Man, what an authoritarian law to pass. I expected better of the EU.
Democracy and freedom is a continuing struggle. The EU is not better at it because these proposals don’t get submitted, but because they keep being shot down.
Also, this is just another proposal that likely won’t pass, which doesn’t mean we should be asleep on it. These idiots will keep trying.
Say this goes into force. So what happens when some random EU user downloads a software package from a non-EU-based source that doesn’t comply and uses it to talk to servers outside the EU?
I mean, I can even give an off-the-cuff example for today. Get an XMPP client like Pidgin. Install the OTR plugin. XMPP clients let you choose any server you want, and XMPP servers federate. You now have (deniable) end-to-end encrypted messaging.
XMPP servers outside the EU are not going to care about EU mandates. Is the EU going to set up a “Great Firewall of Europe”, try to build a list of XMPP servers, and block access to them? What happens when people access XMPP servers via something like Tor? Is the EU going to try to identify Tor traffic and block it too?
Nothing special, these proposals try to make the phone OS scan your messages at rest instead of trying to break encryption. So you could use your XMPP client and then when it decrypts the data for you to read, it would also be read by the scanner.
I’m not sure about this latest approach but previously these have suggested that operators should provide either keys to decrypt the messages or straight up backdoors on server software to intercept messages there. At least I haven’t heard about a mandated user end scanner.
The whole idea is catastrophically bad on multiple fronts. It’s sold (as usual) via some twist of “protecting the children” or “protecting the populace” but in practise it would often just make it easier for criminals (CSAM spesifically) to stay under the radar and undermine all kind of privacy for EU citizens in the internet (whistleblowers, reporters, oppressed minorities and groups like that would be first to feel the effects). We need better politicians who actually understand what they’re proposing.
Denmark: Fuck the GDPR
It won’t come into force in October 2025 as it didn’t before, but I bet we will see soon another attempt by the next EU presidency, “The EU could be scanning your private chats by March 2026, Cyprus has reintroduced chat control”
With Germany probably being swayed this time, what makes you so sure?
for sure this wont be abused, like listing up people who support palestine and such
