Hacker News new | past | comments | ask | show | jobs | submit login
European Parliament approves mass surveillance of private communication (patrick-breyer.de)
938 points by pepperberg on July 6, 2021 | hide | past | favorite | 415 comments



Are there any primary sources for this? I'm having trouble finding anything talking about any final legislative action involving chat control/ePrivacy etc. that isn't this random pirate party blog.



This is a much better source of information than the headline link. It describes how this came about, what its limitations are and just gives a whole lot more context.

Of course it fails to advocate - which itself may have become a vice.


Rule of thumb: If something invokes "protect the children" to justify itself or to push it's agenda, it is advocating something. Not only that it is doing so in an underhanded and emotionally targeted way. I'm not saying politico is the primary source of advocacy in this situation, but they are at least echoing it and helping frame the debate around that.


The fifth and sixth sentence of the article explicitly states the concern of child protection being used as an underhanded and emotional tactic.

While I disagree with invoking child protection as a form of political blackmail, child protection is a legitimate concern. Several populations, of which children are one, are considered vulnerable to exploitation and legislation to reduce exploitation is legitimate.

The problem lies with the fragility of our political system. It is so fragile that debating the effectiveness of the legislation can be shut down with a handful of emotionally charged words. It is so fragile that seeking alternatives which don't impact fundamental rights is overlooked in the interests of expediency.

Of course, creating such rules of thumb is a symptom of the same disease. It is a tool to discourage debate rather than encourage it.


> fundamental rights

Genuine question because I never understand what people mean when they use that phrase: how is a right fundamental? Does the cold universe assign them to us or do a set of people agree such-and-such are fundamental. If the latter, were the same rights fundamental 20,000 years ago? (Because if they are fundamental, they should stretch back to early man… earlier than even 20,000 years ago)


I think that "fundamental" doesn't mean "naturally occurring" or "universal", but rather "foundational", in the sense that more nuanced rights are based upon their basic principles.

So for example we have the principle of "freedom of speech", which might be accepted by courts and society as including a right to publish literary works that some deem offensive, but that could be considered a subsidiary or supplementary right which doesn't have the same level of protection.

More relevantly, a society might accept the principle of a "right to privacy", but might not think that grants a "right to privacy from warranted surveillance" or from "warrant-less automated mass surveillance".

Of course there will always be a tension, as rights activists will instinctively claim that denying some specific right is undermining a fundamental right, since they are sure that everyone agrees that the new right is an inherent consequence of that fundamental right, but the government will always claim that its policy doesn't impinge upon any fundamental right and that the specific new right that the activists believe in doesn't need to exist at all.


The Canadian Charter of Rights and Freedoms actually enumerates the "fundamental" freedoms separately: freedom of expression, freedom of religion, freedom of thought, freedom of belief, freedom of peaceful assembly and freedom of association.

Contrast these with the rights enumerated e.g., democratic rights (the right to vote), legal rights (freedom from unreasonable search and seizure, right to counsel), mobility rights (right to live in any province and enter and leave Canada).

The rights granted are those that build _a_ society that supports those fundamental freedoms. The fundamental freedoms themselves are not something that exist in support of anything, but are simply accepted as something that stand alone as something we demand of our government.


Do you mean that fundamental rights are anything we want them to be ? So if we want, we could decide that the right to be free of criminal activity (particularly ones that encourage or lead to degradation, depression, death, etc. of children) is more fundamental than the right of privacy ? I think there's something more to being fundamental. Otherwise it seems all very arbitrary. Calling something fundamental could change at the whim of the majority.


There's a Wikipedia page which basically says they're a set of rights that are broadly agreed to be particularly important: https://en.wikipedia.org/wiki/Fundamental_rights

For example, the Universal Declaration of Human Rights, but other countries might have determined their own (additional) set.

I would assume the name "fundamental" was chosen because all other rights derive from them, i.e. if they're taken away from you, you won't be able to preserve the non-fundamental rights.


> the Universal Declaration of Human Rights, but other countries might have determined their own (additional) set

It works in opposite way. Universal Declaration universally declares nice stuff, but member countries are free to restrict and persecute the freedom of """hate speech""", the freedom of """extremist expression""" et cetera et cetera et cetera

UDoHR is just a words, intellectuals are seduced by words and dismiss the fact UDoHR doesn't works anywhere except (maybe) America


No rights are objectively fundamental. It's subjective. If people in power don't agree to act as though certain rights are fundamental, they cease to be enforced, even if lip service is paid.


Excellent point. So I’ll ignore “fundamental right” next time I read it.

I note that the United States uses “inalienable rights”, meaning ones which can’t be given or taken away.

The only things that can’t be given or taken from me without a lobotomy are my education and internal thoughts and beliefs (that includes things like self-worth and dignity).


Inalienable is just as worthless a fundamental. Obviously the US govt takes away its citizens' rights to life, liberty and pursuit of happiness through actions such as death penalty, imprisonment, compulsory military draft, and all kinds of less severe restrictions for criminals and suspects.


That's a misunderstanding of "inalienable" or "unalienable".

An alienable right is one which can be assigned to another.

Your physical, real (land), and usefruct rights (as with intellectual property rights) can be alienated in the sense that you can be deprived of them and then they can be assigned to another entity.

Inalienable rights can be denied to you, but cannot be made alien in the sense that another receives their benefits. Your own life, your own happiness, your own liberty, among other privileges you may enjoy, can be deprived of you. But nobody else can receive their benefits.

The notion of inalienable rights is not absolutely fixed. In 1800, you would have had an inalienable right to the function of your own heart, lungs, kidneys, liver, etc. With organ transplants, these are now alienable rights, as those organs (and others) can be removed and given to others, through advances in medical technology.


Note that your usefruct rights and your property rights can be alienated, but your right to property, as a separate concept, cannot.

That is, the benefits or possession of property can be transferred to another. The ability to benefit or possess cannot. Those last can be denied, and the objects of them transferred, but the right to enjoy, much as happiness or enjoyment itself, is inalienable.


Disagree.

> Obviously the US govt takes away its citizens' rights

There is a system of laws enacted by representatives of the people and proven out in courts, for example Eminent Domain.

To your point, that "nation of laws" concept is tending toward more of a theoretical than practical thing.


Then they're alienable by law, not inalienable.


I tend to see rights as temporary privileges.

A right by its name can be given or taken away. I feel the discussion about fundamental rights is moot as it always depends on the powers that be. In that sense I prefer dane-pgp's explanation of these being more foundational rights.

Your thoughts and beliefs and your actions are what you are and not a right.


Privileges accorded by whom?

If Hitler came to power, let's say in an election but it doesn't matter since the right to vote is also a privilege according to your view, and said "alright, henceforth, all blacks lose the privilege of living", would you find that irrefutable and in conformity with your own logic? If Jeffrey Epstein took power and said "children may now be raped at will", is that a matter of a privilege being cancelled? Does "might make right" however you define "might"?

I certainly hope not.


Morally you and me might prefer a system where might does not make right and human rights are truly inalienable.

Practically, however, these rights are only inalienable as long as the powers-that-be (police, military, organs of the state) agree -- if hypothetical Emperor Epstein (or real-life President Ashraf Ghani) declares child rape to be legal, and police and courts obey him, then good luck going up against them...


You are mixing up two different definitions of "right". One is a legal term about what you are allowed to do or what can be done to you. That's what gp meant. And I agree that the only rights you have in that sense are ultimately those you are willing to fight and die for. If it can just be taken away it's not meaningfully fundamental, unalienable, or universal as a legal right.

The definition you used is about what's morally right and in that sense talking about fundamental rights that can't be taken away if you want to hold up some definition of human dignity makes sense, but even then it's subjective to some degree and depends on which school of thought you subscribe to.

Your example shows exactly this ditchomy. If freedom can be taken away and sexual consent ignored, those things can't be at fundamental or real as physical laws. But even so I have a hard time imagining most who see it this way would consider this as anything but reprehensible.


You have a right to liberty regardless of whether you are enslaved or free.


A right without a remedy isn't a right at all.


I don't see either your claim or WalterBright's as clearly grounded.

Each of you needs to define how you mean "right".

(NB: The definition in the OED spans 8 pages.)


Can you explain to me the context in which an unenforceable right has meaning?

I think by any definition, a right without a remedy is meaningless. If you have a right to expression but the state taxes printing presses so excessively that only the rich can print, what good is that right?

If you have the right to an attorney but cannot afford one or the cops won't let that attorney talk to you, what good is that right? If you go to trual and they say, "it's fine, your attorney is here, representing you" and you've never seen that person before in your life, that's what we call a kangaroo court.

Many would agree that you have a right to rebel if someone tries to enslave you. How did that work out for Nat Turner? These rights matter in an idealistic way? Was that Nat Turner's goal? To get 21st century people really thinking? Or did he want a family he could keep with him, his own home, his own food?

We are used to telling ourselves over and over the stories of people who believed in their rights, fought and won them. We conspicuously ignore the stories of people who believed in their rights, fought and lost and then were not just denied their rights but made into villains.

And don't even get me started on Operation Paper Clip, U.S. intelligence supported Nazi rat lines and Nuremberg.

Perhaps if you believe there is some philosophical cosmic central plexus where your case will be adjudicated after death you can believe in capital R "Rights". I do not. And so in my opinion, all rights depend on the right to enforce them.


Again, there are numerous definitions of "right". Most usages in this thread seem to fall under the OED's 9th definition, of "a legal, equitable, or moral title or claim to the possession of property or authority, the enjoyment of privileges or immunities, etc."

Whist legal rights might have some enforcement mechanism, equitable or moral rights (divorced of legal aspects) typically would not. The right is recognised or might be asserted or defended, but by other-than-legal means.

Black's Law Dictionary gives a number of definitions, though as these are (largely) specifically in the context of law, their narrowness is somewhat expected. Fundamental right however has as its first definition "a right derived from natural or fundamental law", which might be construed as at least partially exceeding legal enforcement.

The whole notion of rights can become complicated, and whilst I often agree with the sentiments or goals of those advocating for certain rights, I find the specific rationale, logic, and/or empirical grounds often weak, leaning far more on rhetoric than some basis in reality. At the extreme, for any given right, based on "natural" or "fundamental" law, it's virtually always possible to construct a competing right which negates or countermands that.

The rights of speech vs. privacy, of bearing arms vs. freedom from coercion or fear, of access to healthcare vs. freedom from supporting another, of the national right to defence vs. the right to refrain from violence (including supporting it monetarily through taxes), etc.

There's a school of thought which dismisses the notion of rights, probably most famously Jeremy Bentham. I'm not sure I fully subscribe to his views (I've only read brief summaries, and don't substantially know them), though I'm inclined that way myself.

What I see are competing sets of freedoms, privileges, responsibilities, and obligations, most of which exist, as you suggest, based on the ability to assert or defend them as a practical matter, and to that degree I think we are in some agreement. I'd be more willing generally to suggests rights in a moral sense that should be aspired to. These might be your unenforceable, but not meaningless, rights.

There's a tremendous amount of historical reletivism and present-bias in discussion of rights. There've been incredibly durable and arguably thriving societies whose rights and values systems differ sharply with those of most present-day countries. There's been a considerable movement in questions of ethics, morality, and rights within my own lifetime, within my own homeland, and those developments are far less than those experienced elsewhere over the same period.

Absolutist declarations of rights tend to end poorly.


You are free or not, regardless whether you have a right to liberty or whether your are enslaved or free.


If governments bestow rights, then the citizens have no business revolting against an oppressive government.


Governments bestow, enforce, and adjudicate legal rights.

There may well be other types of rights that are being discussed here, and much of the confusion in discussions of rights seems to revolve around disagreement on those definitions. It becomes something of a mott-and-bailey tactic, or one of terms expressed and understood quite differently by participants.


I would instead say they have no right to revolt rather than no business revolting — their business is to give themselves rights.


Because the government would never bestow them with the right to overthrow it?


That's literally what elections are.


"Fundamental" in the sense of "foundational to civil society".

Not "fundamental" in the sense of "impossible to deny".

Where fundamental rights are routinely denied, civil society is impossible.


> how is a right fundamental?

They are inalienable and bestowed by their Creator. I.e. they are part of the innate nature of human beings.

Governments can either protect those rights or abrogate them - it cannot invent them.

And yes, they stretch back to when humans became human. Though it took a while for people to formally recognize them.


So, "inalienable" I can understand.

"Bestowed by their Creator" starts leaning very heavily on a specific religion's doctrines, and given that there is no religion which is universally adhered to by all persons, dominant in all nations, or indeed acknowleging that "no religion" is the belief of a substantial portion of the population, then regardless of the legacy of the phrase, it's not especially useful in discussion and to me seems to obscure more than it reveals.

Could you choose an alternate phrasing?


How do we know what those fundamental rights are? By observing what happens to societies that have various formulations of rights. The societies that thrive are closer to the mark than societies that are mired in misery, despair, and death.


You neglected to mention any of these fundamental rights. Can you tell me one of them so I can debate you that it’s not fundamental?


> one

I'll give you three: Life, Liberty, and the Pursuit of Happiness.


None of those except life is “part of the innate nature of human beings”.

Death is also part of our innate nature, but you did not mention that one.


When someone enslaves you, then, you have no right to complain about it.


The ten commandments as benchmark and foundation applies to many common situations.


There are at least 8 ways to divide up the “ten commandments” passages in Exodus and Deuteronomy into a total of 14 commandments, the Quran has a different set (not being a religious scholar I can’t meaningfully assert how different, given linguistic drift and translation challenges).

Bushido (or the form of it on Wikipedia) has a fairly different and also interesting set.

Anton LaVey (Church of Satan) has an interesting, albeit stereotypically American, eleven.

The philosophers in this list seem to focus on commandments of rationality more than morality, but that’s not something I find hugely surprising: https://en.wikipedia.org/wiki/Alternatives_to_the_Ten_Comman...


The majority of the commandments are not rights but restrictions, the "thou shall not"s. Even the positively-phrased commandments are obligations ("honour thy father and mother...").

These are not rights.


The Ten Commandments are not a list of rights. It doesn't even say you have the right to not be a slave.


I have no rights unless others recognize and at least tacitly agree that they have obligations with respect to those rights.

As the only person left in the universe (after some cataclysm), you'd be left with obligations but no rights. The obligations would include those that arise from within yourself to prevail and try to survive as best you can. Rights? Well, who would be granting those? The innate bit refers to obligations but not rights.


Natural rights exist even when denied and infringed. Perhaps they are discovered as a consequence of human behavior, rather than molded by a grantor in acts of beneficence or compromise.


Can you name a “natural right”?


This is beautiful and spot on.


If rights are merely a fabrication of government, then it should be possible to create a communist society that works as well as a free society.

But they don't. Not even close. Something is fundamentally wrong with communist societies.


We assign those rights as a society and, more relevantly here, as a political system. The people who draft our constitutions and (like for all political norms) those who create our political discourse have more influence in defining them than the general population, but these norms have to be agreed to by a fairly large swathe of society to be effective.


> fairly large swathe of society

I don't think a majority necessarily carries power. The uber rich and intelligence agencies carry far more power than any mass of citizens.


a) I said "fairly large swathe"

b) Elites exert control by persuasion; they control the discourse, they organize larger movements, &c. There are still limits to what popular opinion will go along with.

c) Intelligence agencies are, in most rich democratic countries, not a major lever of political power. Government economic institutions, police, courts, and the like are much more influential in both day-to-day lives and in shaping popular conceptions of the "rules of the game".


You are speaking of rights. I’m speaking of “fundamental rights”. How are they different?


"Fundamental" rights are the ones whose existence is not considered a matter for debate in society.


No such right exists. Can you name one?


In the US in particular:

The right to life (in a negative, the government-shouldn't-take-it-away) is quite universally recognized - in cases where it's violated, defenders of that violation work very hard to craft a strong justification.

The right to free speech (again, in a negative the-government-shouldn't-take-it-away) sense is also a fundamental part of political discourse.

The right to private religious practice is broadly fundamental, though the right to religious practice of various sorts in the public domain (as well as the definition of that public domain) is hotly disputed.

Notably, the right to certain social goods are "fundamental" in parts of Western Europe (e.g. healthcare in the UK), but very much are not in the US. My general impression is that positive (the-government-should-provide-it) rights are much more rarely "fundamental" in the sense of being deep in a polity's consensus.


It assumes the geopolitical domination of a group who asserts the right as fundamental. In other words a world order.


A world order or just a political system like a country?


Thanks for asking this. I’ve wondered the same things. The answers so far don’t seem to really answer the question well, which makes me wonder if this is just one of those phrases that people banter about without considering if it actually means anything.


Yeah, I can’t for the life of me think of any right that is fundamental when you consider the whole of human history and societies that have existed.

Even breathing — the most basic need — can be argued as not a right but something that the universe requires as a need to live. If breathing and life were “fundamental rights”, then there would be a provision in the laws of nature for them.


Rights presuppose justice. When I say that I have a right to something, it means that something is owed or due to me from others for some reason. Justice, like all of morality (see "natural law theory"), presupposes human nature. Human beings are rational animals with the freedom to choose according to (or against) what is rational. If we lacked, by nature, either rationality or free choice, it would not make any sense to speak of the exercise of justice and therefore of rights because if I can't understand, then I cannot be expected to choose according to the objectively good, and if I cannot choose freely then I cannot opt for the good.

What is good for human beings is objectively true as determined by human nature. It is objectively harmful, for example, to starve. It is objectively harmful to cut off one's right arm. It is also objectively harmful to take drugs that frustrate the exercise of reason because this is opposed to being the kind of thing you are, a human being. The same can be said for the misuse of the body and its faculties in various ways. They work against their healthy function and your well-being.

Now, by nature, as I already said, human beings are rational animals, that is, it is our nature to be rational. We are also social animals. Thus, our own flourishing as individual human beings is also social. A society in which justice isn't practiced is no good for the human beings that are a part of it. Justice means that we can make claims, at least under certain conditions. It is of course unjust to make claims upon others that are not warranted, so we must determine what exactly constitutes a just and legitimate claim. This presupposes rationality (you cannot have a claim to what is absurd or evil) and relational (some relations are voluntary, others are not, but the nature of the relationship will inform us of our obligations and claims) and conditioned by other factors (a criminal forfeits certain rights by virtue of having committed an injustice).

I will agree with you, though, that "fundamental rights" is unclear. If they mean something like what I've described, as something that is determined by human nature, then sure, they're fundamental in the sense that they have an objective ground in human nature. But if they are understood as somehow absolute in the sense that a criminal could go around murdering people and still maintain a claim to his own life, then no.


Fundamental is whatever the politicians and the rich decide it's fundamental. For example the right to live is fundamental except if you live in a conflict zone (US with its shootings included).


> legislation to reduce exploitation is legitimate

The problem is they don't reduce it. It doesn't prevent the abuse and rape nor does it prevent the trade. They install mass surveillance that catches some idiots.


It sounds like you’ve lifted your ethics from an episode of The Simpsons

People should judge things like this based on the content and context of the legislation, not based on a 3 word summary of its justification. There’s your rule of thumb


Seems like a rule that fails pretty fast if children actually need protecting.


I’m really shocked at how causally some HN commenter will discount the very real problem of online child pornography. It honestly disgusts me how people will hardly acknowledge it’s a real problem.


The legislation: https://www.europarl.europa.eu/doceo/document/TA-9-2021-0319...

Press release: https://www.europarl.europa.eu/news/en/press-room/20210701IP...

Summary from the above link:

> Service providers can continue applying voluntary measures to detect, remove and report child sexual abuse content

> National data protection authorities will have stronger oversight of the technologies used

> Temporary solution for maximum three years

According to the text of legislation, looks like this kind of scanning was allowed until Dec 21st 2020 when it become affected by a stricter privacy directive, and this reallows such scanning.


I have not been able to find anything about final legislation either, though I did find some references [0] to the chat control legislation from June: [1].

I haven't read through it all, but the notable paragraph seemed to be:

  This  Regulation  therefore  provides  for  a  temporary  derogation  from  Article  5(1)  and Article    6    of    Directive    2002/58/EC,    which    protect    the    confidentiality    of communications  and  traffic  data.
'derogation' being a partial repeal of a law.

[0]:https://www.computerweekly.com/opinion/European-chat-control...

[1]: https://www.europarl.europa.eu/RegData/docs_autres_instituti...

Edit: It does seem that the intention here was to allow tech companies that were previously scanning for child abuse to continue to do so after December 2020, see politico.eu article


In [1], pages 10 and 11 are the actual directive, the rest is the reasoning. And, although I don't know the previous directives and regulations, it reads as if this is essentially an extension of an exception to the ePrivacy directive for another five years.

Birgit Sippel says in her statement to the president of the parliament [2]: > Dieses Gesetz ist eine Übergangslösung für drei Jahre. Die Kommission hatte versprochen, noch vor der Sommerpause einen neuen, dauerhaften Rahmen für die Aufdeckung von Kindesmissbrauch vorzuschlagen. Jetzt dauert es noch bis September oder Oktober. Dafür erwarte ich einen deutlich verbesserten Vorschlag. Die langfristige Lösung muss sich mindestens an den Datenschutzgarantien der temporären Lösung orientieren. Sie muss zwingend Lösungen für das gezieltere Scannen privater Kommunikation finden, sonst wird sie vor nationalen und europäischen Gerichten kaum Bestand haben.

Translated (by myself): > This law is a short term solution for three years. The commission promised a permanent solution to combat child abuse before the summer break. Now, this will take until September or October. Thus, I await a much better proposal. The long term solution must have at least the same guarantees for data protection as the short term solution. It [the long term solution] must have solutions for purposeful/targeted ("gezielt") scanning of private communication, otherwise it will not hold up in front of national or European courts.

So maybe things do not change that much right now.

But back to [1], I am especially curious about article 3(e): > the provider annually publishes a report on its related processing, including on the type and volumes of data processed, number of cases identified, measures applied to select and improve key indicators, numbers and ratios of errors (false positives) of the different technologies deployed, measures applied to limit the error rate and the error rate achieved, the retention policy and the data protection safeguards applied

Do you know if and where such statistics are published? (today?)

[2]: https://www.europarl.europa.eu/doceo/document/CRE-9-2021-07-...


Yeah, this is a fair assessment.

The main article is sensationalistic and overblown.


People react strongly to such things because we’ve all lived long enough to see new powers targeted at bad actors eventually abused by law enforcement.


https://en.wikipedia.org/wiki/Patriot_Act

It's not overblown. The horror that is the "Patriot Act" was temporary, until it wasn't. It only expired in December 2020, 19 years later, because Trump threatened to veto it if he didn't get his way, and as a result it expired because nobody chose to vote on it. If I was a betting man, I would assume it's still in use even when expired.

So, temporary laws can last for decades.


> I have not been able to find anything about final legislation either

It's here:

https://www.europarl.europa.eu/doceo/document/TA-9-2021-0319...

Looks like it has a more restrictions and a reduced time period (3 years) than the proposal you linked, and some requirements to feed statistics back to monitor the performance of the law.


What could possibly go wrong with this legislation?


Yep this https://www.patrick-breyer.de website is the worst example of self-referencing I have ever seen :(


Just to clarify a point for discussion: this is already the law in the USA, and always has been [0]. European privacy law formerly prohibited private entities from reading personal communications, and handing them over warrantlessly to governments (as I understand it (?)); but this was never a thing in the US.

[0] https://en.wikipedia.org/wiki/Third-party_doctrine


From that source:

In 1986, the United States Congress updated the Omnibus Crime Control and Safe Streets Act of 1968 by enacting the Electronic Communications Privacy Act which included an updated "Wiretap Act" and also extended Fourth Amendment-like protections to electronic communications in Title II of the Electronic Communications Privacy Act, known as the Stored Communications Act.

In Carpenter v. United States (2018), the Supreme Court ruled warrants are needed for gathering cell phone tracking information, remarking that cell phones are almost a “feature of human anatomy”, “when the Government tracks the location of a cell phone it achieves near perfect surveillance, as if it had attached an ankle monitor to the phone’s user”. and that

[cell-site location information] provides officers with “an all-encompassing record of the holder’s whereabouts” and “provides an intimate window into a person’s life, revealing not only [an individual’s] particular movements, but through them [their] familial, political, professional, religious, and sexual associations.”[5]

AND

From https://www.legalmatch.com/law-library/article/e-mail-and-wa...

Are there Any Laws that Protect Your Email Privacy?

Under the Electronic Communications Privacy Act (ECPA), police can access emails without a warrant if the emails are stored in the cloud and at least 180 days old. However, this law is outdated and lawmakers are attempting to pass the E-mail Privacy Act. This would update the ECPA by requiring warrants for all email searches. At the moment, in July 2018, the ECPA has yet to pass.

E-mails that are in remote storage and opened or older than 180 days do not require a warrant. Instead, the police only need to obtain an administrative subpoena. Administrative subpoenas are issued by federal agencies without any approval by a judge, so they are much easier to obtain.

So.. run your own email server in your basement if you're concerned (which would require a warrant). Or try end-to-end encryption solutions.


Think you're glossing over the distinction between compelling material (by warrant, subpoena, &c.) -- what the Fourth Amendment covers -- and private entities voluntarily giving the government material that third parties have entrusted them. Nothing regulates the latter: that's the third-party doctrine.


> Nothing regulates the latter

That's not true. The Stored Communications Act _does_ regulate this. In fact, it was passed in response to concerns that the third-party doctrine would mean that nothing would be protected from the government if it was stored by a third-party service provider.

The law says that the contents of communications may not be divulged unless certain conditions are met, even voluntarily. See 18 U.S. Code § 2702.


The people you're replying to aren't glossing over it, the posted article (and the comments predicting the end of the European tech industry) is glossing over it. "European Parliament approves mass surveillance" really means "European Parliament suspends portion of privacy law that prevents third parties from voluntarily monitoring information entrusted to them" - as they're able to do in the US.

The European Parliament isn't (in this action, at least) compelling anyone to surveil anything.


This is a bizarre distinction to make when the third party doctrine has resulted in mass surveillance in the US.

> The European Parliament isn't (in this action, at least) compelling anyone to surveil anything.

Why shoot down something that you're adding to the article? Who said the European Parliament was compelling anyone to do anything?


This is true.. not much to be done with the major providers are all in bed with the Feds. I mean, the telcos literally allow the Feds to port mirror all their traffic. End to end encryption on your own encrypted storage perhaps.


I'm not sure if "allow" is the right word here. Really the NSA can set up another Room 641A at any company they want regardless of that company's wishes and with a national security letter the company can be prevented from even telling anyone (like their customers or the media) about it. I was furious when Obama granted telecom companies immunity from prosecution for their role in the warrantless spying, but really it's not exactly fair to pushing people who are strong-armed into compliance.


Perhaps, but if it became public that my telco was allowing NSA to backdoor comms, I’d say the devil made me do it, too.

https://www.propublica.org/article/nsa-spying-relies-on-atts...


There is a fairly large caveat to this and it happens to also deal with children.

18 U.S. Code § 2258A - Reporting requirements of providers

In short, it requires ESPs to report incidents of child exploitation that they become aware of to the National Center for Missing & Exploited Children.

According to NCMEC's published data there were over 20 million reports in 2020. The latest breakdown by ESP I could find was from 2019, which shows facebook making 15 million reports.

https://www.missingkids.org/content/dam/missingkids/gethelp/...

EDIT: Here's the 2020 report:

https://www.missingkids.org/content/dam/missingkids/gethelp/...


That's what ECPA says, but the Fourth Amendment does apply to e-mails as well as ECPA. Today, pretty much no significant commercial e-mail provider is going to give up e-mail contents without a warrant, even when over 180 days old.

In 2010, the Sixth Circuit held ECPA to be unconstitutional as it relates to email and compelled disclosure without a warrant (at least for large volumes of private email) [0]. This hasn't been tested at the Supreme Court, although the Warshak opinion has been cited approvingly, mostly because providers don't disclose content without a warrant so nobody has had a case to take up.

Carpenter shows 4A can protect metadata under some circumstances too (for more than 7 days of CSLI), even if law enforcement obtain a court order, which requires less evidence than a search warrant.

[0] https://en.wikipedia.org/wiki/United_States_v._Warshak


Those are great. Thanks for posting a very clear summary of two important points. It seems to be very hard to find and define on your own. Too bad they didn't make the same thing for credit card transactions, which are almost, and becoming more so, part of our anatomy. (Will the rules change if they are (injected chips, for instance.)


This makes the EU look pretty hypocritical for striking down the "Privacy Shield" agreement that they had with the US for GDPR.

In fact, I have to wonder if this will put that ruling in danger of being overturned now?

(And how much do you want to bet that the lawyers at Facebook are gearing up for that very fight right now?)


So it is okay then.

Then when EU will start running concentration camps for thought criminals, we will say it's okay China already do it...


It seems that the Four Horsemen of the Infocalypse [0] are as obvious as they are effective.

[0]: https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...


It's becoming scary how dangerous legislation is passed under the guise of protecting against "child exploitation". It's basically political suicide for politicians to vote against it (since the public cannot understand the nuance).


Up to people who do understand it to expose the ones voting for it.


EU Politicians pass anti-privacy legislation to 'protect' us from terrorism....

Which is caused by the open borders and migrant settlement programs promoted by the EU in the first place.

Convenient isn't it?


EU internal borders are open, the external ones are not. It’s a bit like the USA in that regard, biggest difference is our versions of California and Louisiana have their own national languages.


Reminder that even Johnny Rotten of the Sex Pistols knew 25 years ago that Jimmy Savile was abusing children and the BBC upper management must have known many more details about their star, than Johnny Rotten.

Not only was nothing done but BBC's upper management escaped any responsibility for the protection they gave Savile.

One could mention the Dutroux affair, British PM Ted Heath, and many more scandals... yet it does seem that the European elite excuse themselves and instead invade everyone else's privacy instead.


Facebook fails to go after child pornography despite it's insane panopticon.


Every time a surveillance system and violation of privacy rights is advertised in the EU as a solution against child abuse and trafficking I ask myself how such a system could have changed the outcome of a case like Dutroux. Would have been the dozens of witnesses and police officers involved in the investigation suicided a way sooner, later, more silently, or at all? We will never know...


> Previously secure end-to-end encrypted messenger services such as Whatsapp or Signal would be forced to install a backdoor.

This is surely a fantastic extrapolation of this author. The chance of this happening is zero, which is also the chance of this being explicitly stated in the legal text.

It would be a disaster of course. And extremely controversial. Which is why it doesn’t just get passed under the radar, even as a temporary measure.

Isn’t there a copy of the actual legal text anywhere? Or a sober analysis of that text that isn’t made by a member of the pirate party?

Edit: Here https://www.europarl.europa.eu/RegData/docs_autres_instituti...

It doesn’t mention encryption, back doors, or forcing any entity to do anything. It does mention allowing companies to temporarily continue current monitoring for child abuse under certain conditions. What exactly is the outrage about?


But it did get passed under the radar. No one knows about this except for techies, and even then it was quite easy to miss.


The legislation would not have passed under the radar if it does what the author claims e.g require backdoors or similar.

The reason it didn’t raise many eyebrows is because it doesn’t mention this.


https://www.patrick-breyer.de/en/posts/message-screening/?la...

> For autumn 2021, European Commission announced that it will propose a follow-up legislation that will make the use of chatcontrol mandatory for all e-mail and messenger providers. This legislation might then also affect securely end-to-end encrypted communications.

So far nobody is reporting on this.


So he is outraged by this and the worst thing is… not in this legislation but in a potential follow up legislation that might contain those bad parts?


At this point I'm assuming you are arguing in bad faith. Again, no one is reporting on this. People should be made aware that if the vote happens, they can nag their reps beforehand. But they aren't being made aware.


You must be misunderstanding what I’m arguing.

I’m saying nothing about the actual law passed or how it wasn’t reported on.

What I’m saying is that the article linked talks about banning encryption or mandating back doors, and that law would be very controversial (much more than this one) so that law couldn’t just be passed unnoticed.

The future law text about banning encryption might be written some day and I too hope we have plenty of time to nag reps before it ever gets to a vote. This could be years from now, if ever.


nah, you are bsing, the article is about legit concerns, you failing to see any of that or naively/foolishly believing the innocence of the legislators is your own problem.



Why would a company in the US (Signal) decide to comply with the doctrine of another country, especially a doctrine antithetical to their entire business?


Well, zero is not just a really small number.

But to answer "why" would involve unpacking many direct and indirect motivations. First, I would never trust that any corporation has any doctrine that they would or could stand by ad infinitum given the right pressures.

At the end of they day you're talking about humans. A group of self-interested humans. A group of self-interested humans whose makeup changes as directors and executives rotate out. A group whose intentions can be undercut by an individual. Think you that the "Snowden" move doesn't happen the other way around? Probably more frequent that the intelligence communities infiltrate private organizations with rogue contractors than they experience it themselves. Probably really dang easy to be honest.

Since it came up earlier, I might just casually point to AT&T letting the NSA (or whomever) mirror all the traffic running through their network[0]. That would seem antithetical to their business, but obviously there are competing motivations. Where are those motivations sourced? Who makes the call? We don't know. I guess that's my point - you can't put faith in opaque decision making processes. I wouldn't rely on them, is all I'm saying. You could say the risk is low, but it's definitely not zero.

[0] https://www.propublica.org/article/nsa-spying-relies-on-atts...


My point originally not whether anyone would comply, but whether such a measure would ever be worded, let alone enforced.

The op article doesn’t convince.


Do they want everyone to switch en masse to end-to-end encrypted communications? Because this is how you encourage that.


The vast majority of people do not care. Politicians will say this is to stop pedophiles, and if you speak up against surveillance, you’re labeled as a pedophile and ignored.

Plus, let’s be real, end to end encryption doesn’t exist if you’re using any sort of pre-built app. It’s encrypted-looking to most people, but the people who matter always get back door access.


Don't care or don't perceive the threat clearly?


I’ve seen both when trying to advocate against the UK’s Investigatory Powers Act.


> Plus, let’s be real, end to end encryption doesn’t exist if you’re using any sort of pre-built app. It’s encrypted-looking to most people, but the people who matter always get back door access.

Why do you think this is the case? I know for a fact (with a reasonably high level of confidence) this is not so.


More end to end encryption use only means more laws banning encryption faster.

Or do you really think that when for example DoH gains wider adoption all the countries using DNS based blocking will go "Oh well guess the techies got us".


Good luck with that - the genie's out of the bottle.

End to end encryption is vital to the operations of modern businesses, it's not going anywhere anytime soon.


You'd be surprised then how fast things bend and eventually break under government rule.


Agreed. Most people, when confronted with the choice of jail vs. doing what they are told, will do what they are told.


This works best if the individuals or companies doing this have a meaningful presence in your country and/or consider it a sufficiently relevant market.

If they don't, your critical infrastructure (Internet) just stops working until you conform to the standards set by those who write the software.


Sure, and then the governments are forced to tell the intelligence agencies they can no longer afford all the we-told-you-so consequential successful hacks that happened because of the back doors they demanded.

And the competent criminals will still be able to roll their own encrypted communications from existing open source libraries.


Counterpoint: China does modern business just fine.


Businesses will need to have a license and keep logs of such communication.


E2E encryption is? Or encryption in general? SSL is not E2E. The data isn’t encrypted at rest in most places.

I want E2E encryption as much as the next person, but we need to make sure we’re honest about its use cases


The only distinction there is Client/Server vs Peer/Peer, peer discovery is a thing, but other than that it's fundamentally the same problem with the same solution(s).


The world has a poor history on banning the application of math.


laughs in Mandarin

Well, I shouldn’t do that. Suffice to say, it’s simply a fact that China bans VPNs, and pretty much everyone goes along with it. People fear jail.

It’s hard (but not impossible) to imagine Europe and the US doing that. NordVPN is practically a household name, at least on YouTube.


President Pooh bans VPNs but pretty much everyone uses them and jumps over the great wall.

People just have a 'compliance' phone when authorities ask to rummage through it.


> People just have a 'compliance' phone when authorities ask to rummage through it.

Does this ever work? Depending on the jurisdiction, law enforcement authorities can easily get a warrant to enter your home and search through everything to ensure that they find all of your devices.


VPNs are not illegal in China and are part of doing business/daily life. China is authoritarian, but at least smart. They understand that the great firewall can reduce the free flow of information to a respectable degree and thus they implemented it. They also understand that going after VPNs is futile with the current technology.


Which is ironically self defeating after major multiple security product breaches. Laws banning encryption or requiring backdoors as well as the practice of secret court warrants discourage fundamental investment in strong encryption products and standards.


Doesn't help if you don't control the ends of the end-to-end part. We don't control iOS nor Android on most devices.

In general this holds: There's no privacy on the internet.


Security researchers will always break into, reverse engineer, and scrutinize OS firmware and apps.

They’re not going to find every backdoor. But I’m sure their work serves as a deterrent to some degree. Vendors aren’t going to deploy backdoors unless some state actor forces them to, and even then chances are they’re caught and called out.


Security researchers will also happily sell their tools to law enforcement and other agencies. Companies like cellebrite specialize on that.

In short, if you are being targeted (and, granted, the chance of that is pretty low), your data and communication is not secure. It's an economical question, not a technological question. (the FBI paid $1.3m in one case to get access to a phone).


If you care about it, switch to Librem 5 or Pinephone.


Neither of these can access the financial services provided by my bank nor the infrastructure provided by my city


This is worrying. I always thought about this since I have long-standing user experience with privacy-related stuffs and the more you block, the less you can use. But being unable to access financial services or city infrastructure provided by your city makes me think that either these services are terrible or the privacy phones are breaking something. Case in which I am most curious to find out what exactly are they breaking and how are those things both essential and privacy related? - I'm unsure if my sentence makes sense, English is not my first language.


Removal of KEYGEN feature from Firefox and other browsers was a major mistake in this regard.

My bank(s) used password+client certificate, but now they have switched to proprietary mobile OTP apps. (also due to some directives). For some stuff, SMS codes are used.

Also, I've seen CA's simply deliver the .P12/.PFX file now instead of securely generating the key on the client and then signing it.


Seems like your government supports the duopoly, which you should fight against.


It mentions in the article that even apps like Signal would have to install backdoors that they can use.


Crypto is just about worthless without personal computing.


That can't happen with open-source, whether it's "free" or not.


While true, an adversarial government can pass new laws to restrict access or installation of software it deems dangerous. Politicians, uh, find a way.


Open source. That means that they'd have to either prevent the downloading of the source, prevent it compiling, or prevent running something that you compiled on your own box. Any of those three seems to be guaranteeing that Europe will not have any leading role in computers for the foreseeable future. Any of those three also seems almost impossible to enforce.


There's no way to build apps locally on most smartphones which are the majority of end user devices.

Open source practically died with personal computers.


When did personal computers die? Most desktops and laptops are fairly open and although android phones are not as open you can build software on your laptop/desktop for usage on your phone.

You could also use something like pinephone or librem. You wont have access to a lot of android tech but the most important functionality. A web browser, sending sms, email, making calls all work.


I agree. Currently not many people use open source on their phones, but that could change, and things like F-Droid are ready to be used.


It wasn't that long ago that encryption was banned in France.


Source?


In the US, forcibly including certain code in your program would be a 1st amendment violation.


I can envision all sorts of workarounds to this constitutional issue. And, Congress does this sort of thing all the time.


Signal didn't publish the source for their server-side from 20 April 2020 to 6 April 2021 while they secretly added a cryptocurrency payment system. Open source is only open if the source is available (and yes -- if their end-to-end encryption system is working properly than even a notional malicious server would not be able to intercept message contents, but could of course provide metadata, and also you have no way of verifying that the app you install via whichever app store you install Signal from was built from any given source).


That's absolutely not true, since Google is now signing app distributions and can easily swap them out. Additionally, there's no guarantee that Signal is shipping the same code to the app stores.


The whole stack needs to be open source and user modifiable, though. Signal is open source, but if Apple is one day compelled to ban non-backdoored versions from the App Store, nobody can use it on an iPhone.


it can if you don't compile the source yourself, a la the app store


That's not how this works in practice



xkcd is a just a comic - please don't make it a conversation killer.


Well, to revive this conversation.

States have access to "a monopoly of legitimate violence". We grant them that in order for them to be able to keep the peace, you know, law and order.

Everything else can be boiled down to this. No matter how many bits of encryption keys are used, someone with a chloroform infused rag and a wrench can visit any of us at any moment. And it's actually part of what we, collectively, as citizens, have granted as a power to the state.


I might be too influenced with Brazil I watched recently, but the monopoly on necessary violence is not without restrictions ( which is why there is an outcry when the outer bands are pushed too far ). Granted, the fact is that the bands are now hidden from public view only to resurface when a whistleblower lets the population know. Still, basic principle remains. There are limits to violence goverment can legitimately engage in.


> someone with a chloroform infused rag and a wrench can visit any of us at any moment

That's where engineering comes into play, maybe materials science to build suitable systems to defend against such physical attacks. And, you can't just ban engineering.


Unless I become Robert Johansson[0], my imagination and capacity for material engineering is not going to be enough to simultaneously have a life and protect against a single sufficiently motivated individual, let alone a nation state putting a lawful (by its standards) order against me.

I’m only even safe from nutcases because the nation collectively has enough experience dealing with people who think they know better.

[0] https://en.wikipedia.org/wiki/Dennis_E._Taylor


> someone with a chloroform infused rag and a wrench can visit any of us at any moment.

Phrased like this it sounds like you are implying that the legal system in any EU country has no power over goons with wrenches, and everybody is effectively living in a police state. Why even bothering to pass laws around encryption?


To be precise, the article says that apps like Signal are to be the target of a follow-up regulation scheduled for coming September. It also emphasizes citizens' strong opposition to this prospect.

Fingers crossed, but is it enough? What can we do to prevent this sh*tload?


Seems like the same legal body that made these laws would outlaw that activity.


Yeah, but how sustainable is the EU really, in the long term? I’m still convinced it will either dissolve or devolve into a rump organization within my lifetime.


EU gets a lot of stick but deep below, the boring stuff keeps it together.

Brexit showed just the enormous depth of high quality glue keeping all remaining countries together.

So I don’t think the EU will be collapsing any time soon, certainly not for rational reasons.


Yeah, but how much of that boring stuff requires the full matter of what the EU has become? That’s why I could see a rump sticking around or getting folded into some other institutions, if full dissolution never quite happens.


Again, Brexit shows, imho, that you can’t have the boring stuff without the tight integration. There are no duties because taxes are harmonised. There are no import/export controls because norms are identical pan-EU.

The UK wanted to drop the tight integration and acceptance of common goals, but keep all the tax and trade benefits. But the logical hurdles turned out to be insurmountable. Want to sell fish tax-free? Well let us fish in your waters. Want to sell frictionless to our markets? Accept our standards. So what should the common ground be for digital services?

Initiatives like this, good or bad, represent the EU’s drive to combat big issues facing the world, and again need to be tackled for the EU to remain relevant; it can’t just stick to subsidising farming, that is so 1950s.

I spoke once to a senior economist (can’t remember the name sadly) who made a good point: EU is often compared to national governments, and looks sluggish by comparison. But the real comparisons would be to other enormous bureaucracies: US federal government, China, UN etc. And when you make this comparison, it is in fact quite favourable for the EU. Basically, scaling is hard, and the EU is not bad at it.


> Basically, scaling is hard, and the EU is not bad at it.

It's not scaling economically though, is it?


What makes you say that? Mass media, especially English speaking mass media, have been EU polyannas since its inception. It's bad for their status quo.


"Brexit shows, imho, that you can’t have the boring stuff without the tight integration"

This is definitely not true. There are tons of 0-tarrif trade agreements in this world, and even those without border checks for commercial goods - all without political integration.

NAFTA/USMCA have been doing this for 35 years and it's very effective.

Brexit doesn't show 'how good the EU is' it shows the opposite: that UK, Switzerland and Norway well get along quite well outside of the political body.

The EEC was entirely uncontentious - everyone wants some version of that. No arguments from anyone there.

But the argument that the 'Political Layer over the EEC, i.e. the EU, is necessary' might have some merit, but it's probably more complicated, and it might not even be true.

The real comparison is no between EU/US/China - but between the EU and a more comprehensive version of the EEC - i.e. some kind of 'deep trade integration' but without a political body, and without an ECJ with 'Legal Supremacy'.

This surveillance issue highlights one of those areas where I'm not so sure the EU would be perfectly ideal for supranational laws. Treaty-based regulation - for sure. But laws under ECJ Supremacy ... I'm not so sure. It's going to be interesting to see how this jives with the German Basic Law and their de-facto opt-out over constitutional issues.


It's all stick, no carrot. Unsustainable.


The EU has a lot of carrot for countries like Poland or Lithuania. Even longer term members such as Belgium, etc, that don't have such history with the Soviets know they are better off being in the EU than splintered.


What is the 'carrot' for Spain, France, Italy that goes beyond what the EEC provided?

Why would a 'really great trade agreement' not provide 'most, if not all of the carrot' with respect to economic upsides?

Does the EU political apparatus an ECJ, i.e. beyond comprehensive trade agreements, provide carrots?


Well, one carrot for Spain was the assistance it received during the last financial crisis[0], and France probably likes being able to project its influence onto neighbouring countries through its position in the EU.

Less reductively, I think that a major benefit of a political union is that it gives some degree of democratic legitimacy to decisions made about difficult region-wide issues like trade policy, consumer protection, immigration, the environment, and anti-trust law, to name but a few.

All of those matters could in theory be settled via multi-lateral treaties, but they would probably be hard to reach flexible compromises over while still being overseen by representatives voted for by the public with a mandate for deciding on those supranational issues.

[0] https://en.wikipedia.org/wiki/European_debt_crisis#Spain


Those are not very good carrots.

Why bother with barely a vaneer of legitimacy at the EU level which has a democratic deficit?

Why not have an EEC that casts flexible treaties over immigration, environment and anti-trust on as as-needed basis, with actual elected represented 'regular' national MPs dedicated to those issues at the European level? i.e. Boris would have 5 Cabinet Ministers for major European level issues and a European ministry?

That way have the benefits of some degree of coherence without the sovereignty problem.


So your solution to the "democratic deficit" of the EU is to give Boris more power? He already has, in practice, all the power of the unelected head of state at his disposal, plus the unelected House of Lords, based on a voting system which put him into power with 44% of the popular vote.


"He already has, in practice, all the power of the unelected head of state"

B.J. is an Elected Head of state. He won his mandate in a very clear and unambiguous election, the primary issues of which concerned not only on his leadership and tenure, but also the pivotal issue of Brexit. The election had very high participation rate, and the UK public was very well informed with respect to the stakes involved. B.J. doesn't have absolute power and both his party and opponent MPs can challenge his authority.

The EU meanwhile, has barely any democratic legitimacy.

The President of the Commission and members of the Cabinet - those that enact legislation - are unelected.

Ursula Von Der Leyen did not stand for election. She was plucked from obscurity by Macron and Merkel after the EU elections, in a closed, backroom deal in which voters had no effective influence. The protocols by which she was chosen are not codified, in fact, it's only recently agreed to (Treaty of Lisbon) elected MEPs should even have to be consulted.

Von Der Leyen was not introduced to the public before the election, she didn't go on a media circuit so as to be introduced to the public of various countries where people could learn about her or her platform. There were no editorials, there was no media vetting, there were no interviews, there was no pragmatic by which voters could even learn about their would be leader. She was imposed in EU voters, probably less than 2% of whom had even heard of her.

EU elections have very low rates of participation, EU voters have very low awareness of any of the material issues, MEPs have very little ability to influence legislation and very limited ability to censure leaders.

So yes, Boris Johnson (and Macron, and Merkel) have considerably more legitimacy than any members of the EU apparatus, and that might very well serve as a better basis for European citizens to influence the establishment of rules or laws via treaties as opposed to the very indirect democratic mechanisms of the EU.


> B.J. is an Elected Head of state.

Just so we're using the same terms, here, I think it is conventional to describe Johnson's role as "head of government".[0]

> members of the Cabinet - those that enact legislation - are unelected.

The Commissioners are appointed by the heads of government of the member states, exactly the process you suggested in your earlier comment. If you think that Boris would be limited to picking ministers who had actually gone to the trouble of winning an election, then you'll be surprised to read about the 19 unelected ministers that Boris has chosen.[1]

> Ursula Von Der Leyen did not stand for election.

While Boris did manage to win 25,351 votes in his constituency, and 92,153 in his leadership election, there is nothing preventing a UK prime minister from gaining power through a backroom deal, such as Theresa May's unopposed leadership "election" in 2016, or Brown taking over from Blair in 2007.

This is of course accepted since the PM must hold the confidence of the parliament, but the same is true of the Commission President, who must receive the approval of an absolute majority of MEPs.[2] In fact she (together with her Commission) was elected with 461 votes to 157.[3]

> She was imposed [on] EU voters, probably less than 2% of whom had even heard of her.

I agree that this is a failing of the process and the political culture of the EU.

> EU elections have very low rates of participation, EU voters have very low awareness of any of the material issues

That could be interpreted as meaning that a large proportion of EU citizens don't feel particularly affected by the EU's decisions, which would mean that the EU is (correctly) leaving national issues to national politicians (who then influence the decisions of the Commission through their appointed commissioner).

> MEPs have very little ability to influence legislation

Any influence the MEPs lack just means more power to the national governments who control their respective commissioners. I don't see how this process is any worse than having an unelected House of Lords which contains hereditary peers.

> and very limited ability to censure leaders.

MEPs have the power to call a Vote Of No Confidence in a Commission, which can lead to its dismissal. This came close to happening in 1997 during the BSE crisis.[4]

> So yes, Boris Johnson (and Macron, and Merkel) have considerably more legitimacy than any members of the EU apparatus

If by "any members of the EU apparatus" you mean "specifically Ursula Von Der Leyen" then you almost have a point. I would also be more convinced if you had limited the first part of your statement to just Merkel, as I believe that Germany's electoral system is more proportional than the UK's and doesn't have the "safe seats" problem of FPTP. (The two-rounds system that Macron was elected under has its own problems).

As a thought experiment, imagine that Biden had won the presidency with just 44% of the popular vote, and that win also granted him an effective super-majority in both houses of Congress (since the UK only requires a simple majority to force through constitutional changes). I can only imagine that scenario leading to civil war in the US, and yet this equivalent situation in the UK lets some people think they can throw stones at the EU's democratic character.

[0] https://en.wikipedia.org/wiki/List_of_current_heads_of_state...

[1] https://bylinetimes.com/2021/02/19/brexit-revives-the-power-...

[2] https://www.europarl.europa.eu/news/en/faq/8/how-are-the-com...

[3] https://www.europarl.europa.eu/news/en/press-room/20191121IP...

[4] https://www.politico.eu/article/meps-split-over-vote-of-no-c...


[flagged]


I’m not saying this is a good idea, only that it’s not in the brink of falling apart. And I reckon this is the last thing that would break it. Farming subsidies or carbon credits if anything. Again, the boring stuff.


Yeah, farming subsidies alone could keep the EU afloat for years - we simply can't get by without them.


Well, I'm assuming that's one of the things that total pervasive surveillance and control of communication is meant to address.


Seems like acting with that intent with this power is an easy way to accelerate the EU’s own dissolution.

The Warsaw Pact, the Cold War, the Iron Curtain across Europe and the Berlin Wall, as well as the communist surveillance States that still-living Europeans lived within and remember well enough was not that long ago.


They probably make the argument to themselves that none of those people had anywhere near the amount of data they will have. I guess it remains to be seen how long an intelligence agency can hold a country together when they have access to a large portion of every private conversation between citizens.


From the article:

> The European Commission has already announced a follow-up regulation to make chat control mandatory for all email and messaging providers. Previously secure end-to-end encrypted messenger services such as Whatsapp or Signal would be forced to install a backdoor.


I don't think that's true. Most people use Facebook Messenger or WhatsApp; privacy isn't really a selling point for the majority of people. "I've nothing to hide" is the common response.


Whatsapp is end to end encrypted.


The backups aren't. Same with iMessage. end-to-end has become a marketing buzzword, any large scale deployment gets backdoored (via either key or plaintext escrow) at the endpoints, to FISA/PRISM providers who have to turn it over to the state without a warrant.

China has the same setup with providers in their country.

WhatsApp and iMessage simply aren't private when the providers get ~100% of the plaintext transiting the service within 24 hours (immediately in the case of iMessage, as thanks to "Messages in iCloud" (cross-device sync) being on by default, the MIC sync key is escrowed to Apple in a non-e2e backup, permitting them to decrypt the sync traffic in realtime).

Truly private, easily accessible, society-wide private communications are a threat to sovereignty, and governments know this, which is why even europe (leading the way on individual privacy and rights on this planet, in general) is reluctant to permit it. Same goes for truly censorship-resistant, easily accessible payment systems. They allow you to coordinate (private/uncensorable messaging) and pay for (uncensorable payments) an army outside of state prerogatives, in theory.


> [...] as thanks to "Messages in iCloud" (cross-device sync) being on by default [...]

Messages in iCloud is off by default AFAIK.


It's not, but in the case of Messages in iCloud being off, the actual plaintext of the iMessages themselves is included in the (non-e2e) iCloud Backup (which I am 100% positive is on by default).

In the case of MIC being on, then the MIC sync key is included in the (again, non-e2e) iCloud Backup.

MIC on = MIC sync key escrow via iCloud Backup (realtime iMessage content decrypt)

MIC off = iMessage plaintext escrow via iCloud backup (nightly)

https://www.reuters.com/article/us-apple-fbi-icloud-exclusiv...

Before you mention "but you can turn off iCloud Backup!": these default settings affect all of your conversation partners, too, so even if you disable iCloud Backup, it's likely that your messages are still getting escrowed from the devices of the people you talk to.


For the purposes of an eu law requiring facebook to scan messages, facebook can’t scan icloud backups.


Any law that the EU can apply to Facebook to scan messages readable by Facebook that transit Facebook's service, the EU can apply to Apple to scan messages readable by Apple that transit Apple's service.


Would apple/google be able to comb through that data though? WhatsApp backups are not e2e encrypted, but they're still encrypted with a key generated by Facebook the moment you login to your account, and probably refreshed periodically. Technically, Facebook would be the only one capable of turning the encrypted backup into plaintext, so if google wanted to do something with your messages backup it would have to knock at Facebook's door first.

This kind of cooperation is definitely illegal in this moment and I'm nut sure future legislation will require services to set up persistent encryption keys exchange among services so that a backup file that is supposed to be encrypted on a cloud storage can be continually scanned for harmful/unlawful content by another service. If the EU or any government wanted to set up such kind of monitoring, they will require these services to adapt in a way that these kind of gimmicks with backups and encryption keys are not needed


The metadata hosted on Facebook's servers is worth more than the actual content.


People keep repeating this trope about metadata being worth more than content. Where does this come from?

I can understand that metadata is valuable -- of course it is. You can learn a lot from metadata. But more valuable than the actual content? Give me a break.

Something can be bad without being literally the worst thing ever. Pointless exaggeration like this does nothing for the cause of privacy.


I think it's important to consider scale when discussing metadata vs raw content

Getting high precision is difficult when done on "all content", especially considering the multitude of languages and dialects in Europe. At a certain point, more data does not result in better output, sometimes it's actually detrimental

The patterns that arise from metadata are much more generalisable and there's less of it, so it's easier to search through


Metadata interesting lets you hone in on what you want to inspect full content on. It's definitely an upgrade


The article is a bit older, but metadata analytics can be used to "unveil" the key conspirators that led to what we today know as the "American Revolution"[1] - please note how little data they use to find out who calls the shots, and whom you might want to disappear if you wanted to keep the colonies closely aligned with George III.

Widespread enough, this can be used to find dissidents today, suppressing ethically legitimate uprisings against injustice.

[1] https://blog.wolfram.com/2017/06/29/analyzing-social-network...


Metadata is highly structured, standardized, and easily understandable by machines. Content is not.


Because processing is easier for metadata but analysis of it can answer many questions.

Direct communication is only interesting for direct surveillance.


If I hand something in plaintext to another private party, I already assumed they are legally within their rights to read it. It's on me to encrypt if I don't want it read.


You think Europe will allow end-to-end for much longer?


Yes. Saying otherwise is hyperbolic. The European Commission uses and recommends Signal themselves.

https://joinup.ec.europa.eu/collection/open-source-observato...


Hypocrisy is not something our governments are immune from, and the words of commissioner Johansson are not encouraging:

> She wants tech companies to face mandatory detecting and reporting obligations

> “The problem is that many of these communications are now being end-to-end encrypted,” she said, whereby only the users exchanging messages have access to the content.

> While encryption is "really important," she said, "we don't want pedophiles to be able to do whatever they want, to not be seen, we have to protect [children] so this is not an easy challenge to tackle.”

https://www.politico.eu/article/encryption-could-hinder-chil...

As long as politicians pretend that you can have both I'll assume they are either disingenuous or ignorant and I won't be at ease.


That only means that the EU is confident it can break Signal's encryption if the need arises.

Which, of course, is actually an argument AGAINST using Signal.


In recent months they also promised to strengthen law and access to privacy and anonymity, make it a human right. Talk is cheap.


> ...has already announced a follow-up regulation to make chat control mandatory for all email and messaging providers. Previously secure end-to-end encrypted messenger services such as Whatsapp or Signal would be forced to install a backdoor.

It's easy to recommend "end-to-end" when you're about to force a backdoor into it.


>It's easy to recommend "end-to-end" when you're about to force a backdoor into it.

I'm not surprised that HN readers think politicians are all so dumb that they recommend their own staff use Signal and then recommend to break Signal. This kind of news pop up all the time and in almost all instances it turns out it isn't what is actually happening. Discussing it on HN -especially when it is the EU, Russia or China- is a complete waste of time as almost every single comment is low effort or trolling. We all know that the EU won't have backdoored Signal any more today than the next ten times this gets discussed on HN. It's all smoke and mirrors.


> We all know that the EU won't have backdoored Signal any more today than the next ten times this gets discussed on HN. It's all smoke and mirrors.

How can you say that it's not only the stated goal but they have been making real progress towards it?


Real progress would be something that can force Moxie Marlinspike, who lives in the US, to introduce a backdoor.

They can't easily shut the service down without risking a lot of unwanted public attention. When "why can't I message grandma" is answered with "here's the list of politicians that caused that because they want to spy on your messages", those politicians will have a bad time. I think Signal is popular enough in Europe to be protected by this.


Isn't the EU fighting against encryption as well?


I am proud to live in a country that is not doing this. Openly. Yet. At least now they have to build a parallel construction to prosecute you for whatever they find, which takes some effort. Yay team.


Sounds like the US when you mention parallel construction but since the laws are way way worse than this one in the states I'm guessing it is somewhere else?


Would any email provider protect me from this, get my emails actually delivered and ideally work with my own domain? Not that I see myself switching after 15 years and 6 Gmail accounts but if I am to I'd rather know who I'd use.

And no I won't risk setting it up myself and risk missing on some portion of my emails like I've had happen at workplaces before we'd sigh and switch to Google.

For Chat tg/signal seem like they would but I am less sure what the best option is for email.


The problem with email is that it’s federated; any email is as secure as the least secure mail server it’s being sent from or two. Even if you use something super duper secure in a polity that respects privacy, it does you no good if you send an email to Gmail who immediately hands it over to one or more government bodies.


There is an obvious solution, do not send emails to gmail addresses.


... or to domains that use gmail.

Possible to find out using dig but not as simple as avoiding gmail addresses.


Only if the domain uses google's MX as the public facing MX. If it delivers to an intermediate MX for filtering or archiving or ??? and then redelivers to google, it's not visible.

Of course, if you don't set the public MX to google, blackberry phones won't use the right SMTP for outgoing mail, and then mail will fail DMARC, because you can't actually configure the SMTP server anyway. Hope they fixed that in BB10, before they stopped selling phones.


> If it delivers to an intermediate MX for filtering or archiving or ??? and then redelivers to google, it's not visible.

That is a) a very odd and theoretical setup b) probably would cause Google's MX to reject most messages for SPF failures


You don’t even need MX trickery to make this an issue; how many people who moved over to Gmail setup forwarding rules from their old email address to Gmail? You’d never be able to tell from the outside that your messages are going to an unsafe location


This is not theoretical, if you've got say support@example.com that goes to your support queue, and employee@example.com that goes to your employee, and you want employee email on G Suite, your options are:

a) have your own MX that handles support mail and forwards employee mail to Google MX; G Suite provides a not exactly public domain you can forward to and you can whitelist your forwarder(s) IPs so Google uses the received headers for spam checking and SPF checks. If you don't setup the whitelist properly, a lot of mail will bounce or get flagged, yeah; but Google isn't dumb, they detect mail forwarding IPs with good behavior and will eventually semi-whitelist them without intervention.

b) The opposite way, where google is public MX and then delivers either specific addresses or unhandled wildcards to your MX to manage the support queue. (Or you might also forward it to a third party).

c) some people use third party email archival services (for example, ProofPoint) or virus scanning that shows as the public MX, and then forwards to some other MX for actual delivery


> a very odd and theoretical setup

Nope, I use https://mxguarddog.com/ for one of my domains. That acts as a spam filter, but also hides the ultimate MX host.


You can give out this advice, very few people will follow it. Given the choice between giving up some privacy and the convenient of sending an email to a friend or colleague using gmail, the vast majority of people will choose the latter. Meaningful improvements to privacy must come with negligable convenience tradeoffs if you want people to actually adopt them.


If you want your email reliably encrypted, encrypt it yourself. GPG works the same regardless of the provider.


Only if you assume that the only valuable thing in your communications is the content, which is simply not true. Metadata, who is speaking to whom and when, is incredibly valuable as a surveillance tool.


and I guess that using GPG will instantly flag you as suspect :-(


Please do it. The more "suspects" there are, the better for everyone.


Would Switzerland need to comply with this regulation? Thinking of e.g. ProtonMail for their EU customers.


i don't think they're a part of the EU. don't quote me on that though


> For Chat tg/signal seem like they would but I am less sure what the best option is for email.

Something that doesn't store the chats in a decryptable form on their servers is probably preferrable. So Telegram out and Signal, Threema or WhatsApp in.


Friendly reminder that WhatsApp is far out: it uploads all data unencrypted to at least one cloud if on of the participants have backups enabled.

So Signal, Matrix or possible Threema (I don't know it) is in.

Personally though, I use Telegram and I drive an ordinary car, not an armored one.


No matter which chat service you use, any recipient could potentially upload the unencrypted data to a cloud backup service. If you don't trust the intended recipients with the data then you shouldn't share it with them in the first place.


Have my upvote.

This is a great - and often forgotten I think - point.

I guess my point is that in WhatsApp it is so easy to stumble into doing it, and that it sends it directly to the cloud.

For clarification: I'm certainly annoyed at Google for a number of reasons, but I don't think their security record is worse than everyone else's. Quite the contrary.


Telegram supports E2E encrypted secret chats.

https://telegram.org/faq#q-how-are-secret-chats-different


Which noone uses. Even Facebook Messenger supports "secret chats". Telegram is not secure.


I don't know what kind of usage numbers their secret chats have, but if that's the case maybe that's a sign most people prefer the convenience of non E2E chats to the security of E2E? And if someone is just a tiny bit interested and motivated the secret chats are there if they want them.

In fact, I'd argue that it's better to use encrypted chats in a common chat client than having to explain why you use a specific encrypted client if you ever find yourself in a situation where that's necessary, like a border crossing or police interaction.


Except on desktop and on GNU/Linux phones.


A bit of self-promotion, why not: also Collaborative Groups in :-P


Can this be true?

I'm having a hard time understanding how they can stand for internet privacy and legal mass surveillance simultaneously.


A decade ago I watched a documentary about MEP explaining how it happens that crappy law is made in EU. MEPs are too busy to read and understand what they are voting for or against. Law they are discussing often has 100s of pages, a few of such per day. One of the "ACTA" branded regulation was 800+ pages and the document changed daily. MEP have armies of secretaries and interns who as supposed to filter the important content and feed it MEPs directly. In meantime MEPs have meeting with lobbying groups and have their regular duties. They usually vote for what their group is voting for, or, lobbyists.


I've seen a similar documentary a while ago, where it became apparent that some MEP's are so busy that lobbyist groups completely wrote their proposal documents and deposited them at their office to have them 'go with the flow' without any scrutiny whatsoever. Though officially all is legal, it strongly reeked of corruption, especially with some MEP's doing that very frequently.


As a reminder of what the EU has done previously: https://en.wikipedia.org/wiki/Data_Retention_Directive

>According to the Data Retention Directive, EU member states had to store citizens' telecommunications data for a minimum of six months and at most twenty-four months.

And they knew that this was illegal. They did it anyway. Same political body that now talks about protecting privacy.


> In September 2005, during the United Kingdom's presidency of the European Council, a plenary session was held concerning the retention of telecommunications data, chaired by the UK's Home Secretary.

Maybe the values of British society really are different from those of the rest of Europe... Anyway, there should be less of a push within the EU for introducing these illegal directives now.


You're not wrong about that. The UK has tried this again just for Britain, but the EHCR denied them.


It's the "it's OK when we do it" rationale


They are for privacy against everyone else, not against themselves.


Because politicians want to look tough on child abuse.


Really? Child abuse stats are dropping like a stone. It's getting so bad that truly ridiculous things are being treated as child abuse, like for example a not-quite-divorce. Not "a bad divorce". Not "parents fighting".

Not divorced. Separated (meaning living apart for whatever reason, without getting legally divorced). I'd say for what time period, but there is literally no time period given. When kids are asked any time period is taken.

Siblings ... insulting each other ... is now child abuse. Seriously.

Serious medical problems of any caretaker figure ... is child abuse. WITHOUT any further qualification.

And of course, government facilities, whether homeless, or at this point even any hospital, all constitute child abuse. This is apparently not a problem, only parents are problematic ...

https://acestoohigh.com/got-your-ace-score/

Meanwhile, of course, the reputation of services attempting to address child abuse is atrocious. Violence is a constant everywhere in youth services in pretty much all countries. Both violence by youth services personnel, violence among kids within youth services, violence outside of youth services itself, but directly related (e.g. the police forcibly moving foster kids, or the reverse, drug couriers or prostitution rings "recruiting" in youth services, often with help from officials and/or caretakers)

And we all know their reputations when it comes to raising succesful kids:

https://www.kansascity.com/news/special-reports/article23820....

Child abuse, itself, is dying. Less and less convictions, every year again. But there is ever more interference in the life of children by the government, with demonstrated atrocious results. And they want to be tough on child abuse? This will destroy far more kids' lives than it will save ...


As with terrorism, if the bad thing is happening more, the government says "We need more power to stop this!", and if the bad thing is happening less, the government says "Look at what we've achieved with these powers! Obviously they are working, so give us more!".


There's no contradiction if you take the privacy part as what it is: marketing BS. It's not something the EU would ever actually defend or protect on principle. Any appearance to the contrary is coincidental, like the GDPR.


From the article:

> According to police data, in the vast majority of cases, innocent citizens come under suspicion of having committed an offence due to unreliable processes

With this being said, what is the rationale for this?

Its worth noting however, that the current legislation "allow[s] providers of e-mail and messaging services to automatically search all personal messages of each citizen for presumed suspect content and report suspected cases to the police" but does not mandate it yet.


I find it interesting that "derogation" (my new word for the day) means both:

* the act of officially stating that a law or rule no longer needs to be obeyed,

and

* the act of talking about or treating someone in a way that shows you do not respect him, her, or it,

according to [0]. If the shoe fits, I guess?

---

[0]: https://dictionary.cambridge.org/us/dictionary/english/derog...


It is also:

> special permission not to obey a rule, law, etc.:


This is a joke, right? right??



Yes; or satire, or propaganda.


Update to correct myself - can't believe that it's not fiction..


This is what people mean when they say “turnkey surveillance states”: you end up 1-3 laws away from almost instant total government surveillance of all citizen activity. The trillion dollar infrastructure was built by you and me for free from their POV (we paid them to do it with taxes), and now they can just say they want to use it


Access to all peoples communications is simply incredibly lucrative. If it is out there, and it is, those with interest in it will attempt to get it.

If it's not done openly, will be done secretly(like in the USA as revealed by Wikileaks).

Normally I support the position of political progress("We" and the politicians are not different subset of people, EU is not bunch of Belgians) instead of technological solutions. However, this time I think we need a technological solution.

No matter who is in charge, the temptation is too big if the access is possible. They don't even have to have malicious intents, all kind of people's job will get much easier if they had access to the communications of others.


So what do we do?


Use GPG. Don't use smartphones, don't use any closed software (especially non-free OSes.)

Vote.


GPG doesn’t solve the problem of metadata surveillance. One of the major problems with technological solutions to privacy problems is that metadata surveillance is extremely useful to begin with, and it’s hard to make communication anonymous.


For what it's worth, implementations like Delta Chat support encrypted subject lines[0].

Also, it would be relatively simple for mail providers to act as two halves of a Cypherpunk remailer[1]. By that I mean that when alice@sender writes an email to bob@recipient, the sender server only sees "remailer@recipient" as the recipient and the recipient server only sees "remailer@sender" as the sender.

That approach just requires some onion-layering of the emails with encryption, and a reserved key-pair advertised per mail server.

[0] https://delta.chat/en/help#how-does-delta-chat-protect-my-me...

[1] https://en.wikipedia.org/wiki/Cypherpunk_anonymous_remailer


True but people with private communications don't usually need to hide their metadata. Who cares if they know you are communicating with your friends and family if they don't know you are complaining about the thin skinned government.

Anonymity is an issue, but it is far from the most important issue.


Unfortunately that's a non-starter for most people who value utility over privacy. Education is key, but there's little interest in that as well.


With so many places in the world with flawed democracy by first past the post, it seems like voting is more or less irrelevant.

The first thing that the digital revolution should have fixed was our variously flawed democratic systems. It might be the last thing.


Rather than fixing our democratic systems, the digital revolution may have just made them worse, by encouraging societies to entrust the counting of ballots to machines, and then unsurprisingly stop trusting those machines as soon as they give an answer that half the population don't like.

Even in societies that still rely on analogue vote counting, it is unclear whether instant access to digital information has made societies more informed or misinformed on average.


Between having to use GPG or just accept Orwellian dystopia, the choice is... not easy


99% of people don't care enough to do any of these things.


I’m not sure what to do personally, but there are civil and digital rights organizations that have some ideas. I bet they could all use donations


Pen and paper.


If you send a letter, the USPO automatically takes and stores a picture of the envelope, and will show it to law enforcement upon request - no warrant required. Pen & paper has is a meta-data leak.

https://en.wikipedia.org/wiki/Mail_Isolation_Control_and_Tra...


But you can mail letters without return addresses...


Found the hacker!


Well you can do what we did in the UK: the non apathetic portion of propagandised society collectively decided to exit the EU backed by some dubious political and financial motives, immediately followed by slow deregulation and privatisation of everything while embracing corruption and nepotism.

So you can live in a rising socialist surveillance dystopia or robocop style capitalist dystopia. It's political hysteresis and the only thing that reverses it is war.


What has been privatised recently? Train operating companies have been nationalised, but I'm not aware of any privatisation taking place. There is talk of Channel 4 but that is it as far as I can tell.


They haven’t finished the deregulation bit yet. They need to do that so they can hide the funding streams and private market involvement. Watch this space.


Once Great Britain was into surveillance even before EC formation and socialist since 1970s.

Ingsoc even have TV set tax and the suspicion on owning TV set is valid base for search warrant.


You do realise you can tell them to fuck off?


It will probably take another World War before people collectively remember why privacy even existed in the first place.


What would a world war have to do with reminding people of privacy?

World War 2 gave China and Soviet Russia a new sense of privacy?

WW2 made the US worse as a place in most regards, not better. That's what caused the US to build its military industrial complex, to install a massive standing global military, to primarily guard against the Europeans going on rampage again for the nth time (which was guaranteed to happen with the USSR very eager to conquer even more of Europe in the days post WW2).

From WW2 the US got a dramatically expanded (and more intrusive) Federal Government, surveillence state and war machine, encouraged by Hoover's aggressive domestic actions and all the newly minted three letter agencies (CIA 1947, NSA 1952, NRO 1960, ATF 1972, DEA 1973).

A third world war would make the governments even more paranoid, scared, and intrusive, not less.

You wouldn't want to see what the involved governments would do to their people as a war involving the US, Russia, China, and various countries in Europe and Asia broke out. The stakes would be as high as they could possibly be, given the nuclear arsenals in existence now. Privacy would rapidly sink toward zero, and that conflict would be an extraodinary argument in favor of zero privacy (according to the governments): for no mistakes can be tolerated, the dangers are too high, no privacy can be afforded (they would claim).


If we accept the (unconventional) view that the Cold War was WW3, then it could be argued that the countries which escaped Russian domination learned the value of privacy (even if their appreciation of it has waned over time).

You're right, though, that it's probably not worth getting our hopes up about what sort of societies would exist after WW4 (based on that numbering system).


> A third world war would make the governments even more paranoid, scared, and intrusive, not less.

Exactly, and the consequences to the average person would be so severe that they would begin valuing privacy again. A lot of people in WW2 quickly learned that not having information about their religious or political affiliation public was a matter of life or death.


It’s a bit early to give up already.


This would also include any non EU citizens communications with an EU citizen. Also you might be an EU citizen without realising (by descent)


Thai comment makes no sense whatsoever and i do wonder what absurd world you imagine. This law gives companies in the EU the legal grounds to do some scanning measures, it is neither an obligation to do so, nor when companies do so is anyone checking whether you, a person outside the EU, happen to have European ancestors. Logically of course that applies to residents, as would the laws in any other place.


I’m just trying to imagine this world, thanks. It’s absurd enough without me absurdifying it further.

Ok so what you are saying is any users whatsoever of EU based email providers can be subject to companies doing some scanning if they wish to. Since most multinationals will have European offices, it might apply to every provider and therefore pretty much everyone.


How this will play out is to be seen. But in many places this is already possible - see US and AU. Normally it applies to your local legal context, so if they are a multinational and have an EU branch they likely already have the servers separate to respect GDPR.


Maybe the Brexiteers were right all along.


Wait until you see what the UK government is planning to do with all its new found sovereignty:

https://www.openrightsgroup.org/blog/access-denied-service-b...


Well it may not be for the British, they're not going to get less mass surveillance due to Brexit. However for some countries that could choose to leave the EU due to totalitarian laws like this, it may be a benefit, if they choose to pursue a privacy-focused path.

Which are the most privacy-focused nations in the EU that might leave over a law like this?


This is such an uninformed comment. By virtue of the eu legal process this law only exists because Italy voted in favour of it, like all other EU countries. Anything else you hear is spin. Also this lae doesn't oblige anyone to anything, its a temporary law that comes in as another law ran out, and the aim is to have a more thorough piece of legislation on the books in 3 years. For the record, UK has much worse laws already on the books, as do the US or Australia.


Saying it's uninformed doesn't make it so, nice try at front-loading some argument from intimidation though.

> For the record, UK has much worse laws already on the books, as do the US or Australia.

First of all, who said that the US or UK didn't? That's misdirection. This story is about the EU. What I posited, is member states leaving the EU, those that are heavily concerned about privacy rights. What would that have to do with the US laws?

> Also this lae doesn't oblige anyone to anything, its a temporary law that comes in as another law ran out

A temporary mass surveillance bill. Yeah right. You were saying something about uninformed.


How is it misdirection? The comment said maybe the brexiteers were right, so why would leaving for the purpose of privacy benefit when UK's own laws go beyond the EU? The answer isn't brexit it's changing your own laws in that case.


Sorry but please read the politico article posted a dozen times in this discussion. It is less agenda driven and wuotd clearly spells out this is just a law to allow providers to do it, not an obligation. In fact that provision existed before but was running out, thus this temporary law.

As regards the brexit comment, you are right my writing was unnecessarily harsh but you missed the main point:

> By virtue of the eu legal process this law only exists because Italy voted in favour of it, like all other EU countries.

The history of much EU bashing is that national governments vote YES in Brussels then turn around and say nationally 'really sorry we are obliged to implement this EU law' -- the very law they could have vetoed if they had wanted to. This is one of the basics of EU lawmaking which the previous commenter clearly was ignorant of.


this is the only place where this can be found. Would love to know more from someone perhaps a little bit less involved.


I couldn't find anything else either: When I do a shallow google search for "EU mass surveillance", I find articles referring to a loophole in AI rules for mass surveillance and some articles stating that mass surveillance can only be for national security - and the most recent is in April.


I've just found another source corroborating this: https://www.euractiv.com/section/data-protection/news/new-eu...


I'm seeing a lot of responses from fellow folks in the US that seem to imply this EU (proposed?) regulation is unprecedented in the US.

Is that actually so?


No. This essentially allows providers (Facebook et al) to look at the messages their users are sending. They used to be allowed do this in the EU, and have always been allowed do it in the US.


Well it's nice the EU makes it so easy to choose to live anywhere world wide.

If it's going to implement a draconian surveillance state that will converge towards corrupted abuse by its officials and member states, then why not live in any number of totalitarian like countries elsewhere with cheap out of living and a nice beach instead? There is no functional difference anyways.


TIL. Not European, but this is madness.


Hopefully Switzerland won't become member of EU any time soon. I started to move my e-mail accounts to protonmail in 2018, and still not done as old friends/business partners like to use my old accounts. Human habits, a hard death.


Are there safe havens ? Switzerland for example ?


>Previously secure end-to-end encrypted messenger services such as Whatsapp or Signal would be forced to install a backdoor.

Isn’t Signal FOSS? I don’t know how they’d police that when everyone can just fork it and remove the back door. Also don’t VPNs circumvent this legislation as well? How will they police self-hosted email servers?

I know the response to these questions is usually “You’re right, this is what happens when the techno-illiterate write laws” but I genuinely can’t think of how I would go about doing this if I was the one who wanted a back door.


> Isn’t Signal FOSS? I don’t know how they’d police that when everyone can just fork it and remove the back door.

If the goal is large scale surveillance, it can be combatted fairly effectively as has been shown with e.g. kino.to and other streaming sites which have gone practivally extinct. The same would happen to websites hosting illegal apps.

If the goal is to go after real criminals this is of course useless. But EncroChat [1] has shown that at least large parts of the criminal world don't seem to have great operation security practices.

[1]: https://en.wikipedia.org/wiki/EncroChat


Whatever this law or proposal is, it sounds bad and I don't like it. The only one good thing would be if the ones who draft, pass and implement it are not exempt and equally subject to the invasive tentacles of the buerocrats.

I can kinda understand how and why crime happens, but I never understood the motives or way of thought of the people who want this kind of stuff implemented.uch less the ones who vote for it.


Yeah, it's pretty funny how we have the government literally wiretapping and spying on journalists, and that's okay, but when it comes home to roost, the representatives don't like it when it happens to them. Funny probably isn't the right word.

Obama: https://www.wired.com/2013/05/doj-got-reporter-phone-records...

Trump: https://www.vanityfair.com/news/2021/05/trump-doj-reporter-s...

Surveillance for thee but not for me: https://www.rt.com/usa/nsa-probably-congress-greenwald-arres...


The Koehntoppsche Idiotenfalle or news:de.alt.binaries.sex.children proposal to discuss usenet and web censorship is actually 25 years old.

http://web.archive.org/web/20040618062603/http://kris.koehnt... (German)


Being democratic does not ensure having a free society. It takes active democratic participation, by people who believe in the principles of a free society, for democracies to institute laws that establish free societies.


Maybe brexit has it right - Europe isn't a good place to be a member of.


For everything the EU does that's unpleasant, the UK government tends to have a more unpleasant version they are eager to deploy against their own people, and now they can due to Brexit.

Of course that's not how they portray it, but doublespeak has been strong around Brexit and still is.

It never made much sense to Brexit if you were in the UK and favoured personal, family or human rights. Including rights like privacy and a protected private life, and freedom to make open source software (EU is against software patents, UK is not).


UK already has crazy laws around this. Brexit enabled more invasive laws to be implemented.


As somebody who was somewhat in-favour of Brexit (not popular here, admittedly), my view is that it's easier to fight for privacy against just the UK government, rather than the entire EU bloc. I think if an entity as powerful as the EU puts this into legislation, it's game over.

I have a similar view on federal laws in the United States - they don't tend to repeal federal surveillance laws without violence.


But every member has a veto. You never needed to convince 28 countries, you only needed to convince your own government to vote against. Plenty of laws stuck in limbo because one country doesn't like it - but exactly zero laws on the books that sosme country really hates.


That’s systems leads to compromises and quod pro quos. That’s not as likely with just one nation state.

If Country A wanted strong privacy laws and Country B wanted strong surveillance laws, and both have a veto, then you’ll get paralysis or a compromise.

Right now it seems the EU has neither strong encryption as the norm nor a massive surveillance system. Just what one would expect when any nation can veto a law.

Now that the UK is independent, it no longer has the paralysis/compromise/status quo dilemma.


> Now that the UK is independent, it no longer has the paralysis/compromise/status quo dilemma.

...so they can now pass all the strong surveillance laws they want without being hindered by the EU?

My point: "paralysis" can be good if it prevents you from doing something bad. Perhaps forcing a "compromise" actually leads to (better) solutions that account for everyone's concerns?

Overall, it is not clear to me that the UK becoming independent from EU is going to necessarily lead to better laws. Are they going to be easier and faster to pass? Sure. Are they going to be better? Not so sure.


The UK constitutional system has been expanding its “checks and balances” quite a bit.

In the early 2000s the UK Supreme Court was granted a great deal of institutional autonomy. During the Brexit fiasco, it had no problem flexing its muscles.

The House of Lords had likewise been reformed and is much stronger and meritocratic (there’s still work to go on it).

Likewise subsidiary nations and municipalities have an increasingly large amount of independence. If Westminster passed surveillance laws unpopular in Scotland, they likely wouldn’t be implemented in Scotland.

The best example is probably Northern Ireland. There’s much greater support for surveillance powers in NI. But those expanded powers are combined with much greater accountability and oversight of security services.

Some parts of the British Home territory have too little surveillance. Both the City of London and Jersey have a reputation for laundering dirty money - something unthinkable in Northern Ireland.

Nothing about the UKs future is clear.

But I don’t think they need the EU to prevent them from passing overly broad or weak surveillance laws.


> But every member has a veto.

No, most EU legislation is decided on by ordinary legislative procedure, using qualified majority voting rules in council of EU ( https://en.wikipedia.org/wiki/Voting_in_the_Council_of_the_E... ).


How does a group of citizens get a motion tabled to repeal mass surveillance laws in the EU? Just by sheer scale, it's harder to get the attention of the EU than it is the UK government.


You are aware that every EU country votes on this, right? Every single piece of EU legislation you might have disliked was voted on by the UK government while it was a member. The Tory spin might have given you a different impression but its incredibly rare that an EU law doesn't have the assent of all countries.


You do have to wonder about the long term stability of a nominal democracy where 72% of citizens oppose digital monitoring, while 77% of their representatives vote for laws they emphatically do not want.

Put more bluntly, is this even a democracy in anything other than the trappings?


A discussion I've never really seen take place is, "Why does law enforcement have a (prominent) seat at the table for which laws should be passed?"

We in the US continually hear from the FBI and other agencies how they need to abridge rights in order to be more effective. IMO, that really shouldn't be in their wheelhouse. They should be enforcing only laws that exist. Making new laws for their convenience should be none of their business. If they are hamstrung by some pesky civil rights, tough.

I'm sure there may exist counterexamples, but I can't think of where an agency has advocated in favor of more personal protections.


Good point.

Of course every kind of worker has his wishes to change law/rules for work. But the agencies are really good in pushing for new laws (and more work .. perpetum mobile).


This is the misunderstood part of democracies as we have them now. The only democratic parts are the process of electing your representatives, and the decisions taken between the representatives. Of course that's still a (small) win, and there's the reasonable assumption that a representative will at least partially represent the interests of their voters. But in reality there's a massive disconnect between the principles of democracy and the implementation.

We now get probably the narrowest interpretation that could still be considered a democratic process. The people have the power for the fraction of a second it takes to cast a vote, followed by years of absolutely no real power of any kind, beyond the vague "consultation", and no real obligation from their representatives to represent the people.


When you have bills with 70% and higher disapproval getting 70% of the MPs voting for it, then “narrowest interpretation” seems like a cruel joke.

To be blunter still; systems of government can collapse and be replaced in function but not in form. The early emperors of Rome ruled surrounded by the trappings of republicanism, even though we now know that they were autocrats who had killed the republic whose skin they wore. I wonder if later generations will consider us to be oligarchies and not representative democracies, considering how little the will of the voters seems to matter to those who nominally rule on our behalf.


Maybe just maybe some day we will be empowered again when digitalisation leads us to a Liquid Democracy.

Ah, who am I kidding, no one in power wants to give the plebs more power.


How is it not a democracy? It is representative, sure, but it is still more democratic than many other nominal democracies which do not even have proportional representation.

Perhaps people just do not consider this an important issue, and do not factor it in to how they choose their representatives very much?

What do you suggest as the alternative? Direct democracy? Anarchy?

https://theanarchistlibrary.org/library/ziq-do-anarchists-su...


Funny, just posted this to a parent comment thread on a whim.

Representative democracy is really not that good, when you can't recast your vote; and you're forced to pick X/Y for Z years. Your options are vote a representative, don't vote a representative, become a representative yourself.

I personally am a firm believer that due to the proliferation of technology, Liquid Democracy can become feasible for our generation. But I doubt those in power would let the democratic process evolve in that direction.


Well, they have a better voting track record than the US vis-à-vis citizens vs politicians, so I guess the answer world be No if the US is authoritarian but Yes if it is democratic.


Its more complex than this. You cant put complex questions to simple referendum as a yes/no question (see brexit). Law making requires compromise and seeing the whole picture and its very easy to get people to say yes (or no) just depending on how you frame the question.

Great example is maternity leave: amazing thing, exists across Europe for a length of 4 to 36 months. In some countries moms can take nearly three years off, and still get paid. Great in principle but after three years (or more with more kids) those moms basically have no chance to get a job in their field as their knowledge is outdated and they often end in precarious low wage low skill jobs. I'm 200% in favour of maternity leave, but if you set the incentives wrong you don't help families more - you just kick women out of the workforce. So how do you put a referendum on this? You need trial, expertise, analysis - not a simple 'do you want 12 or 36 months of paid maternity leave' as most voters don't understand the long term consequences.


People's knowledge in a field doesn't get outdated in just 3 years. Even in Javascript world.

Any lawyer, social worker, data scientist, product owner, pharmacist, bank manager, midwive, content writer, day care worker or nurse will be perfectly capable of picking up from where they left off after 3 years.


You might not like that conclusion but the data is clear

https://hbr.org/2018/09/do-longer-maternity-leaves-hurt-wome...

My point was this is complex, policy has side effects and referenda will not necessarily be able to answer such questions. The world is too complex to be answered by occasional yes/no questions


I don't think the data is clear though. The article specifically says:

1. "Some of our experimental data comes from studies involving university students, who tend to have limited work experience; future research will attempt to study these situations in a wider variety of organizations."

2. "In addition, some of our effects appear small."

Basically they discount themselves.

Also it's about perception of their EMPLOYERS. Nothing in the study suggests women are less capable or less hireable after two years. It literally says many times in different ways that a long maternity leave could possibly lead to some employers having a negative opinion of a female employee's commitment to their job.

But the problem here is with the employer; why should women be penalized because of this, thus being forced to have shorter maternity leaves?

Being based (at least partially) on university students, these people might not have the same range of commitment say a 30 or 40 year old with a house and established professional network might have. They may genuinely seem uncommitted to their jobs by the nature of their inexperience in the work force (trying out different things, different types of jobs) and place in life. So maybe that really biases the study.

Also it's just ONE study. So one study based on university students, with "small effects", doesn't really prove anything, even if it is published in the Harvard Business Review.

But if I may repeat myself:

If a woman is penalized for taking a long maternity leave because her employer has become prejudiced or biased against her, the problem lies with the employer or some systematic issue in the workforce, and the solution should be addressed there. If it's legal, it should be perfectly fine for her to take the full length of her leave.


- this is not new, it only is an urgent law to enable continuation of current practices as a previous law ran out

- this is temporary legislation limited to 3 years

- hopefully we get some real dialogue on the final legislation


Does anyone have a link to details about who voted how?


It's actually linked in the article, on page 5 of https://www.europarl.europa.eu/doceo/document/PV-9-2021-07-0...

The actual text that has been adopted is at https://www.europarl.europa.eu/RegData/docs_autres_instituti... AFAICT


I'm looking as well, so far have only found https://www.europarl.europa.eu/sed/doc/votingList/(A9-0258_2... which doesn't say much.


Can somebody tell me if personally hosted email is subject to this bizarre law?


Does it mean I can take out my enemies by sending them child porn?


This reads like a hoax. Do we have other sources on it?


It does read extremely one-sided, as you’d expect from the pp.


Well bye bye European tech industry. Why the hell would anyone want to do business with such a risk in place?


Wait, this is something that American and Chinese companies do on a regular basis, but when European companies do it it would mean the end of the industry? I'm certainly not in favour of this, but I don't follow your logic.


The point is really that European technology industry needs some differentiating characteristic to succeed. It is quite far behind both the American and Chinese side of things. The EU has promoted privacy and human rights first which was a very good differentiator but has instantly shot that entire concept down.

So the question on the table now is if there is no differentiating factor, do we go with the established US company or the new EU company when a product has to be selected?

It's not going to be the EU company.


The situation even after this, is worse in the US, correct?


The US is not (so far as we know) commanding Signal to install a backdoor.


Nor is the EU as far as we know


It's not like the EU so far has been home to a significant tech industry anyway.

With GDPR, a notoriously convoluted set of rules and regulations that fails to achieve what it set out to, yet at the same time pesters SMEs while allowing large corporations with legal departments to continue to do as they please in terms of privacy, the EU has made sure it stays that way.

Laws like this one are just the icing on the cake that is the fundamental misunderstanding by most MEPs of how technology and the technology business works, not to mention the very real downsides such laws have regarding privacy.


Whats convoluted about GDPR?



I'm not in the EU, but I'd exit any jurisdiction that implements this.


The EU already has unprecedented control over commerce. Notice how they chopped up the UK during Brexit.

EU adopting this measure means the enforcement will likely be corrupt and impossible to enforce standards.


> The EU already has unprecedented control over commerce.

Unprecedented compared to who? Every sovereign state has more control than the EU does: US, China, etc.

> Notice how they chopped up the UK during Brexit.

How did the EU chop up the UK?


I believe GP is referring to the EU 'forcing' the UK to put a border between Britain and Northern Ireland, because the EU wanted a hard border somewhere and wouldn't budge on that.


Well, the UK wanted Northern Irelend to benefit from a have-your-cake-and-eat-it semi-membership of the EU, while actively denying that to the rest of their own people elsewhere in the UK.

The EU have offered many opportunities for the UK to harmonise with the EU on many issues, while continuing with Brexit. For the most part, UK rejected repeated offers that would grant UK people and businesses more rights.

For example, the rights of British people to freely travel in EU countries could have been kept, but the UK said we don't want our people to have that, as the price of mirroring it by allowing EU citizens the ability to travel in the UK is too high.

EU offered to let students from the UK travel through EU under the Erasmus scheme. UK said no.

EU offered a customs union, where standards were more harmonised and the would need to be far fewer checks at borders. That would have been far cheaper for every business in the UK that sells into the EU. UK rejected that. UK actively wants to diverge from EU standards (e.g. for things like food). It shouldn't be surprising that EU will protect businesses that conform to those standards over those seeking to undermine them.

Businesses in Northern Ireland currently have advantageous access to the EU in ways no other part of the UK does. I don't mean the physical access to Ireland, I mean administrative access to the EU markets. You can see it in tax and import/export forms. There are currently reasons to set up businesses in Northern Irelend to get that foot-in-both-worlds advantage.

A lot of businesses in the UK mainland would love to have the same rights as businesses in Northern Ireland. Especially those in Scotland who didn't vote to leave anyway, and see it as an England-imposed harm on them.

What would you expect should happen, that UK should be allowed to use Nothern Ireland as backdoor to send unchecked goods to the EU, imported from say the USA and Australia and re-exported into the whole EU market with no border checks anywhere?


> What would you expect should happen, that UK should be allowed to use Nothern Ireland as backdoor to send unchecked goods to the EU, imported from say the USA and Australia and re-exported into the whole EU market with no border checks anywhere?

Of course not. That's exactly GGP's point I was trying to prove.

> The EU already has unprecedented control over commerce.

And I agree with it.


But the issue was not EU control, rather the Ireland situation. The situation due solely to brexit required checks somewhere. Do you want new riots and civil war due to checks within Ireland? Should Ireland accept to effectively leave the common market and all its benefits just so there's no check between UK and Northern Ireland? Or this option.

The UK killed all other scenarios by insisting that it wants to freely deviate from everything - if it had gone the Norway route or just stayed in the Union no such checks would be needed.

Brexit was a slim non-binding referendum run ammock for party-internal politics of the Tories. Absurd from start to finish and now you want to blame the EU for the consequences?


> Brexit was a slim non-binding referendum run ammock for party-internal politics of the Tories. Absurd from start to finish and now you want to blame the EU for the consequences?

I'm not saying that I agree with how things have turned out, nor am I blaming the EU, rather, just pointing out that they do have much control over global commerce.

And this is anecdotal evidence of that.

The EU could've had an internal border within it's own market, but that wasn't an option because they didn't want Ireland to be cut off. Both the EU and UK had the same desire, but the EU had the upper hand due to their economic size and control.


> The EU could've had an internal border within it's own market, but that wasn't an option because they didn't want Ireland to be cut off.

That's not an EU decision as you're suggesting there.

Ireland isn't some vassal state. It's an equal partner.

Ireland itself doesn't want to cut Ireland off from the EU.

It's not for the EU to decide something like that. It's an Ireland decision, and in fact the power to do so resides with Ireland.

If Ireland had wanted to align with the UK and separate from the EU, they could have, and they still have the power to do so. Of course they don't want to, why would they. They've benefited enormously from EU membership, and one of those benefits now is that the EU often protects the interests of Ireland - as determined by Ireland - in negotiations with the UK.

It is important to remember that the EU is not actually a top down system, even though it can seem that way. Any member country is free to leave simply by giving notice, and cease to partake of the benefits of membership. The EU's laws are clear on this.


> The EU could've had an internal border within it's own market, but that wasn't an option because they didn't want Ireland to be cut off.

Eh? No, it couldn’t; Ireland would obviously veto that. Outside of the fevered imagination of Boris Johnson, that was never an actual option.

I think there was a Brexiter theory that Ireland would do this voluntarily, and become a sort of UK dependency, but this was never at all realistic.

I wouldn’t discount the possibility that some major brexit figures actually believed this would happen and were surprised that it didn’t, because they’re, well, not winning any prizes for competence (you may remember David Davis believing that the UK could make a trade deal with Germany, say…) But no-one serious ever bought this concept.


You have it the other way around. Brexit was FOR a hard border. One that would keep the EU out.

But the central British government, which does not seem to care much about their Northern Irish citizens, either forgot or just didn't care at all, about the fact that Northern Ireland is in limbo, stuck between Ireland and the UK. So any kind of EU - UK split would have reopened old wounds.

Wounds which actually the EU helped heal, back in 1998.


That’s really more a situation that the UK put itself in. The EU didn’t force it to ratify the Good Friday Agreement.

Given that the UK is a party to the Good Friday Agreement, AND it wants to leave the EU and no longer comply with EU law, the current situation, or something very similar, is inevitable. You can’t have your cake and eat it.


The EU is not a sovereign state.

The EU chopped up UK business marketshare, business leadership, professional lives for little more than a gram of power.

I feel like it is necessary to point out the similarities between the CCP and European Parliament.

>72% of citizens oppose digital monitoring, while 77% of their representatives vote for laws they emphatically do not want


> The EU is not a sovereign state.

It represents sovereign states.

> The EU chopped up UK business marketshare, business leadership, professional lives for little more than a gram of power.

How, exactly?

> I feel like it is necessary to point out the similarities between the CCP and European Parliament.

Please expand on this.


>It represents sovereign states.

not in every case.

>How, exactly?

There are a variety of good articles out there should you choose to examine the subject. I'll concede the point because I dont have time.

>Please expand on this.

This is seemingly a very unpopular law.

The EP's support from citizens in the eurozone is dubious at best


The EU is intragovernmental, not intergovernmental. It is less than a sovereign state and more than just a representative Union.


Brexit is now the EU's fault, right.


The EU's behavior during Brexit is at the very least suspect.


Yes I agree. However neither side left with their dignity intact if you ask me. It was depressing to watch and the media circus around it was a train wreck.


The media circus was definitely not unbiased. It is kind of odd how citizens in the EU regard it as a 'victory'


That the European Parliament didn't spontaneously disappear in a massive vortex of cognitive dissonance can only mean that most MEPs either don't understand GDPR or this new law, maybe neither.


RIP internet


Full name list

ECR: Bourgeois, Jurzyca, Kanko, Melbārde, Terheş, Van Overtveldt, Zīle

NI: Beghin, Buschmann, Castaldo, Comín i Oliveres, Ferrara, Furore, Gemma, Giarrusso, Gyöngyösi, Pignedoli, Ponsatí Obiols, Puigdemont i Casamajó, Regimenti, Rondinelli, Rookmaker, Sinčić, Sonneborn, Vuolo

PPE: Adamowicz, Ademov, Adinolfi Isabella, Alexandrov Yordanov, Amaro, Arias Echeverría, Arimont, Arłukowicz, Asimakopoulou, Băsescu, Bellamy, Benjumea Benjumea, Bentele, Berendsen, Berger, Berlusconi, Bernhuber, Bilčík, Blaga, Bogdan, Bogovič, Buda, Buşoi, Caroppo, Carvalho, Casa, Caspary, del Castillo Vera, Christoforou, Clune, Colin-Oesterlé, van Dalen, Danjean, De Meo, Didier, Doleschal, Dorfmann, Duda, Düpont, Ehler, Estaràs Ferragut, Evren, Falcă, Ferber, Fernandes, Fitzgerald, Fourlas, Frankowski, Gahler, García-Margallo y Marfil, Geuking, Gieseke, Glavak, González Pons, Halicki, Hansen, Hava, Herbst, Hetman, Hohlmeier, Hölvényi, Hortefeux, Hübner, Jahr, Jarubas, Juknevičienė, Kalinowski, Kalniete, Kanev, Karas, Kefalogiannis, Kelly, Kopacz, Kovatchev, Kubilius, Kympouropoulos, Kyrtsos, de Lange, Lega, Lenaers, Lewandowski, Lexmann, Liese, Lins, López Gil, López-Istúriz White, Łukacijewska, Lutgen, McAllister, Maldeikienė, Manders, Mandl, Marinescu, Markey, Martusciello, Mato, Maydell, Mažylis, Meimarakis, Melo, Metsola, Millán Mon, Monteiro de Aguiar, Montserrat, Morano, Mortler, Motreanu, Mureşan, Niebler, Niedermayer, Nistor, Novak, Novakov, Ochojska, Olbrycht, Patriciello, Pereira Lídia, Pieper, Pietikäinen, Polčák, Polfjärd, Pollák, Pospíšil, Radev, Radtke, Rangel, Ressler, Sagartz, Salini, Sander, Sarvamaa, Schmiedtbauer, Schneider, Schreijer-Pierik, Schulze, Schwab, Seekatz, Sikorski, Simon, Skyttedal, Šojdrová, Sokol, Spyraki, Štefanec, Tajani, Terras, Thaler, Thun und Hohenstein, Tobé, Tomac, Tomc, Vaidere, Vandenkendelaere, Verheyen, Vincze, Virkkunen, Voss, Vozemberg-Vrionidi, Walsh, Walsmann, Warborn, Weber, Weiss, Wieland, Wiezik, Winkler, Winzig, Wiseler-Lima, Zagorakis, Zarzalejos, Zdechovský, Zoido Álvarez, Zovko, Zver

Renew: Alieva-Veli, Al-Sahlani, Andrews, Ansip, Auštrevičius, Azmani, Bauzá Díaz, Beer, Bijoux, Bilbao Barandica, Botoş, Boyer, Brunet, Cañas, Canfin, Chabaud, Charanzová, Chastel, Christensen, Cicurel, Cioloş, Cseh, Danti, Decerle, Dlabajová, Donáth, Durand, Ďuriš Nicholsonová, Eroglu, Farreng, Flego, Gade, Gamon, Garicano, Gheorghe, Glück, Goerens, Gozi, Groothuis, Grošelj, Grudler, Guetta, Hahn Svenja, Hayer, Hlaváček, Hojsík, Huitema, Ijabs, in 't Veld, Joveva, Karleskind, Karlsbro, Katainen, Kelleher, Keller Fabienne, Knotek, Körner, Kovařík, Kyuchyuk, Loiseau, Løkkegaard, Melchior, Mihaylova, Mituța, Müller, Nagtegaal, Nart, Oetjen, Paet, Pagazaurtundúa, Pekkarinen, Petersen, Pîslaru, Rafaela, Ries, Riquet, Rodríguez Ramos, Schreinemacher, Séjourné, Semedo, Šimečka, Solís Pérez, Ştefănuță, Strugariu, Søgaard-Lidell, Tolleret, Toom, Torvalds, Trillet-Lenoir, Tudorache, Vautmans, Vedrenne, Verhofstadt, Vázquez Lázara, Wiesner, Yon-Courtin, Zacharopoulou, Zullo

S&D: Agius Saliba, Aguilera, Ameriks, Andrieu, Androulakis, Angel, Ara-Kovács, Arena, Avram, Balt, Barley, Bartolo, Belka, Benea, Benifei, Beňová, Bergkvist, Biedroń, Bischoff, Blinkevičiūtė, Bonafè, Borzan, Brglez, Bullmann, Burkhardt, Calenda, Carvalhais, Cerdas, Chahim, Chinnici, Cimoszewicz, Ciuhodaru, Číž, Cozzolino, Crețu, Cutajar, Danielsson, De Castro, Dobrev, Durá Ferrandis, Engerer, Ertug, Fajon, Fernández, Ferrandino, Fritzon, Fuglsang, Gálvez Muñoz, García Del Blanco, García Muñoz, García Pérez, Gardiazabal Rubial, Gebhardt, Geier, Glucksmann, González, González Casares, Grapini, Gualmini, Guillaume, Guteland, Hajšel, Heide, Heinäluoma, Homs Ginel, Hristov, Incir, Jerković, Jongerius, Kaili, Kaljurand, Kammerevert, Kohut, Köster, Krehl, Kumpula-Natri, Lalucq, Lange, Larrouturou, Leitão-Marques, López, López Aguilar, Luena, Maestre Martín De Almagro, Majorino, Maldonado López, Marques Margarida, Marques Pedro, Matić, Mavrides, Maxová, Mebarek, Mikser, Miller, Molnár, Moreno Sánchez, Moretti, Negrescu, Neuser, Nica, Noichl, Olekas, Papadakis Demetris, Penkova, Picierno, Picula, Pisapia, Pizarro, Plumb, Regner, Reuten, Roberti, Rodríguez-Piñero, Rónai, Ros Sempere, Ruiz Devesa, Sánchez Amor, Sant, Santos, Schaldemose, Schieder, Schuster, Sidl, Silva Pereira, Sippel, Smeriglio, Stanishev, Tang, Tarabella, Tax, Tinagli, Toia, Tudose, Ujhelyi, Ušakovs, Van Brempt, Vind, Vitanov, Vollath, Wölken, Wolters, Yoncheva, Zorrinho

The Left: Arvanitis, Aubry, Barrena Arza, Björk, Bompard, Botenga, Chaibi, Daly, Demirel, Ernst, Flanagan, Georgoulis, Gusmão, Hazekamp, Kokkalis, Konečná, Kouloglou, Kountoura, MacManus, Matias, Maurel, Michels, Modig, Omarjee, Papadimoulis, Pelletier, Pineda, Rego, Rodríguez Palop, Schirdewan, Scholz, Urbán Crespo, Villanueva Ruiz, Villumsen, Wallace

Verts/ALE: Alametsä, Alfonsi, Andresen, Auken, Biteau, Bloss, Boeselager, Breyer, Bricmont, Carême, Cavazzini, Cormand, Corrao, Cuffe, Dalunde, D'Amato, Delbos-Corfield, Delli, Deparnay-Grunenberg, Eickhout, Evi, Franz, Freund, Geese, Giegold, Gregorová, Gruffat, Guerreiro, Hahn Henrike, Häusling, Hautala, Herzberger-Fofana, Holmgren, Jadot, Keller Ska, Kolaja, Kuhnke, Lagodinsky, Lamberts, Langensiepen, Marquardt, Matthieu, Metz, Neumann, Nienaß, Niinistö, O'Sullivan, Paulus, Pedicini, Peksa, Peter-Hansen, Reintke, Riba i Giner, Ripa, Rivasi, Roose, Ropė, Satouri, Semsrott, Solé, Spurek, Strik, Toussaint, Urtasun, Vana, Van Sparrentak, Von Cramon-Taubadel, Waitz, Wiener, Yenbou, Ždanoka


Are you sure these are the right names? These are the people who voted against it or abstained, right?

Document: https://www.europarl.europa.eu/doceo/document/PV-9-2021-07-0... (page 5)


Thanks. I will be definitely contacting MEP I voted for, why he voted for this bullshit. Especially when he is from party which is supposedly all about personal freedoms.


Is this the correct list? The document at https://www.europarl.europa.eu/doceo/document/PV-9-2021-07-0... seems to list votes for multiple proposals. AFAICT, the voting list for this proposal starts on page 5:

Use of technologies for the processing of data for the purpose of combating online child sexual abuse (temporary derogation from Directive 2002/58/EC)

In favour:

ECR: Aguilar, Berg, Berlato, Bielan, Bourgeois, Brudziński, Buxadé Villalba, Czarnecki, de la Pisa Carrión, Dzhambazki, Fidanza, Fiocchi, Fitto, Fotyga, Fragkos, Ilčić, Jaki, Jurgiel, Jurzyca, Kanko, Karski, Kempa, Kloc, Kopcińska, Krasnodębski, Kruk, Kuźmiuk, Legutko, Lundgren, Mazurek, Melbārde, Milazzo, Możdżanowska, Poręba, Procaccini, Rafalska, Ruissen, Rzońca, Saryusz-Wolski, Slabakov, Sofo, Stancanelli, Stegrud, Szydło, Tarczyński, Tertsch, Tobiszowski, Tomaševski, Tošenovský, Van Overtveldt, Vondra, Vrecionová, Waszczykowski, Weimers, Wiśniewska, Zahradil, Zalewska, Zīle, Złotowski

ID: Adinolfi Matteo, Androuët, Annemans, Baldassarre, Bardella, Basso, Bay, Beigneux, Bilde, Bizzotto, Bonfrisco, Borchia, Bruna, Campomenosi, Casanova, Ceccardi, Ciocca, Collard, Conte, Da Re, David, De Man, Dreosto, Gancia, Garraud, Grant, Griset, Hakkarainen, Huhtasaari, Jamet, Joron, Juvin, Kofod, Lacapelle, Lancini, Laporte, Lebreton, Lechanteux, Lizzi, Madison, Mariani, Mélin, Olivier, Panza, Pirbakas, Rinaldi, Rivière, Rougé, Sardone, Tardino, Tovaglieri, Vandendriessche, Zambelli, Zanni

NI: Beghin, Bocskor, Castaldo, Deli, Deutsch, Ferrara, Furore, Gál, Gemma, Giarrusso, Gyöngyösi, Győri, Gyürk, Hidvéghi, Járóka, Kolakušić, Kósa, Lagos, Pignedoli, Regimenti, Rondinelli, Schaller-Baross, Tóth, Trócsányi, Uspaskich, Vuolo

PPE: Adamowicz, Ademov, Adinolfi Isabella, Alexandrov Yordanov, Amaro, Arias Echeverría, Arimont, Arłukowicz, Asimakopoulou, Băsescu, Bellamy, Benjumea Benjumea, Bentele, Berendsen, Berger, Berlusconi, Bernhuber, Bilčík, Blaga, Bogdan, Bogovič, Buda, Buşoi, Caroppo, Carvalho, Casa, Caspary, del Castillo Vera, Christoforou, Clune, Colin-Oesterlé, van Dalen, Danjean, De Meo, Didier, Doleschal, Dorfmann, Duda, Düpont, Ehler, Estaràs Ferragut, Evren, Falcă, Ferber, Fernandes, Fitzgerald, Fourlas, Frankowski, Gahler, García-Margallo y Marfil, Geuking, Gieseke, Glavak, González Pons, Halicki, Hansen, Hava, Herbst, Hetman, Hohlmeier, Hölvényi, Hortefeux, Hübner, Jahr, Jarubas, Juknevičienė, Kalinowski, Kalniete, Kanev, Karas, Kefalogiannis, Kelly, Kopacz, Kovatchev, Kubilius, Kympouropoulos, Kyrtsos, de Lange, Lega, Lenaers, Lewandowski, Lexmann, Liese, Lins, López Gil, López-Istúriz White, Łukacijewska, Lutgen, McAllister, Maldeikienė, Manders, Mandl, Marinescu, Markey, Martusciello, Mato, Maydell, Mažylis, Meimarakis, Melo, Metsola, Millán Mon, Monteiro de Aguiar, Montserrat, Morano, Mortler, Motreanu, Mureşan, Niebler, Niedermayer, Nistor, Novak, Novakov, Ochojska, Olbrycht, Patriciello, Pereira Lídia, Pieper, Pietikäinen, Polčák, Polfjärd, Pollák, Pospíšil, Radev, Radtke, Rangel, Ressler, Sagartz, Salini, Sander, Sarvamaa, Schmiedtbauer, Schneider, Schreijer-Pierik, Schulze, Schwab, Seekatz, Sikorski, Simon, Skyttedal, Šojdrová, Sokol, Spyraki, Štefanec, Tajani, Terras, Thaler, Thun und Hohenstein, Tobé, Tomac, Tomc, Vaidere, Vandenkendelaere, Verheyen, Vincze, Virkkunen, Voss, Vozemberg-Vrionidi, Walsh, Walsmann, Warborn, Weber, Weiss, Wieland, Wiezik, Winkler, Winzig, Wiseler-Lima, Zagorakis, Zarzalejos, Zdechovský, Zoido Álvarez, Zovko, Zver

Renew: Alieva-Veli, Al-Sahlani, Andrews, Ansip, Auštrevičius, Azmani, Bauzá Díaz, Bijoux, Bilbao Barandica, Botoş, Boyer, Brunet, Cañas, Canfin, Chabaud, Charanzová, Chastel, Christensen, Cicurel, Cioloş, Cseh, Danti, Decerle, Dlabajová, Donáth, Durand, Ďuriš Nicholsonová, Farreng, Flego, Gade, Garicano, Gheorghe, Goerens, Gozi, Groothuis, Grošelj, Grudler, Guetta, Hayer, Hlaváček, Hojsík, Huitema, Ijabs, in 't Veld, Karleskind, Karlsbro, Katainen, Kelleher, Keller Fabienne, Knotek, Kovařík, Kyuchyuk, Loiseau, Løkkegaard, Mihaylova, Mituța, Müller, Nagtegaal, Nart, Paet, Pagazaurtundúa, Pekkarinen, Petersen, Pîslaru, Rafaela, Ries, Riquet, Rodríguez Ramos, Schreinemacher, Séjourné, Semedo, Šimečka, Solís Pérez, Ştefănuță, Strugariu, Søgaard-Lidell, Tolleret, Toom, Torvalds, Trillet-Lenoir, Tudorache, Vautmans, Vedrenne, Verhofstadt, Vázquez Lázara, Wiesner, Yon-Courtin, Zacharopoulou, Zullo

S&D: Agius Saliba, Aguilera, Ameriks, Andrieu, Androulakis, Angel, Ara-Kovács, Arena, Avram, Balt, Bartolo, Belka, Benea, Benifei, Beňová, Bergkvist, Biedroń, Blinkevičiūtė, Bonafè, Borzan, Brglez, Bullmann, Calenda, Carvalhais, Cerdas, Chinnici, Cimoszewicz, Ciuhodaru, Číž, Cozzolino, Crețu, Cutajar, Danielsson, De Castro, Dobrev, Durá Ferrandis, Engerer, Ertug, Fajon, Fernández, Fritzon, Fuglsang, Gálvez Muñoz, García Del Blanco, García Muñoz, García Pérez, Gardiazabal Rubial, Gebhardt, Geier, Glucksmann, González, González Casares, Grapini, Gualmini, Guillaume, Guteland, Hajšel, Heide, Heinäluoma, Homs Ginel, Hristov, Incir, Jerković, Kaili, Kaljurand, Kohut, Köster, Krehl, Kumpula-Natri, Lalucq, Lange, Larrouturou, Leitão-Marques, López, López Aguilar, Luena, Maestre Martín De Almagro, Majorino, Maldonado López, Marques Margarida, Marques Pedro, Matić, Mavrides, Maxová, Mebarek, Mikser, Miller, Molnár, Moreno Sánchez, Moretti, Negrescu, Neuser, Nica, Olekas, Papadakis Demetris, Penkova, Picierno, Picula, Pisapia, Pizarro, Plumb, Regner, Roberti, Rodríguez-Piñero, Rónai, Ros Sempere, Ruiz Devesa, Sánchez Amor, Sant, Santos, Schaldemose, Schieder, Schuster, Sidl, Silva Pereira, Sippel, Smeriglio, Stanishev, Tarabella, Tinagli, Toia, Tudose, Ujhelyi, Ušakovs, Van Brempt, Vind, Vitanov, Vollath, Yoncheva, Zorrinho

The Left: Maurel

Verts/ALE: Dalunde, Holmgren, Kuhnke, Ropė


Correction, the july 5 debate vote

ECR: Aguilar, Berg, Berlato, Bielan, Bourgeois, Brudziński, Buxadé Villalba, Czarnecki, de la Pisa Carrión, Dzhambazki, Fidanza, Fiocchi, Fitto, Fotyga, Fragkos, Ilčić, Jaki, Jurgiel, Jurzyca, Kanko, Karski, Kempa, Kloc, Kopcińska, Krasnodębski, Kruk, Kuźmiuk, Legutko, Lundgren, Mazurek, Melbārde, Milazzo, Możdżanowska, Poręba, Procaccini, Rafalska, Ruissen, Rzońca, Saryusz-Wolski, Slabakov, Sofo, Stancanelli, Stegrud, Szydło, Tarczyński, Tertsch, Tobiszowski, Tomaševski, Tošenovský, Van Overtveldt, Vondra, Vrecionová, Waszczykowski, Weimers, Wiśniewska, Zahradil, Zalewska, Zīle, Złotowski

ID: Adinolfi Matteo, Androuët, Annemans, Baldassarre, Bardella, Basso, Bay, Beigneux, Bilde, Bizzotto, Bonfrisco, Borchia, Bruna, Campomenosi, Casanova, Ceccardi, Ciocca, Collard, Conte, Da Re, David, De Man, Dreosto, Gancia, Garraud, Grant, Griset, Hakkarainen, Huhtasaari, Jamet, Joron, Juvin, Kofod, Lacapelle, Lancini, Laporte, Lebreton, Lechanteux, Lizzi, Madison, Mariani, Mélin, Olivier, Panza, Pirbakas, Rinaldi, Rivière, Rougé, Sardone, Tardino, Tovaglieri, Vandendriessche, Zambelli, Zanni

NI: Beghin, Bocskor, Castaldo, Deli, Deutsch, Ferrara, Furore, Gál, Gemma, Giarrusso, Gyöngyösi, Győri, Gyürk, Hidvéghi, Járóka, Kolakušić, Kósa, Lagos, Pignedoli, Regimenti, Rondinelli, Schaller-Baross, Tóth, Trócsányi, Uspaskich, Vuolo

PPE: Adamowicz, Ademov, Adinolfi Isabella, Alexandrov Yordanov, Amaro, Arias Echeverría, Arimont, Arłukowicz, Asimakopoulou, Băsescu, Bellamy, Benjumea Benjumea, Bentele, Berendsen, Berger, Berlusconi, Bernhuber, Bilčík, Blaga, Bogdan, Bogovič, Buda, Buşoi, Caroppo, Carvalho, Casa, Caspary, del Castillo Vera, Christoforou, Clune, Colin-Oesterlé, van Dalen, Danjean, De Meo, Didier, Doleschal, Dorfmann, Duda, Düpont, Ehler, Estaràs Ferragut, Evren, Falcă, Ferber, Fernandes, Fitzgerald, Fourlas, Frankowski, Gahler, García-Margallo y Marfil, Geuking, Gieseke, Glavak, González Pons, Halicki, Hansen, Hava, Herbst, Hetman, Hohlmeier, Hölvényi, Hortefeux, Hübner, Jahr, Jarubas, Juknevičienė, Kalinowski, Kalniete, Kanev, Karas, Kefalogiannis, Kelly, Kopacz, Kovatchev, Kubilius, Kympouropoulos, Kyrtsos, de Lange, Lega, Lenaers, Lewandowski, Lexmann, Liese, Lins, López Gil, López-Istúriz White, Łukacijewska, Lutgen, McAllister, Maldeikienė, Manders, Mandl, Marinescu, Markey, Martusciello, Mato, Maydell, Mažylis, Meimarakis, Melo, Metsola, Millán Mon, Monteiro de Aguiar, Montserrat, Morano, Mortler, Motreanu, Mureşan, Niebler, Niedermayer, Nistor, Novak, Novakov, Ochojska, Olbrycht, Patriciello, Pereira Lídia, Pieper, Pietikäinen, Polčák, Polfjärd, Pollák, Pospíšil, Radev, Radtke, Rangel, Ressler, Sagartz, Salini, Sander, Sarvamaa, Schmiedtbauer, Schneider, Schreijer-Pierik, Schulze, Schwab, Seekatz, Sikorski, Simon, Skyttedal, Šojdrová, Sokol, Spyraki, Štefanec, Tajani, Terras, Thaler, Thun und Hohenstein, Tobé, Tomac, Tomc, Vaidere, Vandenkendelaere, Verheyen, Vincze, Virkkunen, Voss, Vozemberg-Vrionidi, Walsh, Walsmann, Warborn, Weber, Weiss, Wieland, Wiezik, Winkler, Winzig, Wiseler-Lima, Zagorakis, Zarzalejos, Zdechovský, Zoido Álvarez, Zovko, Zver

Renew: Alieva-Veli, Al-Sahlani, Andrews, Ansip, Auštrevičius, Azmani, Bauzá Díaz, Bijoux, Bilbao Barandica, Botoş, Boyer, Brunet, Cañas, Canfin, Chabaud, Charanzová, Chastel, Christensen, Cicurel, Cioloş, Cseh, Danti, Decerle, Dlabajová, Donáth, Durand, Ďuriš Nicholsonová, Farreng, Flego, Gade, Garicano, Gheorghe, Goerens, Gozi, Groothuis, Grošelj, Grudler, Guetta, Hayer, Hlaváček, Hojsík, Huitema, Ijabs, in 't Veld, Karleskind, Karlsbro, Katainen, Kelleher, Keller Fabienne, Knotek, Kovařík, Kyuchyuk, Loiseau, Løkkegaard, Mihaylova, Mituța, Müller, Nagtegaal, Nart, Paet, Pagazaurtundúa, Pekkarinen, Petersen, Pîslaru, Rafaela, Ries, Riquet, Rodríguez Ramos, Schreinemacher, Séjourné, Semedo, Šimečka, Solís Pérez, Ştefănuță, Strugariu, Søgaard-Lidell, Tolleret, Toom, Torvalds, Trillet-Lenoir, Tudorache, Vautmans, Vedrenne, Verhofstadt, Vázquez Lázara, Wiesner, Yon-Courtin, Zacharopoulou, Zullo

S&D: Agius Saliba, Aguilera, Ameriks, Andrieu, Androulakis, Angel, Ara-Kovács, Arena, Avram, Balt, Bartolo, Belka, Benea, Benifei, Beňová, Bergkvist, Biedroń, Blinkevičiūtė, Bonafè, Borzan, Brglez, Bullmann, Calenda, Carvalhais, Cerdas, Chinnici, Cimoszewicz, Ciuhodaru, Číž, Cozzolino, Crețu, Cutajar, Danielsson, De Castro, Dobrev, Durá Ferrandis, Engerer, Ertug, Fajon, Fernández, Fritzon, Fuglsang, Gálvez Muñoz, García Del Blanco, García Muñoz, García Pérez, Gardiazabal Rubial, Gebhardt, Geier, Glucksmann, González, González Casares, Grapini, Gualmini, Guillaume, Guteland, Hajšel, Heide, Heinäluoma, Homs Ginel, Hristov, Incir, Jerković, Kaili, Kaljurand, Kohut, Köster, Krehl, Kumpula-Natri, Lalucq, Lange, Larrouturou, Leitão-Marques, López, López Aguilar, Luena, Maestre Martín De Almagro, Majorino, Maldonado López, Marques Margarida, Marques Pedro, Matić, Mavrides, Maxová, Mebarek, Mikser, Miller, Molnár, Moreno Sánchez, Moretti, Negrescu, Neuser, Nica, Olekas, Papadakis Demetris, Penkova, Picierno, Picula, Pisapia, Pizarro, Plumb, Regner, Roberti, Rodríguez-Piñero, Rónai, Ros Sempere, Ruiz Devesa, Sánchez Amor, Sant, Santos, Schaldemose, Schieder, Schuster, Sidl, Silva Pereira, Sippel, Smeriglio, Stanishev, Tarabella, Tinagli, Toia, Tudose, Ujhelyi, Ušakovs, Van Brempt, Vind, Vitanov, Vollath, Yoncheva, Zorrinho

The Left: Maurel


> Renew

If my comma-counting shell game is correct, this makes for 89/98 MEPs in what used to be the liberal group (ALDE) before they joined up with LREM in favour. A pretty shameful display, but while I was in a way relieved to see that the five German (FDP) members of the group [1] are not appearing in the list, that does mean I'm not even sure who I could complain to (since it's not like we have other "pro-freedom" parties in the EP)...

[1] https://www.europarl.europa.eu/meps/en/search/advanced?count...


OK Boomers, good luck with that.

It's fun watching old people legislate on things they don't understand.


I mean not to be a conspiracy theorist, but I am pretty convinced they and other gov orgs (US, UK) are probably doing it already if I had to guess.

This makes the stuff they find legally useable for evidence I guess.


Also to normalize "black boxes" that are run by private companies to monitor thaffic.


Damn CCP! Oh, wait…


I wonder how this meshes with GDPR as this seems like a huge violation of it. Law enforcement being able to dig into messages with a warrant is one thing, but delegating responsibilities to platforms to look for crime is quite another.


Rules for thee but not for me.


My understanding is that this explicitly creates an exception from one of the EU privacy laws (not sure if GDPR or something else) so that providers can scan your content.

While this doesn't seem to oblige providers to scan your content, that is expected to come in a next step.


1. this seems to be misinformation, the author is the only source on the topic

2. it would probably be compatible with GDPR anyway. GDPR article 6, paragraph 1: "Processing shall be lawful only if and to the extent that at least one of the following applies [...] (c) processing is necessary for compliance with a legal obligation to which the controller is subject"


Which part of GDPR does it violate?


This sounds insane. Everybody that voted for this needs to lose their seat.


It is a "think of the children" law, the last time the European Commission pushed a law under that reasoning it turned out they were targeting mainly political activists. Back then the super secret list of child porn sites they cited as impossible to take down through sane means contained two things: child porn sites that were taken down within 24 hours of the list becoming public and the sites of political activists. There is no way in hell any of the politicians that voted yes on this law thought of children when they did, at least not in a socially acceptable way.


do you have a source for this?


Seems like it has been a bit longer than I thought, also these kinds of laws seem to pop up every other quarter, making it near impossible to find information on a specific event. Most I can currently find are sources on the Zugangserschwerungsgesetz which was partially driven by the same Politicians trying to install an EU wide blocklist. While the source does not mention the blocking of political activists (a change that the content of the list would be confirmed by an independent board is mentioned) it does cover the success of deleting over blocking and lies like "India does not have laws against child pornography". [1]

[1] https://netzpolitik.org/tag/Zugangserschwerungsgesetz/


I hear lots of amazing sounds (and accompanying self congratulation) from the EU when it comes to "human rights". Time and time again though, they prove they're not actually interested in human rights or interests of their own citizens.

Which means all their other cries of human rights about other issues are empty crocodile tears. Even when it may happen that the side they take is a good one from a human rights perspective, that's obviously purely by coincidence that it happens to align with their agenda.

Horrifying.


[flagged]


Sadly I believe this is legit. Here's a better* source https://www.politico.eu/article/european-parliament-platform...

*This source at least explains the other side of the issue.


It should be noted that this allows for the continuation of voluntary scanning and reporting to CSAM that some companies do for all messages that goes via their platforms.

This is also a temporary legislation that will be in place until a long term legislation is in place.

Regardless of that I do think this legislation is bad.


Really? It seems to refer to this: https://iapp.org/news/a/eu-lawmakers-close-to-agreement-on-t... which looks to be very much true.


How is it satire? Wikipedia[0] says that Patrick Breyer is a real MEP and this is his official blog.

[0] https://en.wikipedia.org/wiki/Patrick_Breyer


Yes he is. Here are twitter and fediverse accounts:

- https://chaos.social/@echo_pbreyer

- https://twitter.com/echo_pbreyer


Appreciate the correction. I assumed it because of the last line "More Information on Chatcontrol: www.chatcontrol.eu" - that link literally redirects back to his own website.


Legitimately terrifying that a new surveillance state can be announced and nobody knows if it's satire or not.


Quite!


It seems then the worst from both worlds: accept cookies popups and GDPR bureaucracy with mass surveillance.


The good thing about this is that within a decade there will be no more corruption, no more forced prostitution, no more corporate abuse. It will be utopia.


I’m genuinely curious how you think that will come to pass. All those things existed before the internet and will continue to do so after this. Is there a missing /s?


Yes, I'm pretty sure that was sarcasm. Can't prove it, but I'm still pretty sure...


I think it's the establishment, i.e. the old wealthy families who run things, are very concerned with the migrants crisis and the real possibility to lose control.


Lol. These "old wealthy families" caused the "migrant crisis"


Because they needed cheap labour. Now they're scared this cheap labor will get out of their control.


It already has gotten out of control, hundreds of thousands of people crossed the borders without any checks. There was also this bizarre case of a man now pre-crime style accused of terrorism, although the charges seem very questionable when you look into it:

https://www.france24.com/en/live-news/20210525-german-soldie...


I'm partial to blaming the lizard people as, being lizard people, they don't have feelings.


Something I'm wondering is how this will affect Europe's ability to attract and retain top tier talent.

Europe already seems to be losing to the US. Will this accelerate this brain drain or slow it? [0]

[0] https://spectrum.ieee.org/at-work/tech-careers/the-global-br...


The same law already exists in US and Australia


Can you point out the specific same law that already exists in the US?

What exists in the US is primarily the absence of restrictive laws. Private companies can - for the most part - freely scan your communications/data that go across their service depending on the terms of use/privacy they set.

What the EU is doing is quite different from the US approach. They're starting out from a supposed perch of claiming that they very strongly believe in privacy rights, and then they're violating that to an almost comical degree. The difference is one of remarkable hypocrisy.


Australia has a pretty bad drain to the US.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: