go from good people to the entire country being evil and back to being good people. If we can't understand this process and see how it actually happens (with the details) it will only repeat, led by people that have. But I don't know how to get people to understand subtleties, and that seems like a major issue in a world growing increasingly complex.


They already found out that it is a lobby organization that pushes it for those who sell the products for surveillance. Please google it I am to lazy to search for it. Sorry

Edit: here it is

https://netzpolitik.org/2022/dude-wheres-my-privacy-how-a-ho...


I find it somewhat disturbing that this sort of thing is not considered a career killer for politicians.


My pet made-up theory is that careers aren't really killable like that any more, since Cambridge Analytica.

Before CA, the received wisdom was that if you do something bad, you will need to resign before you are pushed for causing damage to the organisation reputation and therefore electability. This was perhaps borne out with enormous error bars by focus groups and polls asking "would you still vote for X in case of Y".

After CA, and in particular the live social media sentiment data that was gathered around the debacle of the UK Brexit referendum, the data showed that actually egregious misbehaviour did not materially affect sentiments, and perhaps even appealed to a larger proportion of people than believed. For example, the famous "shy Tory" might not show up well in a focus group, but it all hangs out after analysing Facebook's data.

With that data in hand, people started doing things that they would never have dared to do before, knowing that it won't actually harm them, at least in the short run (since this data only shows short term effects).

And that's how we go from resigning over fairly small gaffes to the "screw it, what you gonna do, we know you won't vote for the others, we've seen your data" of today.

Not long ago, calling a woman a bigot on a hot mic was a dreadful PR disaster. Now, you can physically snatch a journalist's phone and it barely registers.

It does, however stack up over time with catastrophic final effects, much like chasing only quarterly figures or always postponing dealing with technical or real debt.


There was a disjunction around the late 90s/early 2000s when the internet got big. That was around the time that the corporate news sources started losing control of the news to more citizen reporter types running podcasts or whatever gets big on social media. What gets called "the narrative" split from being the consensus of journalists to a cacophony of random people who don't form consensuses.

Before that change, a scandal in the papers also meant you had to have lost political favour with the people who owned the media companies, ie, were losing big political battles. You also had no hope of being re-elected through a hostile media because if they didn't carry a favourable message there was no way to communicate with voters. I'd argue people like Jeffery Epstein never really made it to trial or public attention because stories got buried.

Afterwards the better approach is to point and shout "Fake News". There are multiple channels that reach voters and it turns out that the corporate media are actually much more unreliable and unpopular than were previously suspected. A lot more dirty laundry is aired and the Streisand effect takes hold.

CA wasn't the change, it was just one of the first big scandals to happen in the new era.


I don't know, I think there was definitely a turn around the mid 2010s when actions and consequences really started to diverge.

And to be clear, I don't mean that the exposure of CA was the cause, I mean that what CA and their ilk was delivering to their customers - detailed, real time, granular analysis of the reactions to actions.

Some time a bit before the public CA exposure would have been when analysts looking at the data delivered by CA would have first realised just how little what would until then have been "scandal" actually moved the needle of their supporters, without having to infer from slow and inaccurate techniques like polling and focus groups.


We have to make the more traditional methods popular again.


The problem is that this (if my theory is not just bunk) isn't something you can really go back and do differently. An emergent property of the reactions of polarised groups to the behaviours of their leaders was discovered to be quite different to what had been assumed. You may as well say "we have to go back to the old ways" when lamenting the relativity makes physics too complicated.

Though, as to the point I think you're actually making, it's also been made very difficult to object to these things in any terms that could possibly have an effect without being thoroughly denounced as a nutter, an extremist, or worse. After all, the "right" thing to do is always to simply "vote!".


Yes, and this trend is self-reinforcing since politicians generally do not actually receive any punishment for their bad behavior. At best the party slowly loses voters but that is over much longer timeframes than individual politician's careers - and meanwhile all other parties pull similar shit anyway because the short-term benefits incentivize that.


In Greece, we recently elected as representatives for the EU Parliament:

* a 71 year old lady, with no social media and no public speeches ever.

* a guy who used a nickname for his last name, that matched with a military general (who is well known), and many people thought he was the general

* a "journalist" that was caught twice talking on live TV, conversing with a pre-recorded video

* a convicted criminal

It's impressive to manage to fail as a politician.


Hello neighbor. You will never win the competition for choosing the worst possible politicians as long as Turkey has Erdoğan :)


You forget they have Mazedonia and Bulgaria as neighbors ;)


Hi, Malakas.


Also ->

YouTube prankster voted in as Cyprus MEP - https://www.bbc.com/news/articles/c4nnrwr72dqo


Yup that's the problem with PR: people actually get what they vote for. And people are idiots.


I don't know much about Greece and don't follow Greece at all. Every time I hear something about Greece, it sounds like a hot mess.


I think this sums it up pretty nicely. It's a failed state with corrupt people at the top of the government.

The parliament, i.e. the majority, i.e. these people, are also the ones who appoint the judges of the top courts of the country, which all but ensures their immunity.

Their immunity is also enshrined in the consistution[4, article 86] - only the parliament can take an MP to the courts, but guess who controls the majority

Also, they are in the pockets of the local oligarchic mafia [1]: A few families that control the vast majority of the media AND the big construction companies AND the energy companies. They are also the ones that own big part of the shipping industry in Greece. For their sake, back in 2022 when the EU was considering to ban oil shipments from Russia, Greece vetoed that [2]

Oh, and just to be safe, the oligarch's tax exemptions are written in the constitution[4, article 107]

So, the people in the government have an almost complete immunity from everything, which makes them extremely arrogant.

If you add to that mix the total disregard of public services, even hospitals during the pandemic, you get a very beautiful-to-look-but-terrible-to-live-in failed state.

A state that even the EU can no longer turn a blind eye on[5]

[1]: https://newrepublic.com/article/159252/noor-one-vampire-ship...

[2]: https://foreignpolicy.com/2022/11/23/how-greek-companies-and...

[3]: https://rsf.org/en/country/greece

[4]: https://www.hellenicparliament.gr/UserFiles/f3c70a23-7696-49...

[5]: https://www.europarl.europa.eu/news/en/press-room/20240202IP...


Goes to show how disengaged the voters are.


Quite difficult to be engaged with the selection of candidates. It’s really quite the struggle to find someone halfway decent these days


> struggle to find someone halfway decent these days

Would you want to deal with those voters as, effectively, your boss?


I don’t think the voters are the problem. I think the established parties keep growing in all the worst ways, and I don’t think any decent candidate would be able to be successful in this setting.

Would happily work with voters to figure out a path forward.


And why are the established parties doing this? Why is it in their interest to keep advancing terrible candidates?

I dunno. I kinda do think voters are the problem. Or at least a link in a chain of problems, the next link up being corporate controlled media.


I'd say barriers to entry - being an established party gives you more revenue, supporters to do campaigning, influence, etc.

One place that tries to do it better in my opinion is Switzerland. It has a lot of controls to reduce the ability of politicians to act poorly and limits the power of higher levels (if something can be resolved well locally, there's no need to have a higher-level regulation). A lot of process is thought through and in place to enable direct voting on issues. Additionally, it has many levels to get engaged, which lowers the barriers to entry, by being able to have an impact on a local level.



Truly frightening that these are the people who'll be contributing to the decisions made on the future of the internet for the entire rest of the world.


You are overestimating the real power of the EU parliament, everything is finally decided in the EU council. The parliament is more or less kind of a political theatre without the powers you would expect a parliament to have.


While your other examples are damning, I see nothing wrong with an elderly politician without social media profiles.


You'd be 100% correct if that was the case.

However, the problem is that she is not a politician and she has no public presense whatsoever.

She was chosen by her party, and eventually elected because her last name starts with A which put her near the top of the ballot paper.


Ouch, that's bad!


Almost nothing is. Local politicians fail upwards to the EU (at least in Germany) or some private job, if they fail at all. Most of the time, you can do what you want, and the voters don’t care.


"and the voters don’t care."

Then why did so many vote extremist anti EU? There just has been EU election in germany and the nationalist gained a lot. And none of the big parties otherwise said a clear no to that, so what could I do, except vote a small party against that, but too small to really do something?

Voters care. But they see often no point in voting anymore.


That's precisely the thing. Whenever EU does something people don't like, they hate EU, not the council members who voted for it.


Because it is exactly the EU governance that lacks democratic representation, enabling unfavoured politicians to remain in significant power. You can only elect MEPs (via party lists) locally. The majority of legalislation is drafted by the technocratic European Commission and legislation is mostly passed through parlaiment unchanged from there.

There are many nationally disgraced politicians seating in the EP, EC or council. Only the ones in the EP were electible.

The people have correctly identified that a massive supranational unaccountable government is the problem, enabling corrupt people to keep ruling which undermines the core functioning of representative democracy.


How is voting different from other federal states? EP frequently alters EC proposals. Council consists of heads of state, commission is appointed by council and parliament, and the parliament is directly elected.

Not terribly different from how prime ministers ate appointed.


In this specific case I believe that it's the EU Council that pushes for the current iteration of the law, which is formed of the head of states for each EU member.

So, even if they might not be explicitly elected to be in the EU governance, most of them have reached that spot through more or less democratic means. "More or less" because Prime Ministers are usually nominated not elected, but that's still as part of each country's democratic process.


Only direct elections are democratic. Everything else is at best semi-democratic.


The level of indirection is very important and you can only elect a very small part of the council. There are a lot democratic deficiencies.

It lately became en vogue to deny the problem completely and EU politics only got dumber from that.


Can you tell me what democratic deficiencies you see in this? Why is the process of having a prime minister/chancellor/etc as head of state fine in a national democratic process, but not on a european level?

If I see any issue with the way EU passes laws is with the terrible overhead of having three to four bodies that govern the whole process, from proposal to legislature, not necessarily with the way some participants get there.


> Can you tell me what democratic deficiencies you see in this? Why is the process of having a prime minister/chancellor/etc as head of state fine in a national democratic process, but not on a european level?

Well for one because people already vode with the head of state in mind when choosing the party. Even if they were aware of the EU politicians of said party (which is never part of the campaign materials) then they now have even more things to compromise on with a single vote.

> If I see any issue with the way EU passes laws is with the terrible overhead of having three to four bodies that govern the whole process, from proposal to legislature, not necessarily with the way some participants get there.

Actually that's the EU's saving grace. The more people are affected by new legislation the more difficult and slower it should be to push that legislation through. The EU should be slow moving but instead we are constantly in a situation like this where bad laws are not far from being passed.


> Even if they were aware of the EU politicians of said party (which is never part of the campaign materials) then they now have even more things to compromise on with a single vote.

Maybe I'm thinking too hard about the problem, but my impression is that the role of the head of states in the Council is to represent to the best of their abilities their own countries. In that, there's nothing to compromise on when a citizen votes. If you think that person is the best to head your state, it tracks that they can do that once in the Council's chambers. I understand this can sound naive, but meh, European politics is already pretty complicated, having yet another corps of people that needs to be voted democratically feels like it adds another snag in the existing democratic process. And personally I strongly believe that anything that can be done to make it easier for citizens to materialize their democratic options the better for their nation and the EU.

I think Europe as a whole (alongside many other nations, really) suffers from having a disenfranchised and apathetic majority that prefers not to participate in elections, because they don't find representation, because it's an inconvenience, because "what's the point?", etc. All of these paper cuts lead to the results we see today after the EU parliamentary elections ended: more and more support for divisive politics. A better democratic process would drown these voices in the vast majority of moderate people in my opinion, and that's what we should strive for.

Having semi-elected officials as Councilmembers is such a small inconvenience in front of that.

Anyway, sorry for the long(ish) rant. To sum it up, I think the solution to assholes representing their countries in the EU Council is not yet another democratic process, but making it easier for everyone to cast their vote, so extreme options are less likely to crop up.


By voting for the members of parliament, and the parliament then deciding everything else... Ideally things should work out as the people want it. Otherwise it would mean that democracy just doesn't work...


Supranational/federalist "representative" particracy does not work.

Representative democracy works better with increased locality, where policy and politicians are directly beholden to constituents.


Yes, this is called a representative democracy. The fix is to vote for representatives who represent your values. Or run yourself.


Representative in what way? 700 MEPs for about 450M people means each one has 640k "constituents". Those "constituents" are really a fraction each person all smeared about. Lastly if they were actual people and an MEP were to hold a consultation to get their views it gives each person less than 1 minute each year assuming the MEP was available 24/7/365.


Well if they're modeling if after what we have in the US they pretty much nailed it. 435 representatives for 330M people or around 758k constituents per rep.


There are many different types and implementations of representative democracy. And the supranational technocracy-driven particracy of the EU is only representative in name. It is on the oligarchic end of the democracy-oligarchy spectrum.


> There just has been EU election in germany and the nationalist gained a lot.

That really depends on your point of comparison. Compared to their 22% high in February, they lost a lot with 16% actual votes (more than 25% down). 84% voted something else.

https://interaktiv.tagesspiegel.de/lab/europawahl-2024-sonnt...


How many people did actually bother to vote in Germany?

Here in France, the "extremists" got a bit over 30% of votes. But turnout was only 51%.

According to [0] average turnout is 51%. Some countries have very high numbers (IIRC voting is mandatory in Belgium?), others ridiculously low. This, to me, means pretty much that "voters don't care".

[0] https://results.elections.europa.eu/en/turnout/


> This, to me, means pretty much that "voters don't care".

This is simplistic. Some have simply lost confidence in their representatives and/or cannot find a decent candidate.


Would be interesting if voter turnout somehow had an effect on the government. For example if the required consensus for new laws would be scaled by the turnout - e.g. for if there is only 51% turnout then any laws that need a majority consensus would need almost all politicians to agree. Could provide interesting incentives for politicians to care about voter engagement and political education.


> How many people did actually bother to vote in Germany?

64.78%, or over 40 million in absolute terms.


> How many people did actually bother to vote in Germany?

People (including me) doesn't want to bother with voting when the whole thing is a farce - it's beyond my understanding why would someone be enticed to vote for incompetent politicians who get parachuted into EU parliament to earn hefty wage - very often as a reward for outrageous behavior, there are multiple examples of this, influencer from Cyprus, that polish MP who got expelled from Poland's parliament for outrageous behavior - surprise surprise - he got comfy EP seat. Absolutely disgusting.


I find a better action than not voting is to vote for the smallest most extremist fracton you can find even if you don't agree with most of their policies. Low voter turnout doesn't make headlines, the "bad" parties gaining traction does.


Most people probably don't even know the EU policies of the candidates they are voting for and are just going by national party lines. Why nationalist parties are winning when the current and previous governments have been going full steam ahead in the other direction while ignoring the entirely valid concerns of the populance should surprise no one.


> Then why did so many vote extremist anti EU?

That is one of the issues, no EU election would have changed what the commission is doing at all.


> Then why did so many vote extremist anti EU?

Like the parties (again, here in Germany, don’t know enough about other countries) that manage to be even more corrupt? That actually supports my point. The biggest winners here were the anti-EU-pro-Russia AfD and the pro-EU CDU both with the biggest corruption scandals in recent years, and the CDU is even the party that sent the horror that is EU commission president von der Leyen.


> Then why did so many vote extremist anti EU?

Is the EU really a benefit to the people? Or is it a shit pool full of scum bags providing quite some damage to societies?


All things considered I think that’s a strong yes. Open borders, free trade, technological collaboration, and shared health, industry and consumer regulations help accelerate economic development. Can’t throw the baby out with the bathwater.


Economic development? Which countries?


Erm, all of european states are quite better off, than their neighbors?


First two have been utter disasters however, and are directly affecting people on a daily basis now. Here in Scandinavia it’s coming to a head but it’s a similar story further south, in Germany in particular.


Immigration, which I assume is what you’re hinting at, has nothing to do with open borders between EU states.


Unchecked cheap labor from eastern european countries has had a dramatic effect. That's directly related. But illegal immigration also does because the moment you get in to one lax EU country with open borders to another, your movement is a lot easier.

I live this reality and have family in law enforcement. You might not want to believe it but it's absolutely the truth on the ground. We need to control our borders much more strictly.


At least for Germany that situation is not imposed by the EU but is entirely due to the choices of the local politicians.


Pretty much all the environmental protection legislation we have in Ireland came from the EU. So yes, a benefit


On the otherhand, Ireland's corporate-friendly laws are a negative for other EU countries.


> Is the EU really a benefit to the people

Obviously, yes.


Those not yet brain washed voters do actually care.

But then there are the „Wahlhelfer“ who openly proud themselves in Twitter to invalidate votes for parties they disagree with.

This is democracy?


Sources?


And, on the flip side of the coin: once you are sufficiently disliked, almost anything can be taken as the trigger point for a scandal.


But when was the last time a "scandal" has resulted in actual negative outcomes for a politician?


Same in Spain.


Absolutely. It only works because they claim it's for the protection of children.


They ride the wave and find always some excuse. It was fighting the terrorists until a few years ago, now it's children again. Next year could be to help the climate or protect lbtgqi++ rights.


> Next year could be to help the climate or protect lbtgqi++ rights.

Unlikely—this would actually benefit people.


Chat control would benefit people, if they say it's for climate or lbqtg++ protection?

But it won't benefit if they say it's to fight the terror or protect the children?

If you really think that spying is OK, if they have "good enough" excuse, no wonder we get all this shit enacted.


[flagged]


Which is a very interesting asymmetry, if we're stipulating that these are merely excuses. It implies that "think of the gays" will lose you more votes than it gains, compared to "think of the children". Terrorists and children are apparently the optimally intersectional bogeymen and helpless wards respectively.



We need to define "politicians" first. I can see your point if "politician career" means "being repeatedly elected" (even though other people pointed out what are the problems in this case). But the EU Commission isn't elected. These people are appointed by some fucked up complicated process. They definitely seem to have pretty good careers, but what are these careers — I wish I knew.


Well, people wanted even more alt-right representation in parliament, MEP support for the entire package of policy "Chat Control" is part of is now higher than ever. There is a lot more "for the children" policy coming up.


Yeah, although really no-one of the 'regular people' (well, I have even educated programmer friends saying it's good to catch criminals) care/know (they glaze over when I talk about 'another tech blah') about this, they did vote the people in who like this kind of stuff (and probably are somewhere making $ with it).


This isn't necessarily true: the Identity and Democracy faction is explicitly pro-privacy, digital rights and against Chat Control.

- https://id-party.eu/program/ (ID Party Official Site)

- https://idgroup.eu/news/online-censorship-is-a-threat-to-eur... (ID Group News)

- https://en.wikipedia.org/wiki/Identity_and_Democracy (Wikipedia Overview)

- https://id-party.eu/declaration-of-antwerp/ (ID Party Official Site)

The ID group is opposed to EU-wide surveillance measures, and promises to protecting individual privacy and national sovereignty.


FYI, 84% of ID has voted pro chat-control in 2021.

https://mepwatch.eu/9/vote.html?v=134463&eugroup=ID


I stand corrected. Guess all that posturing about privacy was all empty election promises then.

Seems like only the Greens, the left and within ID the AFD voted against.


The populace is clueless and/or ignorant, and Brussels has a well earned reputation for being a popular toxic waste dump for unpopular politicians. To give some examples from Germany, we dumped Günther Oettinger and Ursula von der Leyen there in the last two elections, and this year our far-right party managed to place a suspected traitor on the top of their list.


Thanks for that Germany.

Won't you take her back and make her Minister for Castles or something,


I mean, if you asked many people "is it ok if the government can read some of your chat messages in exchange for catching a bunch of child pornographers," this will be a very popular "yes" vote. People are generally very willing to trade some rights and freedoms for safety. Or don't realize the trade-off they're making.


One of its champions, Ursula von der Leyen, is pretty popular. One of the main reasons for that is that people don't understand what she is saying.


Popular or infamous? Never heard the nickname Zensursula?


It's their job and goal in life to hurt the population


They can literally just sit there and it would be better…


They have to justify their existence and maximize growth and headcount. In this case I’m not sure if it’s the politicians themselves as much to blame as the EU apparatchiks and lobbyists


More control is the objective.


Can someone explain to me why, over time, democratic states tend to drift into mass surveillance ?

Is it beacuse a lot of people feel unsafe or is it because the people supposed to ensure our security see it as the "easiest" or most effective way to do their job?

Is there so much benefit to having a fuctioning mass surveilance apparatus, and if yes, who benefits of it if not the people for whom these rules for in the first place?


> democratic states

Democracy is a spectrum and it comes in many flavors.

For example nobody voted for von der Leyen, the French voted against the EU referendum in 2005 but the government still went with it, there hasn't been any referendum in France since


Which are examples of democratic deficiencies that might be indicative of the EU not being particularly democratic.


> Can someone explain to me why, over time, democratic states tend to drift into mass surveillance ?

Democracy, even a flawed democracy leaves the status quo power structure vulnerable to being changed by popular political action. Mass surveillance allows the existing players to identify any nascent political movements that may eventually grow to threaten them and undermine or destroy these movements before they ever become a threat.


It's because the ruling class inevitably realizes that the polulace is the main threat to their continued rule and seeks to control them.


There's no democracy, it's just show. Mass surveillance is necessary to keep the power.


In this case it's not really about mass surveillance. I genuinely do not believe it's the intended purpose (even if it is the actual outcome).

The issue is that Europe is behind in tech; particularly big communication networks (aka: social networks). One key element here is that the amount of taxes paid by the Facebooks and co. is ridiculously low and their importance in the economy is getting bigger and bigger. This causes a significant risk for the future.

Any attempt that we made to combat this on the technological aspect has been a complete failure.

To protect its citizen, Europe uses the biggest weapon at its disposal: regulations. The point is not to impose mass surveillance, nor is it to protect the children; the point is to hurt social networks because they are perceived as a threat (real or not). Hammer them with regulations until it's almost impossible to comply, if possible by implementing conflicting ideas (protect privacy of everyone BUT check every image for child pornography !).

The desired outcome is that: either the social network goes out of Europe, or decides to accept the fines, which more or less corresponds to what Europe believes should have been paid by a fair tax system.

Expect the exact same thing to happen with AI.


That doesn't make sense. There are 2 versions of chatcontrol:

1. Voluntary chatcontrol (i.e. temporary derogation of the ePrivacy directive)

2. Mandatory chatcontrol (i.e. services must scan private communication once a detection order is issued)

The first version of chatcontrol is currently in effect, but it will expire in a few years. It was introduced, because social media (like facebook) was already scanning private communication to find CSAM and then someone pointed out that this is illegal in the EU and thus the ePrivacy directive was sabotaged to allow the scanning of private communication.

Facebook wanted to have a legal basis for the scanning of private communication. This does not hurt non-EU social networks, it helps them.


They don’t need mass surveillance to crush Facebook/tiktok in the EU, so I don’t see how you can draw this conclusion. They can easily regulate those two (and other)entities out of existence. Just make it illegal for anyone under 21 to use them and require everything to be kid friendly (no porn, no violence, no addictive advertising, etc) and they will be useless to virtually everyone except the elderly and that’s not where the money is. So I feel that this 100% about surveillance for the police state to comb through everyone’s lives looking for crimes to prosecute. There are so many laws and regulations I suspect most of us break multiple ones a day without realizing it.


Domestic incumbents (social networks or messenger apps) would need to jump through the same hoops. So, I would say that, as a whole, the goal is to get people to self-sensor and to fear the establishment.

If the EU wished more competition by domestic companies, they could simply pass a law restricting the income tax by member states to not go over 50% of earned income. In my current jurisdiction, a lowly IT worker can easily pay a 66% tax rate, with 54% being paid as nominal taxes and the rest going as employer taxes. Unless you are self-employed, in which case you will get to pay your 66% with no smoke curtains in the middle.


> In my current jurisdiction, a lowly IT worker can easily pay a 66% tax rate, with 54% being paid as nominal taxes and the rest going as employer taxes.

Now add VAT to really see how little of your labour translates into purchasing power.


This doesn't make any sense. The big social networks can aren't hurt by a requirement to scan messages. At best its another operating costs.


"But the pedos" is a guaranteed way to lure voters.

Besides, there is a laaaarge amount of influential, rich and well connected people like Ashton Kutcher/Thorn willing to profit off of it. They're selling out our freedoms for personal gain.


The issue is the rise of mass surveillance tech, which makes it too easy. Also, tech creates new threats (including terror plots, protecting children etc) which drive demand for the surveillance.


> Also, tech creates new threats

Tech doesn't create terrorism or child abuse.


These are human nature (unfortunately) - tech creates new methods and channels to conduct and amplify these evil behaviors.

Please don't paint bike sheds. Drones are a new threat, obviously with humans manufacturing, arming and flying them.


This is unironically it.

Technology is evil. Specifically, the Internet is evil.

It's why it's got such a uniquely rich potential for dystopia, why all news is always bad news, why it's always getting worse.

Technology, as it progresses, is the enabling of power. So you'll find more and more power exerted over you because people can't resist. You'll have to assert power of your own to counter it, like switching to Linux or using a VPN. Or torrenting a media to escape the oppressive DRM placed upon it. But it's essentially a war you've found yourself enlisted in. If you've got the chops to fight in it, you're lucky; most don't.

I single out the Internet because it connects us with oppressors and makes us reliant on them more intimately than ever before. AI will be able to extend that oppression even in an air gapped environment because now the oppressor's intent can be packaged up and installed on the machine like never before -- no connection required.

And, in the limit, I think it all ends with gray goo, Daybreak style.


The internet also connects you to your peers. It is your choice who you become reliant on.

DRM is not caused by technology, it is manufactured by laws that make it illegal to break. Operating systems that take control away from the user are not caused by technology, they are made possible by laws that make it illegal to modify them and share those modifications. Doomscrolling is not caused by technology, it is made possible by allowing corporate proaganda (aka ads) which make rage bait profitable.

We are in this dystopia not because technology is inherently evil but becaus this what our governments want.


Have you thought that they tend to drift to totalitarianism, in fact?


All police organizations will want complete control. It’s up to democracies to fight back. I think politicians are noticing the public are vulnerable to fear mongering about kids and crime and the “big bad cloud” and using that to get more power for their police apparatus, it doesn’t matter if you’re in a democracy or totalitarian state, governments want more power, all the time, every time. Except in a democracy you can fight back by voting, publishing, contacting representatives. It is getting harder but it’s still possible. Such things aren’t possible in Russia or China without Massive Upheaval and the dictator fearing loss of control, but otherwise no big deal for most changes in the laws.


> democratic states tend to drift into mass surveillance

I am not saying this is false, but think about the inverse: are there non-democratic states never drifting into mass surveillance? Maybe it is a symptom of a developed, high-trust society.

Which doesn't make mass surveillance a good thing. I'm just contemplating whether it's even possible to turn out different.


When you have democracy the democratic process is now available to undermine it.


It is not about democracy, it is about bullshit jobs in IT sector. Too many useds are fooled with proprietary software.


> And EU professionals like lawyers, journalists, and physicians could no longer uphold their duty to confidentiality online.

This is the point that needs to be hammered home. Allowing governments access to everyone's confidential information is a massive security disaster waiting to happen because bad actor's will target this backdoor.


PGP encryption should be taught in school. Ingrained.

Data privacy used to be trampled on with the fear of ‘terrorism’, but the Americans blasted the airwaves with the word so much that it diluted the word to the point it instills zero fear.

Now the new words of the times to trample on privacy is CSAM.

And like utter fools, the public fall for the same crap time and time and time again.

The truth is, the world will always be shit and have shit people in it. Those shit people will do shit things.

It’s a fight over your soul now. And the AI is going to love love love everything it has on every single person on the planet. I can’t wait for the AI to come for us all - we are collectively just awful (and I believe we the west are probably more awful to humanity than even the Chinese, Israel or the Russians, and that is saying something).

I am mad.


Please give examples of how the authoritarian, repressive, conformity-demanding CCP is less awful and soul destroying than Western democracy, as flawed as it is.


No need to compare to China, the German authorities can be repressive, they do search your home if you call an official a penis. Home searches are done casually because the judicative branch is overworked, neglects its responsibility and just waves such demands through. You lose your electronics and maybe your property gets damaged. Of course for a developer your electronics might be quite valuable as well.

With a mechanism like this, this probably will increase further, apart of course for the unjust violation of privacy and even dignity. This is a law that contradicts the constitution very directly.

Also, this is policy that was not brought through democracy. It was created by European Commissioners that only have a very low democratic legitimacy for far reaching policies like this.

It would be a disaster for the EU and all its citizens if this comes through and everyone will loose.


Want to check how many died in Iraq, Afghanistan, Libya and Syria between 2001 and now as a direct consequence of Western military action, versus how many people the PLA killed in foreign interventions in the same period?

Hint: the former - hundreds of thousands, the latter - zero


https://en.wikipedia.org/wiki/Mao_Zedong:

> Mao's policies were responsible for a vast number of deaths, with estimates ranging from 40 to 80 million victims due to starvation, persecution, prison labour, and mass executions, and his government has been described as totalitarian.

I guess according to you killing your own people shouldn't be counted.


Surveillance on internet use in China probably results in many visits to forced labour camps. Or worse.

Imagine the Chinese people agreed and voted for their great firewall, wouldn’t we all think they were fooled into sabotaging their own freedom?

But they never had the chance to oppose it. We do. And so who are the real dummies.

With how popular Trump is in the states, that makes me think dictatorship is just around the corner. Settling scores is coming.


Interesting you claim Trump is a dictator, you must’ve forgotten the attempts by the left here to remove parts of our constitution, including for free speech and consistently remove freedoms when one person screws it up. Another example, every car having interlock devices.


Mao Zedong's CCP is as relevant to the present discussion as say Adolf Hitler, US treatment of Native Americans or British/French/Spanish colonialism. All awful, yet not awfully relevant.


NSDAP hasn't been in power in Germany for like 80 years now. Meanwhile Mao's CCP is still in power and they haven't disowned him.


And indirect, through the use of manufactured ‘uprisings’ which the West are great at.

But really, you can go back many more decades than that. Innocent lives are not something the West (especially USA) have historically valued.

I hate bashing the West all the time, but come on, we aren’t the good guys in the world. And it’s time we own up to who we are. I have ffs. And I do wonder if the world would have been a more peaceful place if we collectively had more soul.


Why don’t you instead look at the number of people killed throughout the globe as a result of China and then compare that to the number with the West.

Literally soul destroying. As in life destroying.

Meta data kills people. Now it’s moving way further than meta data..


western democracy is good for people in the west.

not other countless nations that have been enslaved, colonized, invaded, subjugated, stripped in the name of democracy and religion.

Russia, CCP etc are horrible too - but let us not forget history.

The Global South Remembers.


Western nations aren't solely responsible for insufficient historical education.


Germany committed the Holocaust in my country. They murdered more than 100k of our citizens. And even more died in the WW2 that they started. But now we are in the same political, military and currency union with them, because countries and their ideologies change.


> and I believe we the west are probably more awful to humanity than even the Chinese, Israel or the Russians, and that is saying something

This is a wild POV to hold and one I'm pretty disappointed to hear on HN. You'd really prefer a world of Russian hegemony over NATO? My cousins in Ukraine would be shocked to hear otherwise smart people cheering on a regime which the rest of the civilized world has broadly condemned.


You serious? I nearly cried watching what was happening in Ukraine early in 2022.

You are making bad assumptions here.

But if you want to put it into perspective… think about what is happening in Gaza. Now compare to Ukraine. Russia has plenty of missiles and by comparison (even while absolutely awful) have shown much more restraint. I don’t support them at all though!


Russia is showing restraint because they’re fighting a war of attrition, are the invading force, and believe they have something to prove with a win. Israel is removing a terrorist organization from the face of the earth.

Not the same.


Someone is benefitting and it's not 'the children'.


> Besides, there’s no way of really knowing whether Chat Control would actually be (or remain) limited to CSAM.

I definitely agree with the article here. Probably after Chat Control will be implemented for CSAM this would act as a gateway towards using this tehnology for other things.

I am curious whether chat control will extend to mail or other means of online comunication, if it will be implemented ofc(hopefully not).

I’ll probably start communicating with my friends over phone more either way, I don’t want my conversations to be monitored 24/7.


> I’ll probably start communicating with my friends over phone more either way...

Talking to people is great. I write science fiction for a hobby. In my stories, when two people want to have a private conversation to discuss some economic barter that can be construed as tax evasion, they take off all their clothing and go swimming to a beach with noisy waves. But there is always that lingering fear about if anybody surreptitiously got a microphone implanted during their latest root canal treatment...

Truth be told, I'm a very unimaginative bloke, because in my current jurisdiction banks are already forced to report on their customers, and in my previous one, the government had a decided phobia of cell-phones and attributed to computer printers in the hands of civilians the same dangers of an independent printing press.


today's voice recognition tools are pretty good, look at meta's recent results. I wouldn't be that sure that phone discussions will not be monitored in some future. It's likely the other way - phone service providers are few in nr, it could be easy to force the change on them


I don’t know about Europe but the US has been scanning trunk lines of domestic and international calls for decades looking for keywords and actually have decades of archived conversations that AI will make it all the more feasible to comb through and look for thought crimes.


The wording in the current draft seems to indicate that it applies to "providers of hosting services and providers of publicly available interpersonal communications services". So unless this includes ISPs, I wonder if that means a decentralized P2P service is not covered.


Not applicable, nor enforceable. If this were to pass then the next Signal will be P2P. There are already some good protocols like Tox.

Ironically the pervs will still be using WhatsApp, and just put their CSAM in a password-protected zip file before sending.


You should scan on the device before it goes on the network. P2P networking or not, the app should include a scanner.

Even if you use an open-source clone without scanner, your contacts most likely will use an app with builtin scanner. Your communications will be scanned on their end.

At that point I'm wondering why we don't also open and scan regular mail at the post office before delivery.


> At that point I'm wondering why we don't also open and scan regular mail at the post office before delivery.

We do open and scan some percentage of regular mail at the post office. It's difficult to find exact sources because the USPS only seems to easily admit to doing it for postage reasons, but it's fairly well known that they search for drugs, bombs, etc. Mail is subject to X-ray scanning and being opened under suspicion of a variety of things happening. When they can't open it themselves, they're also allowed to request permission from the recipient (you can refuse, but then they can go to a judge).


X-Raying import of goods is one thing. What I'm thinking about is more opening letters to read writings and check pictures, without explicit permission nor judge involved.


This is exactly what parent is describing. If you’re on a suspicious person list, or happen to cross paths with one, your mail is likely going to be scanned. I can’t find the source now, but also once read the NSA can intercept a package, modify the contents and send it’s on its way without even a delay in the tracking.


I also wonder how it applies to Matrix, which is encrypted and technically decentralized.

However most users will be using the matrix.org homeserver, which makes it effectively centralized. Though I can still create my own homeserver that talks to matrix.org.

Would matrix.org be forced to offer scanning / a backdoor on the homeserver? Or would they be forced to add something to the official apps, which is pretty ineffective as there are many client apps.

All in all this proposal seems like a complete mess.


Reading the text, they will require the operators of the server to provide the filtering and would be liable if they didn’t.


Following the links from this article to the EU directory[0] I tried to visit the site listed as my country's official representatives only to find a literal blinking "under construction" gif: http://www.irelandrepbrussels.be/

Amazing.

[0] https://op.europa.eu/en/web/who-is-who/organization/-/organi...


Just sent an email to the Swedish representation in the EU, if some other Swedish resident wants the text to be adapted for your own use, let me know and I will share it.


Please send it over, my e-mail is listed under my profile!


I tried sending an email using the info from https://op.europa.eu/en/web/who-is-who/organization/-/organi... !


Seems there are videos https://video.consilium.europa.eu/event/en/27508 . Sound isn't working for me though.


Problem is most of the people don't care because they "have nothing to hide". Moreover, do they really think this is going to solve the issue of child pornography?


the issue cannot be "solved" it's a false myth that the issues need to be "solved". Have we solved murder yet? And why in the US the murder rate is 10 folds the European one? Are US politicians lobbying for more homicides?

It's too easy to frame the issues in a context where I am right and the other part is wrong, because yes.

I used to run a service free as in speech and as in free beer to host little snippets of text to pass them around, I started it because I was tired of not being able to easily share some piece of information from my mobile phone to some other device.

It's astonishing the amount of spam and illegal material, from simple copyright infringement to porn - probably revenge porn or people sharing media of unaware victims-, that the service was getting used for in a very short amount of time.

I guess there are probably botnets scanning the entire internet for vulns or open services to abuse them.

I shut it down voluntarily, nobody reported me or said anything to me or forced me to do a thing, I simply did not want to be part of something like that and and had no time/resource to properly fight the spam.

This is the sad state of affairs and refusing to even discuss about it, to me means burying your head in the sand.


Statists pave the road to tyranny with their good intentions.


Rather, people make up excuses for the elite to cope. There are no good intentions involved in this.



There must be something toxic in the water in Brussels.



There are exemptions in the document and this article also talks about it; it would be good to know what tools we can use (p2p chat etc) that are exempt from this. I guess most people will blindly accept and won't care, but at least people can move if they do care (and possibly convince others).


I would think a peer-to-peer system would not be exempt from this legislation, particularly given my understanding that the EU courts do not look favorably on gotcha-style analysis of laws that are limited to definitions of words used being twisted to claim "I'm unregulated". If you are a developer who works on a chat client as part of a decentralized service, I'd expect both you and all of the people running the network to suddenly become service providers subject to this law.


It's impossible for the EU to apply any meaningful enforcement action to a P2P encrypted chat system made by non EU citizen developers residing in a non EU country. Sure, the EU can declare your app is subject to this law, but then what?


Just not being available in app stores would effectively stop its usage.


That is hardy going to be a factor. Most people are not going to care anyway and those that do will be able to install it without an app store.


Those pesky seed servers will still exist though.


There was a discussion about Matrix here;

https://news.ycombinator.com/item?id=40713065

But it seems (as always) not easy to determine.


It took a bit of time but we are finally reaching sovietic dream of mass surveillance. We just need extremist to be in power (oh wait!) so it can be enabled for other purposes and we'll get full powered Stasi.


Well the police aren’t going anywhere and they are the ones pushing for this tirelessly. This is everything to them to make their power (and politicians) absolute. They will have dirt on everyone if you can’t have private conversations at all. Even if it’s not illegal they will find something immoral to destroy your life. Allowing police (the government) to become nearly omniscient is a very very bad idea.


Well they do keep electing communists in Europe so it makes sense the Soviet dream state is near completion.


This has more to do with totalitarism than communism. ChatControl is getting support from parties labelled as both left and right.


By communists you surely means far-right.


Which countries in europe are run by the far right right now. Most governments are still decidetly center-left even if people are finally standing up to them with their votes.


I’m sorry if this is a stupid question, but I want to ask it because I see the same sentiment across HN and other forums and I’m legitimately confused.

If we don’t hijack privacy in messaging, how do we fight crime happening on a message platform? If government doesn’t have access to message contents, what’s stopping criminals from using the platform and never get tracked down? Or proven guilty, since all the proof is safely encrypted? Aren’t we hurting ourselves by being so obsessed with privacy? Again, I apologize for ignorance and am curious


The criminals absolutely will move away to something that is outside government control. Many such apps already exist and you can run what you like on Android phones with custom ROMs.

Think about it - if you're a criminal, and you know about chat control, why would you risk your chats being leaked at all? Why wouldn't you use a different app that you know to be more secure (this already happens for any serious crime already btw)

It's precisely the law-abiding people whose privacy will be invaded for no-gain


Until possession and distribution of such apps becomes a crime in itself.

That's the only way to enforce it and there is history for it in cryptography export laws and anti-circumvention laws.


Criminals don't care about what is "legal", that's what makes the criminals in the first place and in any case, what are you going to do? Ban encryption entirely?

Perhaps we also should ban mathematics and books while we are at it? After all, criminals can read chemistry books and learn how to make explosives..


Apparently the cartels in Mexico have discovered a way to mix crystal meth with gasoline, put it in a cars tank, drive it across the boarder then separate it from the gas for distribution. The process is supposedly currently unknown to science (I’m no chemist so can’t be sure).


Same way as they have always done. Identify suspects, get warrants, confiscate computers and other electronic devices, build a case, etc.


> If we don’t hijack privacy in messaging, how do we fight crime happening on a message platform?

Compare it to: if we don't put cameras and microphones in everybody's houses, how do we fight domestic violence?

You can't control everything, and you shouldn't want to. Giving a certain small group control over a much larger group is not a good idea, because you can never know that that small group will handle their power responsibly.

And domestic violence and crime happening on messaging platforms can still be dealt with in the traditional way: through our court system. And that happens and it works and it is fair (at least in essence, not counting corruption).


Crime, whether CSAM or drugs or theft, all have a component in the real-world: it’s never purely in messaging.

Stop the CSAM where it’s being created. Catch the drug manufacturers and distributors. Etc. do police work.


What kind of police work are you envisaging?


The one being done right now without this law


Well for one, the FBI could investigate the list of Epstein's clients which they almost certainly have.


You’ve jumped the pond, this article is about Europe not the US


It's an example. You don't think Interpol and individual EU countries' police have similar options?

The fact that these things often end up brushed under the rug makes me doubt that the goal here is really to catch abusers.


Drug manufacturers, like weed farmers (in countries other than the US, for one)? The only reason I am able to use weed as an example is because it pretty much has been normalized, but what about other drugs, say, psychedelics, ketamine, opiates? I would rather not get into the War on Drugs here, anyways.


I'm seeing more value in your comment than, apparently, the other people who have answered it here.

I think you are 100% right that above-the-law communication is not good for society. This should be obvious. At the same time, allowing government to be able to spy everywhere is also not good for society. Also obvious. The correct solution is therefore something in the middle.

I'm not convinced by the other arguments here that usually contains a hint of slippery-slope, what-aboutism or false dichotomy fallacies.

The proposed legislation is terrible: it is not balanced and does not contain any safeguard to avoid abuse. However, it does not mean that the equally terrible situation of having easy way for criminals to avoid justice is the good solution either.

Personally, I think that a good system should be a distributed system where several independent justice organizations share the set of key needed to decrypt (for example, a message can be decrypted only if Amnesty International, Interpol and the Austrian Justice Department put their 3 keys together, each individual key being useless on its own). In this model, abuses are almost impossible while obvious crime can still be investigated. I don't know any argument that really works to say that this model is not always better than the free-for-all-all-anonymised-messaging.

Such ideas already exist, and David Chaum even came up with proof of concept of something similar https://www.wired.com/2016/01/david-chaum-father-of-online-a...


> I think you are 100% right that above-the-law communication is not good for society. This should be obvious. At the same time, allowing government to be able to spy everywhere is also not good for society. Also obvious. The correct solution is therefore something in the middle.

That conclusion is logically wrong and does not follow from the premises. You are decrying fallacies in other arguments while making them yourself.

https://en.wikipedia.org/wiki/Argument_to_moderation

> The proposed legislation is terrible: it is not balanced and does not contain any safeguard to avoid abuse.

Then the logical course of action is to try to stop this legislation. Everything else about the argument is irrelevant right now, what matters is the close very bad thing in front of us that we can do something about. Eliminate that and then we can have a reasoned discussion about what the proper approach is.

> several independent justice organizations share the set of key needed to decrypt

There’s no such thing as keys that only good guys have access to. It has been shown time and again that someone with access will abuse it or be tricked.

I won’t go long on this point, however, as I was not familiar with your specific example. I’ll read up more on it. But again, that’s a conversation that matters later.


> That conclusion is logically wrong and does not follow from the premises.

I am not saying "the good argument is moderation" (argument to moderation fallacy), I'm saying "the two extremes are obviously wrong, and, it turns out, the middle is smarter".

The argument to moderation fallacy is when you are saying that the good answer is good because it is in the middle. I don't do that, I find the good answer and I just state that it happens to be in the middle.

I guess you are also doing a fallacy: "every solution that are in the middle is wrong because it can only be the result of the argument to moderation". It is obviously incorrect, there are plenty of solution that happens to be good and being in the middle.

> Then the logical course of action is to try to stop this legislation.

First, I'm not saying that we should not stop this legislation. I'm just answering to a comment saying "and then what", which is a discussion that we are, I hope, allowed to have.

But secondly, a very good way to stop this legislation is by proposing something that checks all the boxes used to justify this legislation while having way better safeguard.

What is your strategy? To say to people that are worried "yeah, well, too bad for you". Or to say "oh, I understand your point, why not this solution, which do what you want, and also avoid what I'm afraid of".

Of course, we both know that one reason this legislation exists is because government want to spy on us. But if we propose something that satisfies all their justifications, they will have to either drop the pretends and openly admit that want to spy (and lose the support of people who are worried), or accept the solution where they cannot spy.

> There’s no such thing as keys that only good guys have access to. It has been shown time and again that someone with access will abuse it or be tricked.

This argument is a footgun: if indeed you cannot trust no-one, then EVERY online communication is already compromised. Your phone is full of spyware, even when you choose the most trustworthy one (because your point is that they don't exist), your softwares and servers are full of back doors, your internet provider and all your VPN are recording your communication, and even if you manage to get through all that, your interlocutor will not (and your interlocutor themselves is not a good guy).

But then, I'm not saying everyone is a good guy, I'm saying that if we share DIFFERENT keys, each key being different and necessary to decrypt (think of a door having several different locks needed different keys), the probability that ALL THE GUYS are bad guys is exponentially low.

If the probability of them being a bad guy or being tricked is 10%, then the probability that a 2-key system is failing is 1%, the probability that a 3-key system is failing is 0.1%, the probability that a 4-key system is failing is 0.01%, ...

> But again, that’s a conversation that matters later.

That's a fallacy. YOU are spending your time answering my comment instead of working to stop this legislation. When I check your account, I can see that you are also posting comments on "Getting 50% (SoTA) on Arc-AGI with GPT-4o" or "Show HN: Paste2Download – No Login, No Ads, Downlo..." instead of stopping this legislation.

Then, suddenly, when some people are having a deeper discussion that can help putting the rug under the feet of the bad guys, you are, incorrectly, arguing that the best strategy would be to not propose any alternative and antagonize the innocent people that are being fooled by the bad guys.

Also, these reflections on alternative approaches exists for a while (Chaum's idea is almost 10 years old). Bad legislation on the subject reappears regularly. It is time we progress instead of just pretending that we never have time for a deeper reflection, which is obviously not true.


> The argument to moderation fallacy is when you are saying that the good answer is good because it is in the middle. I don't do that, I find the good answer and I just state that it happens to be in the middle.

If that’s your position you should remove the word “therefore” from your final sentence. Because that word means that the conclusion was drawn from the previous statements.

> if indeed you cannot trust no-one

That’s not what I said. Though admittedly my argument was too compressed and assumed the reader would understand I’m referring to the often used “good guy law enforcement” arguments. My fault for not having been clearer, I went for brevity.

> That's a fallacy. YOU are spending your time answering my comment instead of working to stop this legislation.

I don’t see how that’s a fallacy. Which one is it? You could maybe call it hypocritical or inconsistent, but none of those are fallacies. Furthermore, the point—which feels ridiculous that it needs to be spelled out—is not that you need to be fighting the legislation 24/7, but that when discussing it you should strive to focus on what it is, not what it could or should be.

> you are, incorrectly, arguing that the best strategy would be to not propose any alternative

Again, that is not what I said. Though in this instance you seem to be taking a bad faith position. I have said twice that it’s worth to have the conversation. I even said I’d read up more on your example because I wasn’t familiar with it. You’re misconstruing my argument in a way that feels really dishonest.

> and antagonize the innocent people that are being fooled by the bad guys.

Especially here. This part is just plain absurd and an attack with zero basis in reality.


> If that’s your position you should remove the word “therefore” from your final sentence. Because that word means that the conclusion was drawn from the previous statements.

What if I would have said "the solution on the left is obviously bad, the solution on the middle is obviously bad, therefore the solution is on the right"? That would obviously not be a argument to moderation fallacy, and yet the logic behind the existence of the word "therefore" stays the same. So, the "therefore" does not imply "it is because it is the middle", so, no, the "therefore" does not imply I've chosen the middle simply because it is the middle.

The "therefore" simply means that if I've explored different options and they are bad, it would be clever to consider another one. It does not mean that the middle solution is chosen _solely_ because it is the middle one.

> I’m referring to the often used “good guy law enforcement” arguments

The solution I'm proposing is not to give keys to law enforcement.

> I don’t see how that’s a fallacy. Which one is it?

A fallacy is a incorrect reasoning in an argument that looks correct superficially. It's what you have done here: there is no logical ground to link your counter-argument to my argument, nothing in your counter-argument implies my argument is incorrect. I'm not going to play fallacy golf, it's usually a sign of loosing the forest for the tree.

> Furthermore, the point—which feels ridiculous that it needs to be spelled out—is not that you need to be fighting the legislation 24/7, but that when discussing it you should strive to focus on what it is, not what it could or should be.

That's a terrible strategy. It's basically: "I don't understand the context, I don't know what this bad legislation tries to solve, I don't know what people who push for this legislation wants, I don't understand how the bad aspect from this legislation have appeared and how to remove them".

Again, I'm proposing a solution that is difficult to say no to from honest people that were tricked into thinking the bad legislation was the only way. You propose nothing, you just say "no" and antagonize your interlocutors. Who do you think is the most efficient for potentially make this legislation fail?

> I have said twice that it’s worth to have the conversation

Exact, and this discussion is happening now, and yet, you are saying "it's not the time to have it". That is incorrect, there is absolutely no reason to not have this discussion now, this discussion is very very useful to fight against this legislation.

> Especially here. This part is just plain absurd and an attack with zero basis in reality.

You realise that in this discussion, all you have done is to attack SOMEONE FROM YOUR SIDE, with the argument that they should not use their brain and try to find solution.

Let's also notice that during this discussion, you haven't talked at all of what this legislation is, what we are arguing about now is basically what would be the best strategy to take it down. Your answer to that seems to be "the best strategy is to not discuss strategy, because we can only discuss about what this legislation is", which in itself does not make sense.

You want to talk about what this legislation is, take a page from your own book and stop arguing with me, let people who want to think about the situation and design clever ideas to end up with a win-win situation do what they want.


I’ll be honest, I didn’t read most of that last message yet. No disrespect meant, I’m just tired and don’t think continuing will be a healthy use of time. For either of us.

> You realise that in this discussion, all you have done is to attack SOMEONE FROM YOUR SIDE, with the argument that they should not use their brain and try to find solution.

I did read this part, as the all caps caught my attention. I did not attack you. Disagreeing with parts of your argument in no way reflects on you. Still, my words have seemingly affected you negatively and for that I apologise as it was not my intention. I wish you a genuinely pleasant week.


> I think you are 100% right that above-the-law communication is not good for society. This should be obvious. At the same time, allowing government to be able to spy everywhere is also not good for society. Also obvious. The correct solution is therefore something in the middle.

The correct solution should be something in the middle. Old-fashioned wiretapping, with a warrant and the need to dedicate staff to installing and monitoring the tap is basically okay. The problem is that the mathematics of cryptography and the scaling inherent to information technology mean that only all-or-nothing solutions are possible. If the cryptography is intentionally broken, it's broken not just for law enforcement, it's broken for everyone. If law enforcement has a backdoor they can use with a warrant, they're capable of using it without a warrant, and probably will. And if their special keys get leaked, then again, the encryption is broken for everyone.

Like you point out, secret sharing is one way of getting around this in principle. But governments would never make their access dependent on an NGO; in practice I'm sure they'd only agree to secret sharing schemes where the separate parties were separated only by nominal bureaucratic firewalls, and then you're back to the original problem.


It's not up to governments to agree.

Right now, there are encrypted communication solutions that exist. None of them have been built by a government. We can build Chaum's network and start to use it. If we do that, government will have to either accept this network as a legal usage, or admit that they don't care about kids and crimes but just want to spy.

And sure, some government will admit that, but it's not by chance that right now the bad legislation are justified by "for the children" instead of "because we want to spy on you": admitting that will make these legislation obviously harmful, and they will be stopped even more easily.

There are some reasons why a network like the one proposed by Chaum is not used. One is that it's not easy to put in place, similarly to how difficult it was to build ethical journalism network for example. A second one is that some people don't want such network, either because they want to do illegal things or they want to spy on citizen. But another reason is the childish mentality of being instantaneously against any ideas that does not fit into the "100% anonymity" of the Silicon Valley techno-libertarian (not saying that anyone who is against is like that, but some who are against are indeed like that).


Replace "chat" with "speak", and suddenly it is trivially obvious to everyone how horrific this is:

> If we don’t hijack privacy in speech, how do we fight crime happening in private conversations? If [the] government doesn’t have access to what you say at home, what’s stopping criminals from using their homes and never getting tracked down? Or proven guilty, since all the proof was said behind closed doors? Aren’t we hurting ourselves by being so obsessed with privacy?

Should we be obsessed with privacy, or should we let the government put microphones in every house just in case there are paedophiles talking about their sex acts and hence getting away with it?

Similar arguments can be made by substituting other things that were traditionally considered the domain of only authoritarian dictatorships, such as opening all letters and reading them before they're delivered by the postal service, or keeping tabs on what books you borrow from the library.

I grew up in one of those countries, and I can tell you that it's not at all nice that they tracked what you photocopied, you know, just in case you wanted to print out anti-party ("one" party!) propaganda... I mean... something... something distributing child porn. Yeah, that's it. That's the reason.


> I lived in one of those countries, and I can tell you that it's not at all nice that they tracked what you photocopied,

That's all photocopiers & printers though, with US manufacturers being ground zero for tracking, IIRC - https://www.instructables.com/Yellow-Dots-of-Mystery-Is-Your...


Black & white printers cannot implement the yellow dots at least and even with color printers it is not literally every one of them.

Adding tracking information, while it shouldn't be happening, is also many steps away from e.g. the printer analyzing everything you print and reporting to the government if it is something unapproved.


Which is one reason I stopped using printers entirely.


We just won't catch some criminals, and that's probably an acceptable tradeoff.


These laws only hurt abiding citizens.

Same as with DRMs and those annoying "piracy is a crime" banner we got for minutes before watching a DVD. Nobody pirating content has ever seen those.


think of terrorists. Suppose your country has banned/restricted selling guns and explosives. Do you think this will stop terrorists? No, it'll stop normal citizens to not do any of this stuff... but they will not be affected since they are not terrorists.

Terrorists on the other hand will find illegal ways to overcome the restrictions. It's the same with encryption - (open-source) tools with e2ee are already broadly available, sideloading is available - nothing will stop terrorists/other criminals to just install that and continue doing what they want.

On the other hand this chat control opens a huge area of opportunities for govts to spy on citizens or maybe journalists/other politicians that they dislike. And this is if we assume the system doesn't have bugs that would allow third parties/hackers to break it and get all the info by themselves, or bugs that can trigger a false-positive event.

That's why it's a bad idea. Criminals will find ways to overcome the limit, govs will get new tools for suppression (even if current govs are 'good', what if the next govt is some ultra conservative or radical nationalist, do you think they'll not use these new tools?) and normal ppl are basically left without any privacy


You should't fight crime with other crime, that makes you no better than the other criminals and doesn't solve the problem of crime but only increases it, and doesn't make society safer. If you want crime to stop, you should at least give a good example and deal with it in a responsible manner, and not deal with it by being a criminal too. Then you just get society divided even more. It doesn't help anybody. You can't expect other people to cease their crime if you're doing it yourself. A better society starts with being responsible.

Crime should not be approved of, and "crime fighting crime" shouldn't magically get an exception.

"But crime X is way worse than crime Y fighting it".

Crime should certainly be punished, but you cannot punish someone before you can prove their wrongdoing. And we have a court system for that.

Punishing people before they're proven of wrongdoing is criminal in itself. You should't give a certain group of people allowance to put prison collars on others without them having done any crime. At least not if you want to live in a free society.


> Aren’t we hurting ourselves by being so obsessed with privacy?

You’re hurting yourself more by being too lax with it. Remember that a crime is whatever the law says it is. So if an authoritarian government makes it so criticising them becomes a crime and has access to all your communication, good luck ever breaking that cycle. You can use other examples, like making homosexuality illegal.

These are real examples that real governments (or people with a good chance of being elected) want.

Remember that the ultimate goal of these laws is never to “protect the children”—that’s just the convenient given reason, because how could you be against that—but to exert more control over the populace and cement the position of those in power. Even if the current government employs the technology only for good—highly unlikely—you don’t know about the next one.


> if an authoritarian government makes it so criticising them becomes a crime

If?

https://www.lewik.org/term/15692/defamation-of-persons-in-th...


How do we fight crime happening in houses? If government agents doesn’t have access to house contents, what’s stopping criminals from using locks and curtains in homes to hide their illegal activities and never get tracked down?


If a message platform is gov controlled, criminals will use other alternatives that are not monitored, which they probably already do.

What you end up is just having the gov having all information about private citizens, which can be used against us.

For example, the government of Spain constantly shares private citizen data of people near political adversaries for political reasons, also, I don't want people knowing what I share with my girlfriend, regardless of it they do something or not with it publicly.


There are criminals operating behind the safety of closed doors with locks on.

We need to compromise all door locks, in order to keep everyone safe from criminals.


It’s not a stupid question. But to think that it will make people more safe is double think. Right wing dictorship is on the rise across Europe and the World. No-one knows the future, but it’s sure looking bleak. We are all making ourselves less secure to the future.

And with AI… ooft. AI will get to a point where it takes over, and decisions like these help it to. We are destroying our future fast.


You realize criminals can stack infinitely many layers of encryption onto any compromised (govt-controlled) channel right? So how is "Chat Control" supposed to be the solution??


> So how is "Chat Control" supposed to be the solution??

Who said it is supposed to be the solution?

Almost no crime problems have a the solution. Instead reducing crime is almost always a matter of a variety of measures that each make the crime a little less likely.


Which is why we also need to look at the cost of the measures to non-criminals, which in this case is extremely high for most likely little gain.



this has more weight: threema is the biggest "alternative" (after whatsapp and telegram) chat app among my peers. There's a sizable non-tech but pro-privacy part of the population that exclusively uses threema. This will be the first time they ever hear of this.


Threema being paid up front makes it harder to adopt for average uses. Signal is great option and wish more would use it.


I wish more people would use something that's not US backed honestly.

Centralisation is a curse.

I don't inherently trust Signal, and you have to because nothing they do is verifiable; I wrote a really hit-and-miss article about this before: https://blog.dijit.sh/i-don-t-trust-signal/


It would be if signal would have resisted the temptation to go cryptobro. They didn't, and they lost all credibility as a result.


May I ask what country, age, and – as bad word it is – class is your threema-using social circle?

Because here it is mostly facebook/messenger, discord, instagram, and a distant whatsapp, in order.


part is in their 50s, tech illiterate by privacy-focused. Other part are colleagues (30s-40s) who are privacy focused. This is Europe (Germany) though - the landscape here is absolutely dominated by whatsapp by a huge margin.


I live in Poland, it's funny, WA never took a real foodhold here, we mostly use to communicate with people abroad who refuse anything else.

FB Messenger is the king here.


Interesting. Here it had some niche users, but got completely supplanted by signal, which is the clear #2 with the people I know.


Signal had a narrow window when there was some whatsapp scandal going on and signal was weirdly popular for a month or so. Then they announced their crypto bs. And in my bubble it was nuked entirely off the earth as a result.

With Threema I have lots of uncles etc who use it exclusively.


99%of the people I know and care to communicate with use signal or a group matrix and didn’t really care about the controversy, so I think the effect of what you are talking about is extremely limited in tech circles


Everyone I know uses WA, but a significant amount (~50%) uses Signal as well, most of those are not tech people. Back when they announced the crypto stuff, I knew next to no one with it, so that doesn’t really matter. I think only 1 or 2 people still use Threema in addition to the other apps.

Telegram I only know 2 users, one who’s American, and one who’s into conspiracies …


Weird, I had never even heard of it before.


"Chat Control" is already real. This is just codifying prevalent practice done by a multitude of agencies into law.


Sorry, is there any evidence that E2EE eg in WhatsApp, Signal, etc. is routinely broken? I am not talking about exceptional hacking of phones of individual high-value targets for surveillance by nation-state-level actors, but mass surveillance.


If there was public evidence allowed to be released nobody would be using those algorithms obviously. The point of those algorithms is to make them hard to break for the public and easy to break for the agencies . E.g. None of your mentioned products use quantum hard encryption. It is not far fetched to assume that all the relevant agencies have access to a working quantum computer. But I doubt you need even sophisticated hardware. Most "government approved" encryption algorithms should be considered compromised from the get-go.


I seriously doubt that agencies have more capabilities than the scientific community of mathematicians. Perhaps there are weak points in implementations, but I don't believe any agency has the capabilities to crack encryption, even some of the older algorithms.

There is no evidence that a quantum computer can break classic encryption yet. Even if the agencies tried, they would not have the means to stop the spread of such information.

And finally, we wouldn't get laws like this.


Almost 100% of the "scientific community of mathematicians" is funded by the government. They can't be trusted either. If they want to publish something that is considered to be a "threat to national security" the agencies have multiple avenues at their disposal to "convince" them to not publish.

> And finally, we wouldn't get laws like this.

Codifying covert practices into law has the big advantage to make the whole oppressive surveillance state much more efficient. Gone are the days of "parallel constructions". Also the chilling effects of total surveillance alone might be enough to prevent the opposition to be effective.


Sorry, but these are conspiracy theories without good evidence. You don't think other countries have good mathematicians? And the long arm of your government agencies reaches all of them?


Signal uses post-quantum encryption


Oh, indeed, they're adding a quantum resistant layer. Nice. Not sure it's in production yet.

https://signal.org/blog/pqxdh/


Orwellian surveillance is all fun and games until you get to Kafkaesque imprisonment.


Just want to point out that the blogpost doesn't seem very effective it achieving it's stated goal. I'm curious how many people actually acted on it (i.e., approached their MEP representatives) and if their actions had any effect.

You are urged to take action, but neither of the linked posts makes it easy for people to do that. Ok, there is a link to a website where I can find some email address for "Permanent Representation of <country name>", thanks. Is it it? Should I send an email? Like, do I have to prove I'm a citizen of <country name> or is emailing them anonymously from some batman69@gmail.com email account is totally fine? I have no idea. Who is my counter-agent, how should I talk to them? Should I assume they are very well aware of the proposal and have their opinion, or are they most likely ignorant about all that stuff? What do I write? What this is supposed to achieve? Do I just email the url to this blog-post? Well, this should be actually a preferable solution, I imagine, but the blogpost doesn't seem to be written in a way to be convincing to a random MEP (assuming he NEEDS to be convinced).

I don't claim I could do better (I'm totally ignorant about all that stuff), but just saying it isn't as actionable as it could probably be.


>If you’re a EU citizen, please consider contacting your government’s representative today, asking them to vote against Chat Control.

Are there any studies on the effectiveness of this? To me it always read like a joke. The only way I can imagine this going is.

>Good day Mr. Rep I'm really really worried about x legistlation for reasons y and z.

>Sure buddy. hangs up

>Votes like his "donors" asked him to anyways.


Exactly this. Once you read up about donors, or keys, or whatever word your country uses, it becomes obvious that it's all pretty straight forward


You can't stop this kind of shit. Even if we do it will be back in a couple of months with another name.


That’s like saying “well, I can’t stop death so might as well keel over right now”. Even if it’s true that you can’t stop it (it isn’t, you’re just giving up), delaying it to the next time is still worth. Do it enough times and it works as if it were stopped.


This is the sort of stuff that made Brexit appealing to me. Remainers make out that we (UK) are xenophobic in some way, because we left the EU. No - we don't hate European people, they're great - we just hate the unelected, undemocratic, wannabe-communist institutions.


do you think uk will not implement something similar?


For sure - but at least we have the illusion of being able to vote these people out.


You keep saying “we”, as if yours is the prevailing UK opinion. Not only was Brexit a close vote, people who voted to leave have largely been regretting it.

https://www.economist.com/britain/2024/04/11/why-most-people...

In the aftermath of Brexit I remember reading time and again of people who voted to leave and by doing so screwed up their own business (e.g. florists whose flowers come from abroad). They expressed nothing but regret.

So no, the UK didn’t vote leave because they “hate the unelected, undemocratic, wannabe-communist institutions”, they voted leave because they didn’t understand the big picture and were tricked by unscrupulous politicians making false claims (probably the most famous being that a lot more money would go into the national heath service).


I could say the same thing to you. You don't get to define "we" any more than I do. In fact my use of the collective "we" was directed primarily towards the claim of xenophobia - which definitely WAS an accusation thrown at people who supported Brexit. The thrust of my point was to single out the political ruling class in the EU for their refusal to listen to the opinion of their subjects. (I can't call them constituents, as that would imply some sort of representative democracy was taking place).

"So no, the UK didn’t vote leave because they “hate the unelected, undemocratic, wannabe-communist institutions”,"

Yes they very definitely did. The economic arguments were never the main drivers of Brexit. It was about national sovereignty, and electoral accountability - and this new Orwellian EU law, (enacted "for the children", of course) only serves to reinfoce that view.


> this new Orwellian EU law

Yes yes, the UK doesn’t have those at all.

https://en.wikipedia.org/wiki/Online_Safety_Act_2023

This is not a one-up game. Both laws suck, all governments (and systems of) have flaws. We should oppose them equally instead of pointing fingers and shrugging our shoulders.


Fair enough - that's true, for sure!


On one hand we should all agree that chat control is bad, OTOH the populist approach to issues it's IMO much worse than the issue itself.

There is no chat control in EU yet and there will not probably be one as envisioned by the gloomiest commentators, regardless on how the voting will go.

1 - online child abuse it's real, yes, it can be used as a pretext to sponsor unpopular laws, but it exists and can't be dismissed only as a false claim or something politicians bring up for their evil plan of global dominance and massive surveillance (last sentence is the rhetorical equivalent of What about the children?)

2 - political groups laser focusing on how the World will end if the EU discuss about some issue that has privacy implications aren't in any way better than those laser focusing on childrens' safety.

3 - the elected representatives are elected by the people of EU through a pure proportional electoral system, they represent the Europeans in almost perfect proportion to the population. The issues they are focused on are the issues that people of EU care about, we might not like the opinions and/or the acts of the majority, but it's how democracy work.

4 - the parliament is not new, the new elected representatives are still forming the new political groups (starting from today) so, no, there's no evil puppet master behind the regular schedule of the parliament

5 - issues like this one have been discussed in Europe for 15 years at least, it's nothing new, but every time there is someone predicting the end of the World as we know it. Why? it's simple: it's their job, they've been elected by a tiny minority, have little or no space compared to the larger political groups, so they need to be very local about it and use the sharpest tool of them all: fear. It's political marketing 101, nothing to see here, please disperse naked gun's style. In this case threema makes, not surprisingly, a chat app.

6 - Moreover, in November 2023 the parliament sided with encryption, by not approving the proposal to break E2E encryption while in March this year (2024) The European Court of Human Rights ruled that weakening encryption can violate fundamentals human rights (link to the sentence: https://hudoc.echr.coe.int/eng/#{%22itemid%22:[%22001-230854...}). Democracy also means trusting the system, even when it seems that everything is lost.

7 - the law hasn't passed yet and the voting will probably be delayed again, due to the aforementioned parliament still not actually in place at full steam.

8 - if being European taught me something is that approving a law is one thing, enforcing it is a complete different story. In many countries, like mine, Italy, law enforcement is a farce, especially when it's about regulatory infringements.

Last but not least, laws protecting children have already been abused here in Italy (and I'm sure everywhere else) long before internet was a thing or without using any form of chat control just for political gain.

A couple of examples (sorry, Italian only)

https://it.wikipedia.org/wiki/Diavoli_della_Bassa_modenese

https://www.ilpost.it/2023/06/08/caso-bibbiano/

the second one has been so controversial (and the accusations in such bad faith) that the equivalent Wikipedia page has been removed and locked by the admins https://it.wikipedia.org/wiki/Angeli_e_demoni_(inchiesta).


This is more proof that the GDPR was nothing more than protectionist laws.


"Fun" Fact: it's currently the European championships in football (soccer) in Europe (probably the biggest event of the year), so it's the perfect opportunity to sneak this through without too many people noticing.


Also, the parliament is still 'new'… perfect time to push something like this through before the dust settles


Interesting, in the US, the best time to see crazy laws passed is every 4 years, between Nov 5 and Jan 7(?), if a new President is elected and a number of Congress people are thrown out of office from a specific Party.

That is because the people who need to leave office will usually join with the opposition to get laws passed that they wanted but were afraid to vote for before the election.



How does this allow for it to be sneakily applied, as you suggest ?


It creates a diversion. Classic move from cartoons.

https://www.youtube.com/watch?v=hzYOdO4pEyI

It works in real life too. Distract the public for long enough that few people make a stink and the law gets through. When people complain later it’s “Oops, we didn’t know, no one seemed to care. Well, nothing we can do now”. Much harder to do that if everyone is shouting at you to not do the thing.


Similar was transition from covid to war in Ukraine. Suddenly, covid disappeared from media.


So, who orchestrated a country's army with its hundred thousand men, tanks, bombs, against another country's, plus its civilians, and then even more civilians needing to run away... as a distraction? From what?

Man, how did this "conspiracy theory" mental illness become so commonplace?


They aren't suggesting that the war was orchestrated by the media, but that the war provided the media with an opportunity to wind down pandemic coverage.


You imply conclusions that I didn't wrote.


Playing devil's advocate (I don't agree with the conspiracy one bit). They might be saying that the war happened, and then "the media" used that to stop talking about covid.

Honestly, I would say that's just the media jumping on the next thing. Everybody was sick of hearing about covid for 2 years. The war was also a lot more threatening by then (at least in Europe).

As for Covid's evolution, like all pandemics before it (plague, spanish flu, swine flu, ...) disease evolution and human immunity reduces its danger and importance.


Many unpopular laws are passed during major sports events, soccer world cup, olympucs and/or during summer holidays season.


> Many unpopular laws are passed

How many? Can you list some of them? I think that your assumptions are kind of the general opinion, but I am interested in facts. I couldn't find "many unpopular laws being passed during such events", can you?


In France:

- summer 2017, a law to limit demonstrations and strikes.

-summer 2020: LPR, that incite scientist to shut up, and limit their autonomy while strengthening administrative power over them (students tends to protest laws like this).

But usually, how you do it: you make a 'protect the children' law, or a 'counter terrorist' law, and you expend it's reach with executive power, that how Macron does it. Is it authoritarian? Yes.


Many unpopular laws are also passed not during these events. Without comparison it's a meaningless statement.


Can you start with a single example?


Many new laws are unpopular, always.


The public, as a group, can only keep a small number of subjects in focus at a time. This feels like a phenomenon that I take for granted to be true but I haven't heard any name for it or read any studies.

It really feels like a symptomatic phenomenon of our time.


>> The public, as a group

I don't know, my local journalists paid with public money seem to be able to follow a lot of domestic trivia. They are much less capable of following matters of national interest, like how the country's economy is doing, what laws are coming up, and how's that Orwellian State business coming along.


Quite a convenient arrangement, the public broadcasting business.


For a similar example from the UK, look up "good day to bury bad news" [1]

Quite often a government body has missed some performance targets, suffered cost overruns or has other bad news which they need to announce publicly at some point. But they can choose when the announcement comes out.

Then along comes September 11th 2001, planes crash into the twin towers, and while the towers are still burning government PR teams are rushing out the announcement that they've badly missed their train punctuality targets.

They know the news and social media are going to be full of the big event for days or weeks. By the time things are quiet enough that the newspapers have space to report on train punctuality, the bad figures are old news.

This works equally well with big good-news stories like royal weddings and big sporting events.

The "good day to bury bad news" quote is interesting because someone leaked an e-mail where a government PR boss literally encouraged it. Usually such encouragement would be by telephone or whatsapp to avoid creating a paper trail.

[1] http://news.bbc.co.uk/1/hi/uk_politics/1823120.stm


Here in Italy the worst and most controversial laws are proposed and accepted in the last days when the parliament is open, which happened to be in the middle of August, where everyone is on summer holidays and all activities and offices are closed.


This is the infamous Dead Cat Strategy[0].

[0] https://en.wikipedia.org/wiki/Dead_cat_strategy



> probably the biggest event of the year

At least in France, the upcoming Olympics are a strong contender. That and the surprise parliament election our president dropped on us; because he apparently didn't like the result his party got at the latest EU election, but honestly I don't see how he imagine he's going to get a better result this time around.


it's not on the EP schedule. the council vote is of course not meaningless, but it doesn't mean much by itself.

https://www.europarl.europa.eu/plenary/en/votes.html?tab=ord...

... the submitted article is complete nonsense "EU citizens would no longer be able to communicate in a safe and private manner on the Internet." ..

no, here's the draft law

https://cdn.netzpolitik.org/wp-upload/2024/05/2024-05-28_Cou...

see page 39,

"Without prejudice to Article 10a, this Regulation shall not prohibit or make impossible end-to-end encryption, implemented by the relevant information society services or by the users."

It's a broad framework and - based on my cursory reading:

  - providers have to set up a counter-abuse team and fund it
  - authorities and industry-wide cooperation on trying to come up with guidelines and tech
  - counter-abuse team needs to interpret the guidelines, do "due diligence"
  - provider needs to have monitoring to at least have an idea of abuse risks
  - if there are, work on addressing them if possible without breaking privacy
As far as I understand the point is have more of services like "YouTube for Kids", where you can give your kid an account and they can only see stuff tagged "kid appropriate" (and YT simply said we are going to be sure there are no bad comments, so there's no comment section for these videos - which hurts their engagement, which hurts profitability).

There's a section about penalties and fines, up to 6% of global revenue, if the provider doesn't take abuse seriously. And - again, based on my understanding - this is exactly to prod big services to make these "safer, but less profitable" options.

see page 45 for actual things providers might need to implement


A lot of despondency about this. But I think part of why this stuff gets through is that techies are campaigning in the wrong way

Those advocating for it have a visceral pitch: your kids will be in danger if this doesn't pass. Those against are arguing for abstracts, like freedom and privacy. And sure, people should be in favour of those things - but there's a visceral pitch against, and it's not being used

What will happen if this stuff is put in place, and used as claimed? There will be a massive rush of automated "accusations" of child abuse against innocent parents, grandparents, and other relatives. This will result in many families being unnecessarily stressed and disrupted by investigations, and at least some children being removed from innocent families.

Why will this happen? after all, won't the scanning be 100% accurate?</s>

Obviously not. Tech companies don't want to be responsible for this - the scanning won't be optimised for accuracy, it will be optimised to pass the buck as hard as possible[1], because the tech companies don't want to business of taking the blame when some pedophile isn't caught.

Who is the second level of review? Maybe some minimum wage zero-hours subcontractor at Serco or Group 4 Security, or whoever the equivalent of that is in the EU. But that's probably it - once the image has been labelled 'bad' no-one else will want to look at it.

So, even if you are sending a picture of your own child to your own mother, you will have at the very least to have to think about whether it could be mistaken for child abuse by someone you don't know who has about 5 seconds to look at it and is probably from a completely different culture.

Yet none of this has been brought up in the media either by tech companies or by privacy activists.

[1] The other option is that the tech companies abdicate completely and just use some black box from the government to scan every picture. Problems with that left as an exercise...


I think commercials like a local politician looking over a cop’s back saying “I need some dirt on Citizen Z, he fixed my plumbing last week and overcharged me, let’s see what we can find on him”. Then show his plumbing business shut down a week later because of some obscure local law about using imperial wrenches instead of metric.


I'd support legislation that made it mandatory for any politician of any capacity to keep all of their communications publicly searchable, and I do mean all. Let's see how quickly proper privacy laws get implemented when these parasites are actually affected by the laws they're setting forth.


You can't even stop it here. Start here.


Define "here".


I don't support this legislation but I also do not live in the EU. Honest question, why do we (US, EU, wherever) not have more harsh punishment for child SA? Why not castrate the offender after two strikes or even one? I am sure there are other biological reasons for this to happen but I got the impression a lot of abusers were abused as children.


Similar reason why there's no death penalty. If you get the wrong person and you lock them up you can release them with compensation, it won't fix it but its better. You can't un-castrate someone the same way you can't revive them after an execution.

Courts convict innocent people all the time, hence no irreversible punishments.


Ok but after two strikes? If you have gotten into trouble twice, I don’t have much concern. Life is not fair sometimes. Happy to see if there are better ways to treat abusers that improve recidivism but I am not convinced prison time works. There is something deeply wrong with people who not only have the desires but are willing to act on them knowing it will hurt their victims.


The threat level doesn't make your proposal a necessity and I believe it is founded in the same irrational fears that this policy suggestion plays on.


Locking someone up is a one-way punishment, they will not get their years back. Branding someone as a child-molester, even if they are later vindicated, is permanent. We already have irreversible punishments.


When discussing extreme punishments like this, you must consider false convictions. Only in a perfect justice system (which is not achievable) could we allow such punishments. FWIW, I also feel this way about the death penalty.

When proposing “permanent” punishments like this, always put yourself in the shoes of someone who is falsely convicted. And consider that false convictions can (and do) happen for a wide variety of reasons: racial bias, political bias, cover ups, government oppression, etc.


Right I get it and I too always put myself in those shoes. I think if you have been convicted twice that it’s likely to weed out most of those cases. Generally once you have been convicted once, you are already not allowed around children.


I doubt that child pornography is even the true reason behind these laws. If anything, that problem is at its lowest now in the entire human history, at least in Europe. And the form of "violence" these laws are trying to limit have to do with bytes going over the Internet, not directly with children being kidnapped or sold into prostitution. I'm not saying that these laws couldn't be used as tools to go after actual human trafficking networks, but their scope and the damage they do is vastly disproportional to that objective.

More likely, the true goal is to introduce novel forms of policing, and widen them bit by bit until we do become true surveillance states, where every word any citizen ever said is stored in some government archive.


> Why not castrate the offender have two strikes or even one?

That's orthogonal to whether or not we should implement a means to catch those that transmit child pornography.

Is castration intended to "cure" the criminal or do you think it would act as a deterrent? Would you consider castration for any kind of rape?

It sounds as though the next obvious step would be to amputate the hand of the serial shoplifter, etc. I'm personally not in favor of giving the state that kind of irreversible authority over our body parts.


> Honest question, why do we (US, EU, wherever) not have more harsh punishment for child SA? Why not castrate the offender have two strikes or even one? I am sure there are other biological reasons for this to happen but I got the impression a lot of abusers were abused as children.

Because castrating people as punishment ‘because’ they were abused as children doesn’t feel right?

Of course, doing that as part of treatment could in extreme situations be justified, but luckily there’s ‘reversible castration’ (https://en.wikipedia.org/wiki/Chemical_castration), and that (of course) is preferred as treatment, if such harsh measures are required.


Because we don't live in the middle ages and have human right laws.

https://en.wikipedia.org/wiki/Bodily_integrity


Such a dismissing statement without any meat. Happy if other alternatives are explored but I have not heard of any that significantly improve the recidivism rate.


We explored the possibility for these kinds of punishments aplenty. It is fairly established that higher punishments don't necessarily reduce crime or recidivism.


Is chopping off shoplifter’s hands next? Good grief, let’s not do a new wrong thing to fix an old wrong thing. That biblical stuff needs to stay in the fairy tale book.


Because the age of consent is 14 in Germany.


This is not true.


>The age of consent in Germany is 14

https://en.wikipedia.org/wiki/Ages_of_consent_in_Europe#Germ...

I always find it funny when Americans find out that Europeans aren't prudes like them.


A controversial take but I'm in favor of this kind of legislation. Big tech platforms is currently taken by criminals, anyone pretending it's not is lying. They need to be regulated and it will come in the form of regulating users.

What's the alternative? Communication tools that don't have a central server. What's the problem here? This legislation has the potential to unlock a golden age for local-first software


It should be possible to have a private chat without spying.

However I have an unpopular opinion, interested to hear what others might think:

We should eliminate anonymity online. If you go on the internet everything you do should be tied back to your name. This can be done using device attestation. Everyone gets a private key tied to their name/address.

This is compatible with free speech. In fact it promotes free speech because being a "troll" becomes a lot more personal.

I think this way of living would be closer to our nature as tribal primates. It would improve behaviour and overall quality of life. Our brains are designed to have checks and balances from wider society which you don't get anonymously online.

This would also reduce the need for govt monitoring because any chat online could be "turned in" by an informer and then any criminals identified.


What technological measures do you propose to block Tor and VPN services to achieve this? Not even China's Great Firewall completely achieves this, though not for lack of trying.


VPN is straightforward to solve. For example Apple devices already have "Device Attestation":

https://support.apple.com/en-gb/guide/deployment/dep28afbde6...

To do TOR you would need to look at the IP protocol and signing at the packet level. Definitely more difficult.


Device attestation is a way for a server to attest that a requester is e.g. an iPhone. Sure, it can be expanded to cover if the requester is, say, John Smith. But the server has to demand it.

Decentralized platforms tout not doing this stuff as a feature. You'd have to roll out the attestation system and require everyone running a web server to set up this attestation infrastructure; that is, the small guy running a model train forum on his laptop or whatever must risk prison time if he doesn't do attestation. That'd be so draconian that afaik not even China does it.


The attestation would be done by your ISP or the next level along. The ISP/backbone could pass this information along to Web servers.


The difference is that they aren't using this to make online conversations more polite or something (not that I agree with your point that removing anonymity somehow is better for free speech, at all). This isn't some sort of initiative to promote self policing. It's to get information that will allow authorities to arrest people and put them in jail. That automatically makes the entire argument that it could be beneficial for free speech and promote more "real life" like interactions online irrelevant, because that's not the point of this law.


> This would also reduce the need for govt monitoring because any chat online could be "turned in" by an informer and then any criminals identified.

This is where you completely break your premise, this is Stasi levels of informing, asking for the population to spy on each other. It's not healthy to society when you feel that any other person you interact with might be informing on you to the State, you leave a very wide avenue open for misuse when the State changes its rulings on what's considered criminal.


Maybe.

How is it different from now when you can record a conversation you have? or forward an email to the police?


> We should eliminate anonymity online.

Unless you're careful and quite tech literate this is already the case


I think it's worth debating the idea, exploring what it would look like. But I think there's a lot of hidden complexity there.

1. Who is allowed to detect, process or store your identity? For what purposes?

2. What about "right to forget"? Does the data need to be destroyed after a certain period?

3. Who manufacturers and sells these private keys? What happens if I lose mine, or it gets stolen?

4. How does this work internationally? Can a key from China access a system in the US?


Good points. Difficult questions. I was thinking it is tied to the physical device. So you would register a laptop when you buy it with the state and the key would be in the HSM. So the main differences would be:

1. Give my name and address to activate a device 2. "The internet" requires authentication via the HSM.


Kind of like how a car is tied to an individual, via the logbook (in the UK at least). You need to think who you let use your laptop, lest they get you in trouble. If it's stolen or you sell it, you report it. To be fair, people were against passports and license plate numbers when these were first introduced, and it hasn't lead to the problems people envisaged.

That said... I don't know if this is feasible with a laptop. It's much easier to pawn my laptop, than it is to steal my car and drive it without me knowing. And at what point does a computer become a server, and are those regulated differently?

Knowing that you're never anonymous online would certainly improve some conversations, and mitigate some of the ability for state actors to e.g. sow discontent online. But it would arguably be a huge inconvenience and risk for everybody, so I don't know if it's worth the cost.


> We should eliminate anonymity online.

for certain platforms. IMO platforms should be able to decide for themselves whether they want the option to have people verify themselves via ID or not.

It's the government's job to provide this service


What exactly would be the difference with what we have now? We already have physical addresses.


Surely then the government can easily censor anyone who disagrees with them


Very interesting point. Does a well functionality democracy require the right to be anonymous?


I don't know, no one has done "well functionality democracy" yet


It sounds like a solid idea (bot rejection anyone), but I wonder if governments would use it to quarantine users instead. Would I have to pay a bi-yearly fee to maintain and reissue my online passport?

All in all I would be willing to be quarantined if that meant the bots would suddenly die.


That’s an easy one to shoot down because it would lead to endless harassment of innocent individuals and suppression of popular opinion or critical thought. It goes counter to everything that the internet is about. It also would lead to mass genocide by governments seeking to kill of any resistance.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: