"The procedure now chosen gives the proponents of Chat Control a significant tactical advantage. Since the law is in its second reading, an absolute majority of 361 votes of all parliament members is required for amendments or a renewed rejection on Thursday. In contrast, a simple majority of the MEPs present is sufficient for the other side. As many parliamentarians have historically already departed by the last day before the summer break, the re-enactment of the regulation is considered almost unavoidable."
So, if I'm reading this correctly, Chat Control is bound to become law? and this is after I think 2/3 rejections, how democratic of the EU.
Oh, and parliamentarians starting their summer break whenever they want will never not be funny.
> So, if I'm reading this correctly, Chat Control [2.0, implied] is bound to become law?
Nope. This is bad, but not THAT bad.
This is an extension of the existing Chat Control 1.0, which was set to expire (or maybe already has, I didn't keep track). AIUI it gives chat companies permission to scan user chats for illicit content, but does not mandate it.
This is bad, but it's not the much worse still Chat Control 2.0 that was defeated several times already.
I think their point is that you lose some battles in a war, chat Control 1.0 is a battle that was already lost. While it is still worthwhile to make an effort to retake lost ground there, that can be done strategically and through habitual effort and does not demand immediate attention the same way an imminent threat of losing new ground would be
> chat Control 1.0 is a battle that was already lost
That’s not true, the previous instance of it expired, and the parliament rejected it. It wasn’t already lost, it was actually a win for people against the proposal
I can't actually think of a good reason that the law should prohibit a company from having the option to automatically scan private messages for CSAM. Can you?
Certain implementations may fall afoul of data protection laws however.
Because they shouldn't be scanning private messages indiscriminately no matter for what. Lets rephrase it and look at it from "private companies will scan their users private messages for evidence of crimes and report people to police." Where is the limit here? I think it is naive to assume this will stop at csam and will soon be used as a judicial bludgen to extort random citizens for petty crimes that in any other case nobody would ever care or know about.
So you specifically are rebutting the petty crimes however the real risk is leverage that the government and orgs gain by having asymmetrical access to information that no one else does at scale. This can be used for a variety of reasons but see below some examples of internal corruption by employees and what I would argue is the exact misuse of this power to gain political leverage.
https://www.reuters.com/article/world/uk/nsa-staff-used-spy-...https://www.aclu.org/news/national-security/prospect-blackma...
These are what leaked. Which is to say that it is very naive to assume that large powerful organization is not going to use its power for gain.
Microsoft and Facebook both use the scanning to network your connections and to build profiles of users to better manipulate your behavior. Hence the Cambridge Analytica Scandal let alone what we dont know about.
Why hand over power to these super powerful and large orgs? What do we supposedly gain as a society?
I mean look at flock and Palantir, all it takes is for the political winds to change and the power is there because of these bills.
>extort random citizens for petty crimes that in any other case nobody would ever care or know about.
With the massive, byzantine web of local, state and federal laws everyone is violating numerous laws and regulations all the time. The goal here isn't to arrest everyone all the time for petty crimes and regulatory violations, it is to give the ability to the powers-that-be to select anyone engaging any frowned-upon behavior and pull up a list of legal violations that can be used to silence and/or imprison them. Activists, protesters, political opponents, people who are against whatever latest war the government chooses to engage in or speaking up against "chat control" or whatever the latest Orwellian government seizure of power is will be the ones who are targeted. The end game, which we are rapidly approaching with the elimination of privacy and individual autonomy, is totalitarianism.
We never know, because it depends on what your source of information is instructed to propose. Like public opinion polls that created false illusion of what majority wants. But it's just a sample with manufactured questions manipulated to answer specific options.
Personally, I don't fell lawmakers proposing laws that I want. Firstly, because I don't belive that laws are solutions for problems.
> So, if I'm reading this correctly, Chat Control is bound to become law? and this is after I think 2/3 rejections, how democratic of the EU.
Yes, (un?)fortunately that's how democracy works. You keep trying until you get the required majority. No different than elections.
And now, instead of blaming "democracy" or the EU, how about we look at people we all elected to our national and EU institutions who are now making this happen.
And just preemptively, there's is not a single person in a decision-making position on this issue whose power wasn't gifted to them either directly or indirectly by the voters. So let's not blame the EU for people being dumb with their votes.
It’s the council. We have to be clear which institution we are talking about within the EU, otherwise that doesn’t make any sense. The European Parliament already pushed back that proposal. The EU is made of a lot of different actors with their own agenda.
Here the council, with the help of the EPP party is doing that undemocratic maneuvering: They made it on purpose so that the parliament is unlikely to be able to push back a third time (all of that leaked a few days ago)
If the EU as a system has an undemocratic backdoor it's descriptively correct to call it undemocratic. Not to play too hard on the HN user stereotype, but you wouldn't call a computer system that is mostly secure other than a known privilege escalation exploit secure, would you?
Every single democratic system relies on norms at some level. Democratic isn’t a boolean flag. When the French prime minister is using the 49-3 rule to bypass the parliament that’s undemocratic, that doesn’t make the system itself undemocratic. When a US president is using an executive order to pass a law that’s undemocratic, that doesn’t make the system itself undemocratic. Here the maneuver goes against the spirit of democracy and against the expected norms, however the EU itself is democratic
Even with the hugely expansive U.S. government and executive branch, an executive order is much more restricted in scope than a law passed by congress.
Well, we don't really see all the democracy in the US, especially in this last term.
When the congress doesn't even know that the president can do this or that, it's just dictatorship with some theater. In Europe, the EU's powers are much much more limited.
The way the EU is designed has nothing to do with the US or France. First the Parliament and Council (the bodies democratically elected) do not have power of legislative initiative.
Then the Commission, which is a "super" executive power, is not democratically elected. Unlike France or the US (the two you mentioned).
The EU has an architecture that is fundamentally different from the US or French system. In many way it is actually closer to something like the UN or PRC.
In parliamentary democracies, governments tend to not be democratically elected. The Commission is no different than most European governments when it comes to that.
You’re missing the point I’m making, which is about how „democratic“ is a nuanced spectrum. I’m not drawing parallels regarding the way the institutions are implemented. Also, the French prime minister and government isn’t democratically elected. Only the president is
The head of the executive is elected, that makes quite a big difference.
> You’re missing the point I’m making, which is about how „democratic“ is a nuanced spectrum.
Yes and some have the right to argue that China is a democracy. They do have a lot of elections.
And the CCP has a very broad spectrum of ideas and politics within it, in fact much broader than the people you will find in the EU Commission.
In the end it is about how much you perceive the common will is represented and served by the regime in place. Chat Control has openly gone against it for years and is being shove down our throat.
And there is a reason why farmers have been driving their tractors to Brussels from all over Europe for decades. The trip ain't cheap.
> you wouldn't call a computer system that is mostly secure other than a known privilege escalation exploit secure, would you?
People do this all the time, regardless of whether or not they're right or wrong. "This product I own is definitely secure because the marketing says so, even if the CVEs prove me wrong" is a common sentiment online and in real life.
Not to play too hard on the computing-detatched normie stereotype, but this type of surveillance is bound to succeed due to their apathy. We've seen this play out in the US before, and it's always a shoo-in for the surveillance legislation. Security, privacy and fairness doesn't even cross most people's minds anymore.
It does matter, the parliament vote is precisely what pushed the council/EPP to do their most recent push in such a disgusting, undemocratic way. The parliament still has a say, but elected are likely to already be on vacation (which is another dumb thing, but what the bad actors here are actively taking advantage of)
Well, these are the MEPs elected by member states. We don’t like the outcome but this means chat control is well supported within the government of each country.
Yup, edited to clarify I mean the MEPs bring “the will of the people”. Clearly not enough has happened on local level to raise awareness / lobby against chat control. I don’t think many outside tech are even aware if the slippery slope of the surveillance machinery.
The European Council (heads of states) sets the agenda, the European Commission (delegates from each state) writes the laws, and the MEPs (elected by the public) decide whether or not to accept the laws.
The Council decided Chat Control was on the agenda, the Commission wrote the law, and the MEPs voted to reject said law in March. Then the president of the parliament (not the MEPs at large) asked the Council to ignore the March vote and proceed with the agenda under urgency as if it had passed.
Now a minority of the MEPs (331 out of 720) - but a majority of who were present at the time and chose not to abstain - have voted to deal with the matter under urgency, but haven't voted on the substance of it. This makes the actual vote happen on the last sitting day, when apparently they are hoping a lot of MEPs will be away.
> The Council decided Chat Control was on the agenda
The Council is different from the European Council (yes, the treaty drafters were not much creative in naming institutions), the latter is composed of the heads of states and sets the agenda like you said, while the former is composed on ministers in the policy area under discussion, and it's a "co-legislator" together for the Parliament (on most areas, including Chat Control 1.0 & 2.0, both must agree to pass an act).
The issue here (it's part of the "democratic deficits") is that, in its second reading, the EP needs an absolute majority to amend/reject the Council first reading, and a simple majority to approve it and pass it into law.
uhm, the will of the people is often already half-lost with the politicians/parties they directly elect, so I would hardly consider another layer of representative "demo"cracy on top of another layer of representative democracy following the will of the people at all.
But true, I blamed this on the Commission when I should have just started with this criticism of the overall system.
We have representatives in Switzerland, please don’t misrepresent our political system to push your anti-EU agenda. We do not vote on every single laws. It’s a semi-direct democracy. A representative democracy is the most common instantiation of democratic systems.
Making it not illegal for Facebook to scan your DMs is not autocracy. (And we know Facebook does that whether it's legal or not.) To make it autocracy, at a minimum they'd have to mandate the scanning, which is Chat Control 2, which is still not passing.
Just as there a counter-suits perhaps we need more counter-laws. When something like this is defeated, a law is instead introduced to make chat control explicitly illegal.
Not quite, the EU parliament can't propose new laws nor repeal existing ones, only amend them and vote on proposals from the commission.
The Stop Killing Games campaign, for example, has noticed that the EU commission keeps repeating lobbyist lies and has no expectations of new laws actually passing, so they're focusing on amending existing law through parliament.
The repeal would have to be proposed by the same people who proposed the law in the first place. The European Parliament can't initiate the process on its own.
Pray tell, how would stepping closer to a dystopian hellscape help the internet from eating itself? Somehow, having omnipotent watchers is going to make the internet... more fun and welcoming?
I think he means that maybe it‘s for the best if „the internet“ in its current state dies, i.e. people move on from the current platforms towards other ones or real life.
So basically the people we elected will vote yes. How's that undemocratic? Because the majority doesn't vote the way I like it? I'm not even ironic, I truly don't understand those comments. You get what you voted for, garbage in garbage out.
All votes have a certain margin or fluctuation, as individual representatives can be pressured, swayed, or coerced by any number of means. If a vote fails over and over again then eventually passes under dubious circumstances (start of vacation when attention is elsewhere), that seems to be against the spirit of democratic rule. At least to me, but what do I know? Maybe everyone loves this outcome and all the prior rejections were just a fluke.
Because they're not representing the needs of their constituents? Democracy is more than just voting—and if it wasn't, most states we think of as authoritarian would also be democratic.
Well, you can imagine a bunch of scenarios that match the "try repeatedly until it succeeds".
One good case: The original rule was good but had specifics that made it unpopular. Retrying repeatedly is a pathway to refining it into the minimal valuable version that is acceptable to all.
One bad case: The original rule is terrible and progress was stopped only because of public outrage. The assumption of the public is that a groundswell of opposition will cause a fundamental rethinking. However, because such outrage cannot last, repeated attempts will cause fatigue in the public opinion and resignation to pass anything.
If the situation is closer to the front it's "democratic". If it's closer to the back it's "not democratic". One represents a refinement to match the will of the people; the other relies on our human inability to focus tremendous energies continuously on a broad front. Both match a representative democracy repeatedly tabling (haha) a bill.
The vast majority (72%) of European citizens are opposed to Chat control. Regardless, the proposal has been brought up and rejected relentlessly, mostly by action of politicians (commissioners) who are not directly elected to begin with. We have more than enough reasons to be furious.
That's talking about a different Chat Control that has mandatory scanning. This is talking about an older Chat Control that allowed sites to scan on their own without getting in trouble due to privacy laws, which has been in effect but recently expired. The thing passing now is reauthorizing that older law.
We already had two votes to renew it before it expired, and both failed. The second one was forced by the EPP immediately after the first, and then they voted against it too because they failed to amend it even stronger before the vote.
What you have to understand about issue polling is that it's very easy to get whatever results you want if you simply instruct the pollster to ask in absurd ways. This was the question posed to respondents:
> EUR02a. Some politicians are calling for the automatic searching of all personal electronic mail and messages of each citizen for presumed suspect content in the search for child pornography. Suspected cases will be notified to the police. An advantage of this could be that more offenders are caught. However, according to police reports, in the vast majority of cases innocent citizens come under suspicion of having committed an offence due to unreliable processes. Please place yourself in the position that your personal electronic mail and messages are searched for suspect content. What is your opinion?
Obviously this is not a good faith attempt to understand if people support message scanning.
Since you don’t consider that “good faith” I have rephrased it for you, in a format you may prefer:
> EUR02a. In the interest of protecting children, some politicians are calling for the automatic searching of all personal electronic mail and messages of each EU subject in the search for dangerous, illegal child pornography. Suspected cases will be notified to the police. An advantage of this could be that more offenders are caught and children protected. According to activists who defend child pornographers, police reports indicate that a few innocent people may be mildly inconvenienced due to unreliable processes. Please place yourself in the position of a law enforcement official trying to catch these evil people, who is currently obstructed due to false questions of “rights” and “privacy.” What is your opinion?
I jest, of course, I’m sure you would prefer something more straightforward and less manipulative like “EUR02a. Do you support child pornography?”
I understand that you're trying to dunk on me but I don't get what the point is supposed to be. It's certainly possible to come up with other bad ways to ask the question. If someone was interested in genuinely understanding the public's opinion, rather than including a demand to take some particular perspective, they would ask things like "Do you support online platforms scanning all personal messages for child pornography?" or "If you had to weigh the two, would you consider detection of child pornography or the right to privacy to be a higher priority?" And of course for the latter you’d randomize the order in case people are more or less likely to pick the first option.
I suppose the gold standard would be to present detailed arguments from each side with evidence (if any), for context. Barring that, the original question did seem to provide a rough summary of each side’s position. It may be weighted towards the anti Chat Control side, with the formulation “pro says this, but anti says this, and imagine that you are affected”. So perhaps they could have asked a reverse formulation 50% of the time to be more fair. But the poll was commissioned by Breyer, and of course he wanted to bolster his position.
Your context-free formulation on the other hand provides no information for voters to weigh. Privacy or child porn detection? Well I guess I’ll pick child porn detection. Oh, you wanted to do what to my privacy? Never mind!
Even your slightly longer formulation doesn’t really explain what scanning means and how that might affect people and society. Most people aren’t familiar enough with technical and legal details to dig into the implications without added context.
You could just write the simple effect of the law: "EUR02a. Facebook employees read your private messages. If they see child pornography, they will call the police."
It's important not to phrase it as "read your messages to detect child porn..." because that implies they won't do anything else with the messages, and Europe is a place where they still assume that if someone says they do X to do Y, they're only allowed to do Y and severely punished for doing anything else.
What scanning means, and how that might affect people and society, are precisely the issues in dispute. A poll which tries to provide arguments and evidence about contested issues cannot yield meaningful results. To pursue this line of reasoning, for example:
> Your context-free formulation on the other hand provides no information for voters to weigh. Privacy or child porn detection? Well I guess I’ll pick child porn detection. Oh, you wanted to do what to my privacy? Never mind!
you might ask questions like "How comfortable would you be with your personal mobile provider scanning your chats for child porn?" or "What would you consider to be an acceptable accuracy rate for such a scanner?". Then you could reasonably infer that respondents who say "not comfortable" or "90-100%" oppose Chat Control, because Chat Control will perform such scans and they're not 90% accurate. (Someone else who thinks the scans are 90% accurate might respond that your interpretation is wrong, but this dispute would not call the poll results themselves into question.)
Yes, and it would have been great if the EU had asked these sorts of questions publicly to develop its policy. Instead it was developed mostly behind closed doors, and it was up to politicians like Breyer to oppose this in Parliament. He presented the question as a political opponent would, although he gave an “out” for people who disagree—you can still answer his question by supporting Chat Control if you feel most strongly about catching criminals.
I don’t think the voting result would be different if he had been even more fair about this question, as the poll is not something that MEPs are going to care about. This was clearly designed to be passed by any means necessary, and this time they got it through. But at least now people have a poll to use when they campaign to repeal it in the future, or when they want to point to the unrepresentative nature of EU decisions like this one.
So many comments about the EU constantly re-trying the same law with minor tweaks, and about how legislatures do this in general. I wanted to provide an explanation for this behaviour.
The way legislation is expected to proceed in countries with parliamentary systems, especially with strong civil services, is that
1) a problem is identified. This can be the civil service detecting it on their own, petitioning from groups impacted by the problem (lobbying, the public etc).
2) The government prioritizes problems to solve according to political imperatives.
3) The civil service and/or parliamentary committees gather evidence on the problem and possible solutions.
4) the civil service and/or committee report on the issue. In practice this always finds the solution that the government wanted.
5) A bill is drafted based on the report.
6) The bill then proceeds through parliamentary committee, legislative votes, and whatever else is part of the lawmaking process.
When we see this issues fail, it's typically at step (6). But the problem still exists, and the issue is still on the agenda. It's still a priority to solve. So steps 4-6 are re-tried with different parameters that hopefully allow the bill to pass and the problem to be solved.
Just failing to pass parliament is not enough. You also need the political leadership to redirect their prioritization and implicit preferred solution.
I'm not saying this is good, just this is what happens.
Step 6 is entirely missing in the EU. The parliament doesn’t form a committee to debate and perhaps refine the law, it just votes on what is put before it.
The Parliament has many committees that do exactly what you're saying, while the Council meets in various configurations of national ministers depending on the law being voted on
Until legislators fear loosing their seats more than they desire a policy, they're not going listen to the people. That's why political manovering, lobbying, activism etc are part of the political process.
It's even worse for places like the EU that have a strong civil service or with a branch like the EC that isn't elected, because the processes above are very insulated from the general public
“We decide on something, leave it lying around, and wait and see what happens. If no one kicks up a fuss, because most people don't understand what has been decided, we continue step by step until there is no turning back.”
And
“If it's a Yes, we will say 'on we go', and if it's a No we will say 'we continue'.”
And the worse part is: they do that because the alternative means you're building a railway on a surface tunnel because some people don't like it (or worse, not building anything)
Even if you are not in the EU, this will affect you. Some countries really like to copy such regulations from others. Once services starts complying, other governments will go like "if you did for them, you can do it for us, right? so it's not technically impossible", and things only get worse from there. Not all services will simply block the EU as well, which would be better to send a stronger message if approved.
Centralized messaging services won't last long, their capture is sadly inevitable. In the long run, only self-hosted/decentralized protocols can resist what's coming.
In the meantime though, Signal specifically should not do something stupid like blocking the EU, which is basically surrender. They are a non-profit headquartered in the US, so there are zero business risks to non-compliance - nothing in the EU to fine or seize. And the EU has no jurisdiction over servers in the US, all they can do is build their own Great Firewall. (However, they might pressure AWS to deplatform Signal - hopefully the team is prepared for the possibility that self-hosting will be necessary soon.)
> Centralized messaging services won't last long, their capture is sadly inevitable. In the long run, only self-hosted/decentralized protocols can resist what's coming.
Very much. I also fear they coming for this, we already have instances of where using secure alternatives tags you as a criminal[0], so i don't doubt a future where non-approved applications will get you in trouble. With everything happening around Android locking itself down[1] and Windows being a spyware[2] anybody who wants privacy will be 'different', and can be tagged and excluded from parts of society for not using the same services.
This is why you should be building parallel networks and even institutions, as the Czechs did under Soviet rule (look up “Parallel Polis”). Mutual aid will become critical.
The trouble is that most conventional ways of building a new service are trivial to block. What is needed now is unstoppable messaging and social networking built on top of existing services and protocols that won't be blocked right away, services with more legal protection - like email with GPG, or some kind of steganographically encrypted layer on top of Instagram.
Imagine all I ever posted was cat pics... unless I have your public key and then all of a sudden those pics are decoded into messages of dissent
I am speaking beyond services, you need allies who are willing to come to each other’s aid, especially financially, but also for things like physically relaying data from place to place if that is ever needed. And for more mundane things like watching your house when you are out of town. Offline networks are going to become much more critical.
I wish you were right, but the EU only needs Google and Apple, both having big EU businesses, to block Signal.
Google is already working on closing the possibility to install apps from outside the app store, Apple has been like that since forever. The fact that a few technically savvy users with rooted phones will still be able to use Signal doesn't mean anything. It will be dead if the EU decides they don't want it.
Signal is quite likely to fail on account being a single organizational entity running the service and refusing to adapt their protocol for federation. In fact, it might already have happened (partially) and you wouldn't know, because they're US-based. The US has the National Security Letters mechanism:
This is existing regulation being extended. It allows sites to scan messages. Not mandates.
These kind of responses is why it is hard to trust privacy advocates on HN. They are high on rhetorics, but half the time dont know what they are talking about.
I hope I'm being pessimistic about that. If I'm wrong, great.
I did saw it was an extension of the 1.0. To my understanding, "allows to scan" can also mean enabling a pipeline for accepting requests of scanning lawful content because, well, they can. In practice, it creates a mechanism to crawl people's information because when they feel like. While the law do make it explicit that this 'allowance' should not be used for anything else outside of the scope, i can't trust they won't. Once the mechanism is there, and that is valid for other countries, it might be used for stuff outside this scope since it's possible.
I work in the ISP field, and this happened in another context. First, a pipeline was built to block sites without a judge, because doing it only with court orders made it to difficult. After a few months of many ISPs complying the scope grew, now they can target piracy websites at will, and you must comply. Why stop there?
My fear is that this sets an example. I hope I'm wrong, but i don't trust them. There's a reason it was rejected before and it is being passed like that now.
Sorry for copypaste, but I still hope people will see true intentions of govt.
Just a recap how it happened in Russia:
1. First, year ~2015 legal framework was created under disguise of banning pirated media(specifically torrents.ru)(legislative push). State-wide DNS ban introduced. Very easy to circumvent via quering 8.8.8.8
2. Then, having legal basis, govt included extra stuff in banned list(casinos, terrorist orgs, etc)(executive push). IP bans introduced, applied very carefully.
3. Legal expanded allowing govt to ban specific media on very vague criterias(legislative push). IP blocks tried on some large websites. DPI hardware mandated to be installed by ISPs to filter by HTTPS SNI(executive push).
4. At ~2019 Roskomnadzor(RKN) created, special govt entity which enforces bans without court orders(legislative push).
5. ~2021 sites become banned if they are not filtering content by Russian laws by request of RKN(executive push). VPN services were obligated to also DPI-filter traffic(legislative push).
6. ~2023 Crackdown on VPN started(executive push). Popular commercial services were IP-banned, OpenVPN and IPSec connections selectively degraded by DPI.
7. ~2025 Heavy VPN filtering(vless, wireguard, etc) introduced(executive push). Performance of certain sites were degraded(youtube, twitter, etc).
Yes - this allowed companies like Google, Facebook, Snapchat etc to do what they already do (voluntarily) in the US and other territories - scan unencrypted user-uploaded or shared media for matches against NCMEC hashes, and image classifiers trained to find novel CSAM.
When you hear of "person arrested after NCMEC cyber tip" that's what this enables - people sharing or storing CSAM that was caught by this scanning, reported to NCMEC, and then sent to local authorities.
I have zero problems with Chat Control 1.0 as the existing derogation brought the EU into line with the rest of the world. Chat Control 2.0 is problematic however, but again, is not what's being voted on here.
I genuinely mean no disrespect here, but if the title reads as cryptic, your sources haven't been fully informing you about the issue. "Derogation from certain provisions of the ePrivacy Directive" is just what Chat Control (or at least Chat Control 1.0) means.
> I keep telling people about such things and I am looked at as nerdy, geeky or boring.
Hm, yeah, we have our work cut out for ourselves. Politicians can't do nerdy nor geeky, but it's their job to talk in a way that moves people. That's why we keep electing absolute idiots that can't even speak that well, all things considered, but who can "charm", for a given definition of charm of course. To be heard we need to remain nerdy and geeky at our core, but talk in a way that moves people.
In this concrete instance, what I do when somebody brings Chat Control to the conversation and other listeners start to roll eyes, is to derail the conversation with colorful yarns about how we did surveillance in the old days of the Soviet Union, and what we did with anybody who was rattled for giving a foul mouth to the Party. "Yes, we didn't have Siberia, but the heat and the savage ants in those sugar cane plantations were damn fine, and honestly you don't need any particular geography for a good old beating... Catching them dissidents was the hard thing, but it all would be so much easier these days... Hey, have you noticed how you talk about one thing and Facebook start popping ads about it almost at once? Does it listen to all our diatribes? I'm pretty sure that's the stuff Chat Control wants..."
First they tried to approve software patents during an agriculture and fisheries council session, now they are bending procedural rules to hack it in before summer vacations. Some weird form of democracy™.
No one will do anything to stop it, nor ChatControl 2.0 in the future. No one will revolt, or seize the government in response to anything that happens.
The world that Liberal Democracy has built has escape valves (tv/streaming/videogames/entertainment, the illusion of democratic choice, mass media and information overload, public demonstrations) for the anger of the massed which despite in older times caused a government to fall or a revolution to start, today cause nothing and are comfortably absorbed or even assimilated for profit by the system itself.
In your doomed reality maybe, but in this reality it was already stopped a couple of times and chances are good, that it will be stopped again - unless people believe all is doomed.
A “no ever” law requires a constitutional majority. And for this concrete case, some member states effectively already have that via privacy guarantees in their constitution.
Finally, it’s important to realize that the power of laws is limited to the extent that people are able and willing to enforce them. Some dictatorships have wonderful things in their constitution that are not heeded at all.
I would have thought that the right to privacy as a fundamental human right would have been sufficient. But apparently not....
Equally, there is abundant precedent for forbidding interference with old-fashioned postal communications, that seemingly doesn't translate to electronic communications...
All new laws should be given a trial period where the lawmakers are forced to live with them for 90 days before the public is subjected to them. At any time during that period lawmakers can change their vote.
In addition there should be pretty specific criteria to determine if the law is successful or not. After 90 days it can be evaluated, and either rolled back or extended
The Wikipedia entry on Chat Control doesn't go into enough detail on what exactly it does, only the history of its legislative process. Can someone update it?
Part of the confusion is that there are two things involved here; 'Chat Control 1', an existing (but expiring) derogation to the ePrivacy Directive which allows, but does not require, providers to scan messages. 'Chat Control 2', which you'll likely have heard more about, would _require_ providers to do this. The wiki article is quite poorly written and implies that 1 is an earlier version of 2, which isn't really the case.
It's probably line item 156/289 on some intern's list of things to check once a week and make sure it "looks good". Politicians engage in just as much publicity management as big corporations do.
As I understand it, chat platforms provider will not be held in violation of the data privacy laws if they add automatic detection and reporting of unlawful content to their platforms. E.G. a CSAM detector in a client app for an end-to-end-encrypted messaging service would be lawful.
Chat Control 1.0 is essentially the existing derogation that allowed cloud providers and messaging apps to do what they do in the rest of the world - voluntarily scan shared media against NCMEC hashes and novel CSAM image classifiers.
We're not talking about E2EE here, we're talking people sharing CSAM on Kik, or Snapchat, or sending it via gmail, or uploading it to DropBox etc. etc.
It also allows inclusion of client side scanners in E2Ee messengers. It seems that nobody did it (yet), but as far as I can tell, it is within the scope ofthe exception.
You're looking for an answer that doesn't exist. The term "Chat Control" was coined by the opponents of these proposals to express their worst case assumptions; they reject the idea that the specifics matter, because they fear that any kind of chat scanning can be abused in basically the same ways. Supporters of chat scanning proposals don't call them "Chat Control" or view all such proposals as part of a unified whole.
"Memories from Krähwinkels days of terror" (my translation - the original is of course leages better)
We, Burgomaster and Senate,
Are hereby proclaiming this mandate,
With great paternal care addressed
To all classes, east and west.
'Tis mostly nasty foreign folk,
Who brashly dared to wildly stoke
Rebellion. Such sinners, let us pray to God,
Are seldom born upon our sod.
There too are atheists, you will find;
Those who leave their God behind,
Who, in the end, will be as prone
To defy our own earthly throne.
Obeying authority is the key
For Jew and Christian, bond and free.
Let everyone close up their shop
When twilight falls, head home chop chop.
If three are gathered in the street,
They must disperse with flying feet.
And after dark, upon the lane,
No lightless soul shall walk again.
All weapons must promptly be surrendered
To the Guildhall, to be tendered;
And every sort of ammunition
Is subject to the same condition.
Who argues in the street shall face
A firing squad in an open place;
Arguing with gestures also must,
Be punished harshly, as is just.
Put your trust in the Magistrate,
Who guards the pious, loving state
Through gracious rule, most wise and kind;
Your duty: simply to not mind.
It's sad to see we pretty much have forgotten the history leading to this poem and how we are reverting so much as a society.
Part of me wants Chat Control to get passed so that there is more incentive for at least the tech literate to start using more decentralized messaging tools.
But afaik Chat Control 1.0 was/is in effect but expired. It's not relevant to Signal or Whatsapp because they're e2ee, it's relevant for eBay, Linkedin, perhaps SMS.
The more people become criminals the harder it becomes to enforce the law. This is especially ironic because criminals that genuinely matter and cause wide-scale harm won't even be impacted by this.
I think this all came from trying to enforce rules on people that shit talk on the internet which is especially pointless now cause you may be trying to enforce law on a random AI agent.
Reminder that EU institutions were designed from ground up to smother democracy:
- Members of EU Parliament cannot propose regulation, only the unelected Commission can, MEPs can only vote yes/no
- EU Parliament is the only parliament in the world where an absolute 50%+1 is needed to reject a bill, ignoring how many MEPs are present/voting. In every other parliament, a quorum requirement plus a majority vote is needed to pass a bill.
This is all fixable by changing the treaties. The first step to fixing it, however, is to give up fundamental opposition to its existence and instead support the underlying ideals and approach the shortcomings from a constructive angle.
The alternative is feeding nationalistic right wing extremism, which we really don't want in Europe.
It is really worrisome to me that such a procedure is even possible. I don't understand all the EU voting rules, they are so complex that it feels to me like if they want to push something through there is always some way to do it even though the vast majority of people don't want it.
This is the anti-EU move but they simply don't understand that.
Authoritarian centralization efforts need to be fought Huang style - with an European twist - as we might be behind on a lot of axis but we "Didn't Wake Up a Loser".
China / US leadership must not be the carte-blanche to formalize whatever low bar in how we handle our own privacy; going straight for the "self own" I guess?
Sorry for prompt mode but I hope this is at least somewhat legible to fellow Europeans, if not please listen to antirez in original Italian or auto translated:
I hear quite a few tangents in there; the main one being: especially in EU we need to go "agentic". Don't wait for politics to do The Right Thing. They should play retrospective backup at best.
I'm thinking they might be actually thankful for having been provided vision / imagination.
Team up with the bureaucrats after the fact but don't listen to them too much - again - to Do The Right Thing. Especially when they are potentially infected by lobbyists...
FFS I hate this timeline; we really need to show up for real. Again and again and again and again...
Don't give up on core tenets basically; the EU is a (comparatively) great place to live because it's a free place.
We can't have multitudes, be "antifragile" etc through centralization and surveillance.
Even if we were to believe this to be a winning move, it's not how this European project was envisioned and we won't ever be able to truly "compete" at that game.
In these times hence we IMO should be doubling down on the core tenets; freedom being chief amongst them.
Akin to how Huang in that interview alludes to globalization and how it made him / USA a winner.
Hilarious that the politicians, the very people who are pretty much always ousted as some form of degenerate pedophile the world over, are the ones pushing for this bullshit and explicitly carving out enclaves where their messages don't get scanned.
UK already technically banned encryption, causing Apple to remove the encrypted cloud service for UK customers. Check UK's "Investigatory Powers Act (IPA)"
i'm so tired of this bs, these elected people act as tsars, even when said NO they try again and again while employing shady tactics and there is no way of punishing these a**holes. Elections exist, but when same 35% (number taken out of butt, but point is - it's low) of people vote we get same sh*t who elects same sh*t to EU. And i don't know about other countries, but my country sends complete degenerates to EU, like litteraly degenerates.
Effect of law enforcement not doing their jobs. Chat Control is illegal in many countries including Germany and that includes preparation for the roll out. Just need a prosecutor with a spine.
> Meta, Google or Microsoft ... to voluntarily search private chats, emails, and messenger services for material related to [excuse]
Look, there are no private chats on any platform or app provided by Meta, Google or Microsoft. They are known to send a copy of everything at least to the US government (the Snowden revelation). So, what's it to them to also do searches on behalf of European authorities? Plus, what do you mean, you don't want to? Are you for the pedophiles? Maybe you're a pedophile yourself! Search his chat logs, tout de suite!
We must really get the people around us to stop using WhatsApp, Teams, GMail, and all of that junk. There are excellent alternatives - we are only a laziness' reach away from actual half-decent privacy.
i'm so tired of this bs, these elected people act as tsars, even when said NO they try again and again while employing shady tactics and there is no way of punishing these a*holes. Elections exist, but when same 35% (number taken out of butt, but point is - it's low) of people vote we get same sht who elects same sht to EU. And i don't know about other countries, but my country sends complete degenerates to EU, like litteraly degenerates.
Talked to a fellow European coworker recently and they seem very supportive of chat control and that it was necessary to stop "far right nationalism" and then I pressed on for them describe what it is and they got angry and refused to clarify. I think this is a good snapshot of where Europe is right now that chat controls have become politically weaponized and people who are supportive of it seem clueless as to what it actually is proposing.
Future looks very dim for EU as a whole, I'm glad I left it for America
you're right, the US is totally freedom and stuff. no problemo that you gotta show your social media accounts when entering, so you can get checked for alignment with the regime. no problem at all. both suck atm, that's the truth
The cypherpunks were right. Rights to encryption are only a part of what we need.
The other part is steganography, or hiding real messages within a innocuous anodyne message stream. And encryption can be used in conjunction as part of hiding said messages.
It can be within pictures with the lowest bit values. It can be constructed punctuation and spaces. Lots of things.
But hidden and plausibly deniable messaging is the ONLY way to defeat a government(s) that want to invade every communication aspect for humans.
The trouble with pictures is that when you share them online the platform will likely compress them before serving them to others, spoiling your steganography. I think text-in-text is the way to go. Decrypt that recipe for brownies into the actual message. For example: https://arxiv.org/abs/2510.20075
One can host their own private or semi-private forum, chat server, chan board, etc... and choose not to re-encode the images and/or permit .tar .7z .zip archives and so on. Keep the bots away with basic auth to minimize skiddie risk to platform RCE's.
It's unlikely people can move their friends to their own platform but the best way I have found is to call it a "fall-back" platform for when Discord and others are temporarily offline. Get people used to the idea that is the place to share things they do not want leaked when the big platform 3rd parties expose files. The admin can encrypt the storage and periodically zero out files and zero out empty space for privacy.
People with slightly higher opsec may choose to block mobile proprietary devices.
Joining a private space that's set up for steganography, or facilitating such a space either by self hosting or by logging in somewhere as an administrator, is sort of at odds with the nothing-to-see-here approach that steganography takes. An adversary that has compromised one message can then use whatever metadata is intrinsic to that space to suss out which other plaintexts might contain a secret, and which other humans might be exchanging secrets in that place.
The ideal hiding space would be visible to the public, and indistinguishable from a mountain of other material that's visible to the public--especially if they don't have to log in to see it. That way if a message is found, the search for co-conspirators doesn't narrow at all.
In that case I think you may be out of luck as most platform change the images. Sometimes they just remove exif data but some compress or optimize in their view the images. In that case maybe find a public site that allows archive files.
What I don't understand is, what kind of legitimate criminal would not use such techniques? Are bank robbers planning things out on iMessage? If so, presumably they won't be criminals for very long. Therefore these types of initiatives only impact the innocent and inept but still active criminals.
The purpose of these efforts is not to catch criminals, at least not primarily, it’s to map the spread of “dangerous” ideas and the networks behind them. In other words, to prevent effective political change.
Found a new problematic meme? Someone leaked a video of you taking a bribe? Someone published a photo of damage from a missile strike? Add it to the database of forbidden media and quickly track down the source.
They'll make sure to catch just enough criminals that when you say it's all bullshit some snooty waste of oxygen on HN can say "well akshually" and link you to some cherry picked news story that makes it all look like a good thing because they caught some small time house painter dumping waste paint in the sewer or nabbed someone for selling vapes to teenagers.
Security is the reason given to us since most of us are too trusting or dumb to look any further into it. It becomes clear security isn't what they're doing it for after giving it more than a few minutes of thought
Nothing is brought to the Commission that local governments do not secretly want, but publically rage against because the voters are against it.
When Brussles then decides, 'there's nothing we can do, it's an EU thing' ... and a moustache-twirl.
The only thing that can stop this is to completely dismantle the EU. Which means, unfortunately, voting for people any good person should rightfully despise.
Dismantling the EU is like burning down your own house to get rid of flies. That is absolutely not the right solution. Without the EU, chat control would already have been implemented in its worst form everywhere, just as it already is in the UK. The UK left the EU and implemented its own version of chat control.
I'm always astonished how democratic politicians willingly allow for tools which might be misused by a future undemocratic party.
I'm not a politician or some civil rights activist but I can see that. It's right there. We have a similar situation in Germany these days. We'll be giving more rights to the Federal Intelligence Service ( foreign intelligence) and the Federal Office for the Protection of the Constitution (domestic intelligence). Basically allowing them to act more offensive (or offensive at all).
We're one or two elections away from having fascists in the government again.
Is it already a conspiracy theory if I suspect them of doing that deliberately because I can't imagine them being stupid?
"The procedure now chosen gives the proponents of Chat Control a significant tactical advantage. Since the law is in its second reading, an absolute majority of 361 votes of all parliament members is required for amendments or a renewed rejection on Thursday. In contrast, a simple majority of the MEPs present is sufficient for the other side. As many parliamentarians have historically already departed by the last day before the summer break, the re-enactment of the regulation is considered almost unavoidable."
So, if I'm reading this correctly, Chat Control is bound to become law? and this is after I think 2/3 rejections, how democratic of the EU.
Oh, and parliamentarians starting their summer break whenever they want will never not be funny.
> So, if I'm reading this correctly, Chat Control [2.0, implied] is bound to become law?
Nope. This is bad, but not THAT bad.
This is an extension of the existing Chat Control 1.0, which was set to expire (or maybe already has, I didn't keep track). AIUI it gives chat companies permission to scan user chats for illicit content, but does not mandate it.
This is bad, but it's not the much worse still Chat Control 2.0 that was defeated several times already.
Thanks for the correction! I guess I can live with that.
yes. Frog will be boiled tomorrow, no need to panic today.
I think their point is that you lose some battles in a war, chat Control 1.0 is a battle that was already lost. While it is still worthwhile to make an effort to retake lost ground there, that can be done strategically and through habitual effort and does not demand immediate attention the same way an imminent threat of losing new ground would be
> chat Control 1.0 is a battle that was already lost
That’s not true, the previous instance of it expired, and the parliament rejected it. It wasn’t already lost, it was actually a win for people against the proposal
>That’s not true,
my bad then, i misunderstood the context
I can't actually think of a good reason that the law should prohibit a company from having the option to automatically scan private messages for CSAM. Can you?
Certain implementations may fall afoul of data protection laws however.
Because they shouldn't be scanning private messages indiscriminately no matter for what. Lets rephrase it and look at it from "private companies will scan their users private messages for evidence of crimes and report people to police." Where is the limit here? I think it is naive to assume this will stop at csam and will soon be used as a judicial bludgen to extort random citizens for petty crimes that in any other case nobody would ever care or know about.
Has this happened before?
The NSA wiretaps all phone calls - do they extort random citizens for petty crimes that in any other case nobody would ever know or care about?
Microsoft has your browsing history - we know this because of the recently unsealed court case. Do they do it?
Facebook already ignores this law and scans the content of all private messages anyway. Are they doing what you predicted?
I don't think even the actual Stasi was stopping people at random for petty crimes, right?
So you specifically are rebutting the petty crimes however the real risk is leverage that the government and orgs gain by having asymmetrical access to information that no one else does at scale. This can be used for a variety of reasons but see below some examples of internal corruption by employees and what I would argue is the exact misuse of this power to gain political leverage. https://www.reuters.com/article/world/uk/nsa-staff-used-spy-... https://www.aclu.org/news/national-security/prospect-blackma...
These are what leaked. Which is to say that it is very naive to assume that large powerful organization is not going to use its power for gain.
Microsoft and Facebook both use the scanning to network your connections and to build profiles of users to better manipulate your behavior. Hence the Cambridge Analytica Scandal let alone what we dont know about.
Why hand over power to these super powerful and large orgs? What do we supposedly gain as a society? I mean look at flock and Palantir, all it takes is for the political winds to change and the power is there because of these bills.
I absolutely believe that if the NSA wants something from you badly enough and has the dirt to blackmail you than they will do it.
It says they may do that. It doesn't say they have to - we all know which messengers are the secure ones.
>extort random citizens for petty crimes that in any other case nobody would ever care or know about.
With the massive, byzantine web of local, state and federal laws everyone is violating numerous laws and regulations all the time. The goal here isn't to arrest everyone all the time for petty crimes and regulatory violations, it is to give the ability to the powers-that-be to select anyone engaging any frowned-upon behavior and pull up a list of legal violations that can be used to silence and/or imprison them. Activists, protesters, political opponents, people who are against whatever latest war the government chooses to engage in or speaking up against "chat control" or whatever the latest Orwellian government seizure of power is will be the ones who are targeted. The end game, which we are rapidly approaching with the elimination of privacy and individual autonomy, is totalitarianism.
A good reason might be that you don't want your private messages to be scanned by any third party in a conversation...
Then don't send them over Facebook - with or without this law
Yeah, or by email, or text message.
> or maybe already has, I didn't keep track
Literally second paragraph.
> to reinstate the transitional regulation for Chat Control, which expired in April
What percentage of EU citizens support Chat Control and what percentage oppose it?
Why is this answer down voted? Isn't a reasonable question to ask? Are the lawmakers proposing laws the majority of the people want?
We never know, because it depends on what your source of information is instructed to propose. Like public opinion polls that created false illusion of what majority wants. But it's just a sample with manufactured questions manipulated to answer specific options.
Personally, I don't fell lawmakers proposing laws that I want. Firstly, because I don't belive that laws are solutions for problems.
> So, if I'm reading this correctly, Chat Control is bound to become law? and this is after I think 2/3 rejections, how democratic of the EU.
Yes, (un?)fortunately that's how democracy works. You keep trying until you get the required majority. No different than elections.
And now, instead of blaming "democracy" or the EU, how about we look at people we all elected to our national and EU institutions who are now making this happen.
And just preemptively, there's is not a single person in a decision-making position on this issue whose power wasn't gifted to them either directly or indirectly by the voters. So let's not blame the EU for people being dumb with their votes.
1 - this is about Chat Control 1.0
2 - The vote was on the "Urgency requirement"
> parliamentarians starting their summer break whenever they want will never not be funny
Eh. This is the least problematic thing here. Some MEPs might just be on official PTO.
The voting dynamics changing beacause elected representatives can't plan their vacations like any regular work place is pretty silly
Yes it's a dirty trick
> how democratic of the EU.
Really, it's not the first time the EU pulls that kind of shite off.
And summertime is the perfect time, in Europe everyone's at the beach.
They even managed to find a work around an actual referendum.
It’s the council. We have to be clear which institution we are talking about within the EU, otherwise that doesn’t make any sense. The European Parliament already pushed back that proposal. The EU is made of a lot of different actors with their own agenda.
Here the council, with the help of the EPP party is doing that undemocratic maneuvering: They made it on purpose so that the parliament is unlikely to be able to push back a third time (all of that leaked a few days ago)
If the EU as a system has an undemocratic backdoor it's descriptively correct to call it undemocratic. Not to play too hard on the HN user stereotype, but you wouldn't call a computer system that is mostly secure other than a known privilege escalation exploit secure, would you?
Every single democratic system relies on norms at some level. Democratic isn’t a boolean flag. When the French prime minister is using the 49-3 rule to bypass the parliament that’s undemocratic, that doesn’t make the system itself undemocratic. When a US president is using an executive order to pass a law that’s undemocratic, that doesn’t make the system itself undemocratic. Here the maneuver goes against the spirit of democracy and against the expected norms, however the EU itself is democratic
If France has a way for the prime minister to bypass democracy that's undemocratic.
That’s what I wrote
>When a US president is using an executive order to pass a law
An executive order isn't a law. It is an instruction for an executive branch agency or committee.
https://www.federalregister.gov/presidential-documents/execu...
Pragmatically the difference does not really matter, om the other hand a executive order migth have more action behind it than a law.
Even with the hugely expansive U.S. government and executive branch, an executive order is much more restricted in scope than a law passed by congress.
Well, we don't really see all the democracy in the US, especially in this last term.
When the congress doesn't even know that the president can do this or that, it's just dictatorship with some theater. In Europe, the EU's powers are much much more limited.
No.
The way the EU is designed has nothing to do with the US or France. First the Parliament and Council (the bodies democratically elected) do not have power of legislative initiative.
Then the Commission, which is a "super" executive power, is not democratically elected. Unlike France or the US (the two you mentioned).
The EU has an architecture that is fundamentally different from the US or French system. In many way it is actually closer to something like the UN or PRC.
In parliamentary democracies, governments tend to not be democratically elected. The Commission is no different than most European governments when it comes to that.
You’re missing the point I’m making, which is about how „democratic“ is a nuanced spectrum. I’m not drawing parallels regarding the way the institutions are implemented. Also, the French prime minister and government isn’t democratically elected. Only the president is
> Only the president is
The head of the executive is elected, that makes quite a big difference.
> You’re missing the point I’m making, which is about how „democratic“ is a nuanced spectrum.
Yes and some have the right to argue that China is a democracy. They do have a lot of elections. And the CCP has a very broad spectrum of ideas and politics within it, in fact much broader than the people you will find in the EU Commission.
In the end it is about how much you perceive the common will is represented and served by the regime in place. Chat Control has openly gone against it for years and is being shove down our throat.
And there is a reason why farmers have been driving their tractors to Brussels from all over Europe for decades. The trip ain't cheap.
> you wouldn't call a computer system that is mostly secure other than a known privilege escalation exploit secure, would you?
People do this all the time, regardless of whether or not they're right or wrong. "This product I own is definitely secure because the marketing says so, even if the CVEs prove me wrong" is a common sentiment online and in real life.
Not to play too hard on the computing-detatched normie stereotype, but this type of surveillance is bound to succeed due to their apathy. We've seen this play out in the US before, and it's always a shoo-in for the surveillance legislation. Security, privacy and fairness doesn't even cross most people's minds anymore.
> The European Parliament already pushed back that proposal. The EU is made of a lot of different actors with their own agenda.
It doesn't matter how the European parliament voted.
https://www.politico.eu/article/president-vs-parliament-robe...
It does matter, the parliament vote is precisely what pushed the council/EPP to do their most recent push in such a disgusting, undemocratic way. The parliament still has a say, but elected are likely to already be on vacation (which is another dumb thing, but what the bad actors here are actively taking advantage of)
> how democratic of the EU
Well, these are the MEPs elected by member states. We don’t like the outcome but this means chat control is well supported within the government of each country.
MEPs are directly elected by citizens, not governments. It's the Council instead where representatives (ministers) of all national governments sit
Yup, edited to clarify I mean the MEPs bring “the will of the people”. Clearly not enough has happened on local level to raise awareness / lobby against chat control. I don’t think many outside tech are even aware if the slippery slope of the surveillance machinery.
The European Council (heads of states) sets the agenda, the European Commission (delegates from each state) writes the laws, and the MEPs (elected by the public) decide whether or not to accept the laws.
The Council decided Chat Control was on the agenda, the Commission wrote the law, and the MEPs voted to reject said law in March. Then the president of the parliament (not the MEPs at large) asked the Council to ignore the March vote and proceed with the agenda under urgency as if it had passed.
Now a minority of the MEPs (331 out of 720) - but a majority of who were present at the time and chose not to abstain - have voted to deal with the matter under urgency, but haven't voted on the substance of it. This makes the actual vote happen on the last sitting day, when apparently they are hoping a lot of MEPs will be away.
The first sentence is correct, but
> The Council decided Chat Control was on the agenda
The Council is different from the European Council (yes, the treaty drafters were not much creative in naming institutions), the latter is composed of the heads of states and sets the agenda like you said, while the former is composed on ministers in the policy area under discussion, and it's a "co-legislator" together for the Parliament (on most areas, including Chat Control 1.0 & 2.0, both must agree to pass an act).
The issue here (it's part of the "democratic deficits") is that, in its second reading, the EP needs an absolute majority to amend/reject the Council first reading, and a simple majority to approve it and pass it into law.
The parliament rejected the proposal twice. Yes the governments support it, but not the people of European countries
And who exactly elects the governments I wonder? Aliens?
uhm, the will of the people is often already half-lost with the politicians/parties they directly elect, so I would hardly consider another layer of representative "demo"cracy on top of another layer of representative democracy following the will of the people at all.
But true, I blamed this on the Commission when I should have just started with this criticism of the overall system.
Is it really supported by the people, or just the politicians?
If the former, the EU is an autocratic democracy. If the later, an autocratic oligarchy.
Either way bad. Only true democracy in Europe is Switzerland where the people actually get to vote on laws.
We have representatives in Switzerland, please don’t misrepresent our political system to push your anti-EU agenda. We do not vote on every single laws. It’s a semi-direct democracy. A representative democracy is the most common instantiation of democratic systems.
Representative democracy vs direct democracy is the actual dichotomy you’re looking for.
Making it not illegal for Facebook to scan your DMs is not autocracy. (And we know Facebook does that whether it's legal or not.) To make it autocracy, at a minimum they'd have to mandate the scanning, which is Chat Control 2, which is still not passing.
From a post on Mastodon:
> democracy is when you repeatedly push for unpopular laws until they pass, and the more times you do it the more democratic it is
It is unlikely that 60 additional “no” votes can be found by Thursday to stop this.
They only have to win once. You have to win every time.
Just as there a counter-suits perhaps we need more counter-laws. When something like this is defeated, a law is instead introduced to make chat control explicitly illegal.
If someone's asking too many times it's abuse.
To repeal it you only need to win once too.
Not quite, the EU parliament can't propose new laws nor repeal existing ones, only amend them and vote on proposals from the commission.
The Stop Killing Games campaign, for example, has noticed that the EU commission keeps repeating lobbyist lies and has no expectations of new laws actually passing, so they're focusing on amending existing law through parliament.
The repeal would have to be proposed by the same people who proposed the law in the first place. The European Parliament can't initiate the process on its own.
I want them to win. The internet is stupid right now. A culture eating its own tail.
Pray tell, how would stepping closer to a dystopian hellscape help the internet from eating itself? Somehow, having omnipotent watchers is going to make the internet... more fun and welcoming?
I think he means that maybe it‘s for the best if „the internet“ in its current state dies, i.e. people move on from the current platforms towards other ones or real life.
That’s exactly what I mean.
You could do us a favor and start by signing off yourself.
Accelerationism doesn't work.
So basically the people we elected will vote yes. How's that undemocratic? Because the majority doesn't vote the way I like it? I'm not even ironic, I truly don't understand those comments. You get what you voted for, garbage in garbage out.
All votes have a certain margin or fluctuation, as individual representatives can be pressured, swayed, or coerced by any number of means. If a vote fails over and over again then eventually passes under dubious circumstances (start of vacation when attention is elsewhere), that seems to be against the spirit of democratic rule. At least to me, but what do I know? Maybe everyone loves this outcome and all the prior rejections were just a fluke.
> How's that undemocratic?
Because they're not representing the needs of their constituents? Democracy is more than just voting—and if it wasn't, most states we think of as authoritarian would also be democratic.
Well, you can imagine a bunch of scenarios that match the "try repeatedly until it succeeds".
One good case: The original rule was good but had specifics that made it unpopular. Retrying repeatedly is a pathway to refining it into the minimal valuable version that is acceptable to all.
One bad case: The original rule is terrible and progress was stopped only because of public outrage. The assumption of the public is that a groundswell of opposition will cause a fundamental rethinking. However, because such outrage cannot last, repeated attempts will cause fatigue in the public opinion and resignation to pass anything.
If the situation is closer to the front it's "democratic". If it's closer to the back it's "not democratic". One represents a refinement to match the will of the people; the other relies on our human inability to focus tremendous energies continuously on a broad front. Both match a representative democracy repeatedly tabling (haha) a bill.
I didn't vote for the person that was elected. Where's my representation?
The vast majority (72%) of European citizens are opposed to Chat control. Regardless, the proposal has been brought up and rejected relentlessly, mostly by action of politicians (commissioners) who are not directly elected to begin with. We have more than enough reasons to be furious.
https://www.patrick-breyer.de/en/poll-72-of-citizens-oppose-...
That's talking about a different Chat Control that has mandatory scanning. This is talking about an older Chat Control that allowed sites to scan on their own without getting in trouble due to privacy laws, which has been in effect but recently expired. The thing passing now is reauthorizing that older law.
We already had two votes to renew it before it expired, and both failed. The second one was forced by the EPP immediately after the first, and then they voted against it too because they failed to amend it even stronger before the vote.
Did you read the question of that survey? Talk about poisoning the well.
https://youtu.be/ahgjEjJkZks
What you have to understand about issue polling is that it's very easy to get whatever results you want if you simply instruct the pollster to ask in absurd ways. This was the question posed to respondents:
> EUR02a. Some politicians are calling for the automatic searching of all personal electronic mail and messages of each citizen for presumed suspect content in the search for child pornography. Suspected cases will be notified to the police. An advantage of this could be that more offenders are caught. However, according to police reports, in the vast majority of cases innocent citizens come under suspicion of having committed an offence due to unreliable processes. Please place yourself in the position that your personal electronic mail and messages are searched for suspect content. What is your opinion?
Obviously this is not a good faith attempt to understand if people support message scanning.
Since you don’t consider that “good faith” I have rephrased it for you, in a format you may prefer:
> EUR02a. In the interest of protecting children, some politicians are calling for the automatic searching of all personal electronic mail and messages of each EU subject in the search for dangerous, illegal child pornography. Suspected cases will be notified to the police. An advantage of this could be that more offenders are caught and children protected. According to activists who defend child pornographers, police reports indicate that a few innocent people may be mildly inconvenienced due to unreliable processes. Please place yourself in the position of a law enforcement official trying to catch these evil people, who is currently obstructed due to false questions of “rights” and “privacy.” What is your opinion?
I jest, of course, I’m sure you would prefer something more straightforward and less manipulative like “EUR02a. Do you support child pornography?”
I understand that you're trying to dunk on me but I don't get what the point is supposed to be. It's certainly possible to come up with other bad ways to ask the question. If someone was interested in genuinely understanding the public's opinion, rather than including a demand to take some particular perspective, they would ask things like "Do you support online platforms scanning all personal messages for child pornography?" or "If you had to weigh the two, would you consider detection of child pornography or the right to privacy to be a higher priority?" And of course for the latter you’d randomize the order in case people are more or less likely to pick the first option.
I suppose the gold standard would be to present detailed arguments from each side with evidence (if any), for context. Barring that, the original question did seem to provide a rough summary of each side’s position. It may be weighted towards the anti Chat Control side, with the formulation “pro says this, but anti says this, and imagine that you are affected”. So perhaps they could have asked a reverse formulation 50% of the time to be more fair. But the poll was commissioned by Breyer, and of course he wanted to bolster his position.
Your context-free formulation on the other hand provides no information for voters to weigh. Privacy or child porn detection? Well I guess I’ll pick child porn detection. Oh, you wanted to do what to my privacy? Never mind!
Even your slightly longer formulation doesn’t really explain what scanning means and how that might affect people and society. Most people aren’t familiar enough with technical and legal details to dig into the implications without added context.
You could just write the simple effect of the law: "EUR02a. Facebook employees read your private messages. If they see child pornography, they will call the police."
It's important not to phrase it as "read your messages to detect child porn..." because that implies they won't do anything else with the messages, and Europe is a place where they still assume that if someone says they do X to do Y, they're only allowed to do Y and severely punished for doing anything else.
What scanning means, and how that might affect people and society, are precisely the issues in dispute. A poll which tries to provide arguments and evidence about contested issues cannot yield meaningful results. To pursue this line of reasoning, for example:
> Your context-free formulation on the other hand provides no information for voters to weigh. Privacy or child porn detection? Well I guess I’ll pick child porn detection. Oh, you wanted to do what to my privacy? Never mind!
you might ask questions like "How comfortable would you be with your personal mobile provider scanning your chats for child porn?" or "What would you consider to be an acceptable accuracy rate for such a scanner?". Then you could reasonably infer that respondents who say "not comfortable" or "90-100%" oppose Chat Control, because Chat Control will perform such scans and they're not 90% accurate. (Someone else who thinks the scans are 90% accurate might respond that your interpretation is wrong, but this dispute would not call the poll results themselves into question.)
Yes, and it would have been great if the EU had asked these sorts of questions publicly to develop its policy. Instead it was developed mostly behind closed doors, and it was up to politicians like Breyer to oppose this in Parliament. He presented the question as a political opponent would, although he gave an “out” for people who disagree—you can still answer his question by supporting Chat Control if you feel most strongly about catching criminals.
I don’t think the voting result would be different if he had been even more fair about this question, as the poll is not something that MEPs are going to care about. This was clearly designed to be passed by any means necessary, and this time they got it through. But at least now people have a poll to use when they campaign to repeal it in the future, or when they want to point to the unrepresentative nature of EU decisions like this one.
They keep voting on surveillance state measures that the oligarchy wants that will limit the freedom of the people.
They keep voting and voting and voting until the energy of the people to protest diminishes or they find a way to get it in.
There needs to be a counter-balance where politicians can be removed or even punished by the people for proposing unpopular bills.
So many comments about the EU constantly re-trying the same law with minor tweaks, and about how legislatures do this in general. I wanted to provide an explanation for this behaviour.
The way legislation is expected to proceed in countries with parliamentary systems, especially with strong civil services, is that
1) a problem is identified. This can be the civil service detecting it on their own, petitioning from groups impacted by the problem (lobbying, the public etc).
2) The government prioritizes problems to solve according to political imperatives.
3) The civil service and/or parliamentary committees gather evidence on the problem and possible solutions.
4) the civil service and/or committee report on the issue. In practice this always finds the solution that the government wanted.
5) A bill is drafted based on the report.
6) The bill then proceeds through parliamentary committee, legislative votes, and whatever else is part of the lawmaking process.
When we see this issues fail, it's typically at step (6). But the problem still exists, and the issue is still on the agenda. It's still a priority to solve. So steps 4-6 are re-tried with different parameters that hopefully allow the bill to pass and the problem to be solved.
Just failing to pass parliament is not enough. You also need the political leadership to redirect their prioritization and implicit preferred solution.
I'm not saying this is good, just this is what happens.
Step 6 is entirely missing in the EU. The parliament doesn’t form a committee to debate and perhaps refine the law, it just votes on what is put before it.
The Parliament has many committees that do exactly what you're saying, while the Council meets in various configurations of national ministers depending on the law being voted on
Which makes this effect even strong, because the civil service and it's internal priorities are long lasting and don't change with elections.
> But the problem still exists, and the issue is still on the agenda. It's still a priority to solve.
People are pushing back on this every single time. Maybe it's time legislators read the room instead? Is there a step for this too?
Until legislators fear loosing their seats more than they desire a policy, they're not going listen to the people. That's why political manovering, lobbying, activism etc are part of the political process.
It's even worse for places like the EU that have a strong civil service or with a branch like the EC that isn't elected, because the processes above are very insulated from the general public
But for chat control the problem never existed in the first place.
Except the only need Chat control is fulfilling is the governments and bureaucrats need to control and check all civilian communications.
“We decide on something, leave it lying around, and wait and see what happens. If no one kicks up a fuss, because most people don't understand what has been decided, we continue step by step until there is no turning back.”
And
“If it's a Yes, we will say 'on we go', and if it's a No we will say 'we continue'.”
- Jean-Claude Juncker
And the worse part is: they do that because the alternative means you're building a railway on a surface tunnel because some people don't like it (or worse, not building anything)
Most infrastructure in Europe predates the EU by quite a bit
I'm taking about HS2
Even if you are not in the EU, this will affect you. Some countries really like to copy such regulations from others. Once services starts complying, other governments will go like "if you did for them, you can do it for us, right? so it's not technically impossible", and things only get worse from there. Not all services will simply block the EU as well, which would be better to send a stronger message if approved.
I really fear where this is headed.
Centralized messaging services won't last long, their capture is sadly inevitable. In the long run, only self-hosted/decentralized protocols can resist what's coming.
In the meantime though, Signal specifically should not do something stupid like blocking the EU, which is basically surrender. They are a non-profit headquartered in the US, so there are zero business risks to non-compliance - nothing in the EU to fine or seize. And the EU has no jurisdiction over servers in the US, all they can do is build their own Great Firewall. (However, they might pressure AWS to deplatform Signal - hopefully the team is prepared for the possibility that self-hosting will be necessary soon.)
> Centralized messaging services won't last long, their capture is sadly inevitable. In the long run, only self-hosted/decentralized protocols can resist what's coming.
Very much. I also fear they coming for this, we already have instances of where using secure alternatives tags you as a criminal[0], so i don't doubt a future where non-approved applications will get you in trouble. With everything happening around Android locking itself down[1] and Windows being a spyware[2] anybody who wants privacy will be 'different', and can be tagged and excluded from parts of society for not using the same services.
[0]: https://x.com/GrapheneOS/status/1940440326830989549
[1]: https://news.ycombinator.com/item?id=48801059
[2]: https://news.ycombinator.com/item?id=48815196
This is why you should be building parallel networks and even institutions, as the Czechs did under Soviet rule (look up “Parallel Polis”). Mutual aid will become critical.
The trouble is that most conventional ways of building a new service are trivial to block. What is needed now is unstoppable messaging and social networking built on top of existing services and protocols that won't be blocked right away, services with more legal protection - like email with GPG, or some kind of steganographically encrypted layer on top of Instagram.
Imagine all I ever posted was cat pics... unless I have your public key and then all of a sudden those pics are decoded into messages of dissent
I am speaking beyond services, you need allies who are willing to come to each other’s aid, especially financially, but also for things like physically relaying data from place to place if that is ever needed. And for more mundane things like watching your house when you are out of town. Offline networks are going to become much more critical.
If I was signal CEO I would have self hosted years ago! There's many reasons for signal to be not on AWS.
I wish you were right, but the EU only needs Google and Apple, both having big EU businesses, to block Signal.
Google is already working on closing the possibility to install apps from outside the app store, Apple has been like that since forever. The fact that a few technically savvy users with rooted phones will still be able to use Signal doesn't mean anything. It will be dead if the EU decides they don't want it.
Signal is quite likely to fail on account being a single organizational entity running the service and refusing to adapt their protocol for federation. In fact, it might already have happened (partially) and you wouldn't know, because they're US-based. The US has the National Security Letters mechanism:
https://en.wikipedia.org/wiki/National_security_letter
the government can compel entities to let them access their systems and keep it a secret.
Also, if Signal runs on AWS, that is another potential vector of surveillance.
This is existing regulation being extended. It allows sites to scan messages. Not mandates.
These kind of responses is why it is hard to trust privacy advocates on HN. They are high on rhetorics, but half the time dont know what they are talking about.
I hope I'm being pessimistic about that. If I'm wrong, great.
I did saw it was an extension of the 1.0. To my understanding, "allows to scan" can also mean enabling a pipeline for accepting requests of scanning lawful content because, well, they can. In practice, it creates a mechanism to crawl people's information because when they feel like. While the law do make it explicit that this 'allowance' should not be used for anything else outside of the scope, i can't trust they won't. Once the mechanism is there, and that is valid for other countries, it might be used for stuff outside this scope since it's possible.
I work in the ISP field, and this happened in another context. First, a pipeline was built to block sites without a judge, because doing it only with court orders made it to difficult. After a few months of many ISPs complying the scope grew, now they can target piracy websites at will, and you must comply. Why stop there?
My fear is that this sets an example. I hope I'm wrong, but i don't trust them. There's a reason it was rejected before and it is being passed like that now.
Sorry for copypaste, but I still hope people will see true intentions of govt.
Just a recap how it happened in Russia:
1. First, year ~2015 legal framework was created under disguise of banning pirated media(specifically torrents.ru)(legislative push). State-wide DNS ban introduced. Very easy to circumvent via quering 8.8.8.8
2. Then, having legal basis, govt included extra stuff in banned list(casinos, terrorist orgs, etc)(executive push). IP bans introduced, applied very carefully.
3. Legal expanded allowing govt to ban specific media on very vague criterias(legislative push). IP blocks tried on some large websites. DPI hardware mandated to be installed by ISPs to filter by HTTPS SNI(executive push).
4. At ~2019 Roskomnadzor(RKN) created, special govt entity which enforces bans without court orders(legislative push).
5. ~2021 sites become banned if they are not filtering content by Russian laws by request of RKN(executive push). VPN services were obligated to also DPI-filter traffic(legislative push).
6. ~2023 Crackdown on VPN started(executive push). Popular commercial services were IP-banned, OpenVPN and IPSec connections selectively degraded by DPI.
7. ~2025 Heavy VPN filtering(vless, wireguard, etc) introduced(executive push). Performance of certain sites were degraded(youtube, twitter, etc).
Yes - this allowed companies like Google, Facebook, Snapchat etc to do what they already do (voluntarily) in the US and other territories - scan unencrypted user-uploaded or shared media for matches against NCMEC hashes, and image classifiers trained to find novel CSAM.
When you hear of "person arrested after NCMEC cyber tip" that's what this enables - people sharing or storing CSAM that was caught by this scanning, reported to NCMEC, and then sent to local authorities.
I have zero problems with Chat Control 1.0 as the existing derogation brought the EU into line with the rest of the world. Chat Control 2.0 is problematic however, but again, is not what's being voted on here.
I was curious to see how the MEPs voted, you can check it here.
https://howtheyvote.eu/votes/195338
For once I'm pleasantly surprised that everyone I voted for was against.
This is so cryptic that I wouldn't even know if for or against would mean for or against 'chat control'
"For" means that the MEP voted for extension of Chat Control 1.0
"Against" means that the MEP voted against the extension of Chat Control 1.0
I genuinely mean no disrespect here, but if the title reads as cryptic, your sources haven't been fully informing you about the issue. "Derogation from certain provisions of the ePrivacy Directive" is just what Chat Control (or at least Chat Control 1.0) means.
Why are we so passive to the promotion of such scams?
I keep telling people about such things and I am looked at as nerdy, geeky or boring.
But this stupid reaction finally explains to me why human life for ordinary people will always largely be a life of suffering.
> I keep telling people about such things and I am looked at as nerdy, geeky or boring.
Hm, yeah, we have our work cut out for ourselves. Politicians can't do nerdy nor geeky, but it's their job to talk in a way that moves people. That's why we keep electing absolute idiots that can't even speak that well, all things considered, but who can "charm", for a given definition of charm of course. To be heard we need to remain nerdy and geeky at our core, but talk in a way that moves people.
In this concrete instance, what I do when somebody brings Chat Control to the conversation and other listeners start to roll eyes, is to derail the conversation with colorful yarns about how we did surveillance in the old days of the Soviet Union, and what we did with anybody who was rattled for giving a foul mouth to the Party. "Yes, we didn't have Siberia, but the heat and the savage ants in those sugar cane plantations were damn fine, and honestly you don't need any particular geography for a good old beating... Catching them dissidents was the hard thing, but it all would be so much easier these days... Hey, have you noticed how you talk about one thing and Facebook start popping ads about it almost at once? Does it listen to all our diatribes? I'm pretty sure that's the stuff Chat Control wants..."
You have to dumb it down and make it more oriented around some kind of nefarious long game.
average people never have skin in the game too. They barely understand a lot of the things that make things possible
First they tried to approve software patents during an agriculture and fisheries council session, now they are bending procedural rules to hack it in before summer vacations. Some weird form of democracy™.
The real joke is that these MEPs leave for summer break like they are school children and their attendance doesn't matter to the whole.
No one will do anything to stop it, nor ChatControl 2.0 in the future. No one will revolt, or seize the government in response to anything that happens.
The world that Liberal Democracy has built has escape valves (tv/streaming/videogames/entertainment, the illusion of democratic choice, mass media and information overload, public demonstrations) for the anger of the massed which despite in older times caused a government to fall or a revolution to start, today cause nothing and are comfortably absorbed or even assimilated for profit by the system itself.
In your doomed reality maybe, but in this reality it was already stopped a couple of times and chances are good, that it will be stopped again - unless people believe all is doomed.
Exactly. And don't forget complaining on the internet. But algorithms will ensure few will see it.
If this is true, then the system will eventually collapse upon itself, as its governance feedback loops have been broken. No defeat is permanent.
Is anyone working on a "No chat control at all, ever law"? If these can be defeated, presumably one of those could become law.
A “no ever” law requires a constitutional majority. And for this concrete case, some member states effectively already have that via privacy guarantees in their constitution.
Finally, it’s important to realize that the power of laws is limited to the extent that people are able and willing to enforce them. Some dictatorships have wonderful things in their constitution that are not heeded at all.
I would have thought that the right to privacy as a fundamental human right would have been sufficient. But apparently not....
Equally, there is abundant precedent for forbidding interference with old-fashioned postal communications, that seemingly doesn't translate to electronic communications...
This happened in Switzerland with cash.
All new laws should be given a trial period where the lawmakers are forced to live with them for 90 days before the public is subjected to them. At any time during that period lawmakers can change their vote.
In addition there should be pretty specific criteria to determine if the law is successful or not. After 90 days it can be evaluated, and either rolled back or extended
This is an incredibly good idea. 90 days is too short to feel the effects of some things though. Better make it a year.
The downside is "lets try giving everyone basic income of $100k/week". But apart from that great!
The other downside is that even good laws would not pass, because it would mean for MEPs having to constantly identify themselves as such.
The Wikipedia entry on Chat Control doesn't go into enough detail on what exactly it does, only the history of its legislative process. Can someone update it?
Part of the confusion is that there are two things involved here; 'Chat Control 1', an existing (but expiring) derogation to the ePrivacy Directive which allows, but does not require, providers to scan messages. 'Chat Control 2', which you'll likely have heard more about, would _require_ providers to do this. The wiki article is quite poorly written and implies that 1 is an earlier version of 2, which isn't really the case.
Anyway, this is about Chat Control 1.
It's probably line item 156/289 on some intern's list of things to check once a week and make sure it "looks good". Politicians engage in just as much publicity management as big corporations do.
Just assume the worst: all your private messages would be read and shared between all governments and corporations in the world.
No, I want to know specifically.
As I understand it, chat platforms provider will not be held in violation of the data privacy laws if they add automatic detection and reporting of unlawful content to their platforms. E.G. a CSAM detector in a client app for an end-to-end-encrypted messaging service would be lawful.
Chat Control 1.0 is essentially the existing derogation that allowed cloud providers and messaging apps to do what they do in the rest of the world - voluntarily scan shared media against NCMEC hashes and novel CSAM image classifiers.
We're not talking about E2EE here, we're talking people sharing CSAM on Kik, or Snapchat, or sending it via gmail, or uploading it to DropBox etc. etc.
It also allows inclusion of client side scanners in E2Ee messengers. It seems that nobody did it (yet), but as far as I can tell, it is within the scope ofthe exception.
It is - but again, voluntarily.
You're looking for an answer that doesn't exist. The term "Chat Control" was coined by the opponents of these proposals to express their worst case assumptions; they reject the idea that the specifics matter, because they fear that any kind of chat scanning can be abused in basically the same ways. Supporters of chat scanning proposals don't call them "Chat Control" or view all such proposals as part of a unified whole.
The answer is already specific, but not complete.
Heinrich Heine, 1848 (Vormai) penned this:
"Memories from Krähwinkels days of terror" (my translation - the original is of course leages better)
It's sad to see we pretty much have forgotten the history leading to this poem and how we are reverting so much as a society.Part of me wants Chat Control to get passed so that there is more incentive for at least the tech literate to start using more decentralized messaging tools.
They won't.
But afaik Chat Control 1.0 was/is in effect but expired. It's not relevant to Signal or Whatsapp because they're e2ee, it's relevant for eBay, Linkedin, perhaps SMS.
I might be wrong, but i read it as the application reads the message before any encrytion actually happens
Is this Chat Control 1.0 or Chat Control 2.0?
This is about Chat Control 1.0 (voluntary scanning).
Combine with https://news.ycombinator.com/item?id=48823557
Orwell
The more people become criminals the harder it becomes to enforce the law. This is especially ironic because criminals that genuinely matter and cause wide-scale harm won't even be impacted by this.
Yeah. That’s really the dumbest part. Criminal will be using systems that don’t follow EU rules
I think this all came from trying to enforce rules on people that shit talk on the internet which is especially pointless now cause you may be trying to enforce law on a random AI agent.
Reminder that EU institutions were designed from ground up to smother democracy:
- Members of EU Parliament cannot propose regulation, only the unelected Commission can, MEPs can only vote yes/no
- EU Parliament is the only parliament in the world where an absolute 50%+1 is needed to reject a bill, ignoring how many MEPs are present/voting. In every other parliament, a quorum requirement plus a majority vote is needed to pass a bill.
This is all fixable by changing the treaties. The first step to fixing it, however, is to give up fundamental opposition to its existence and instead support the underlying ideals and approach the shortcomings from a constructive angle.
The alternative is feeding nationalistic right wing extremism, which we really don't want in Europe.
This is a false dichotomy. There's way more options on this spectrum than 2 extremes.
It is really worrisome to me that such a procedure is even possible. I don't understand all the EU voting rules, they are so complex that it feels to me like if they want to push something through there is always some way to do it even though the vast majority of people don't want it.
This is the anti-EU move but they simply don't understand that.
Authoritarian centralization efforts need to be fought Huang style - with an European twist - as we might be behind on a lot of axis but we "Didn't Wake Up a Loser".
China / US leadership must not be the carte-blanche to formalize whatever low bar in how we handle our own privacy; going straight for the "self own" I guess?
Sorry for prompt mode but I hope this is at least somewhat legible to fellow Europeans, if not please listen to antirez in original Italian or auto translated:
https://youtu.be/cmYiWsFn3GM
I hear quite a few tangents in there; the main one being: especially in EU we need to go "agentic". Don't wait for politics to do The Right Thing. They should play retrospective backup at best.
I'm thinking they might be actually thankful for having been provided vision / imagination.
Team up with the bureaucrats after the fact but don't listen to them too much - again - to Do The Right Thing. Especially when they are potentially infected by lobbyists...
FFS I hate this timeline; we really need to show up for real. Again and again and again and again...
Huang style? What does this mean?
Maybe a "lousy analogy" but here you go ;)
https://youtube.com/shorts/u3SY8nvjhQA
Don't give up on core tenets basically; the EU is a (comparatively) great place to live because it's a free place.
We can't have multitudes, be "antifragile" etc through centralization and surveillance.
Even if we were to believe this to be a winning move, it's not how this European project was envisioned and we won't ever be able to truly "compete" at that game.
In these times hence we IMO should be doubling down on the core tenets; freedom being chief amongst them.
Akin to how Huang in that interview alludes to globalization and how it made him / USA a winner.
"No means yes" in government form.
Hilarious that the politicians, the very people who are pretty much always ousted as some form of degenerate pedophile the world over, are the ones pushing for this bullshit and explicitly carving out enclaves where their messages don't get scanned.
Absolute fucking joke
Hopefully this could be the first good thing about Brexit...this might not get implemented in the UK or there will be a delay!
The way the uk is legislating online stuff lately I’m expecting UK version to be worse than EU
UK already technically banned encryption, causing Apple to remove the encrypted cloud service for UK customers. Check UK's "Investigatory Powers Act (IPA)"
> Hopefully this could be the first good thing about Brexit
Was having lots of people's lives saved by a much faster vaccine rollout not a good thing?
Please mark sarcasm as /s
"perché uno uomo che voglia fare in tutte le parte professione di buono, conviene rovini infra tanti che non sono buoni."
So, private companies can't track you, but the people with the state's monopoly on violence can?
This is how everything seems to go with the EU. Great idea followed by something objectionable.
i'm so tired of this bs, these elected people act as tsars, even when said NO they try again and again while employing shady tactics and there is no way of punishing these a**holes. Elections exist, but when same 35% (number taken out of butt, but point is - it's low) of people vote we get same sh*t who elects same sh*t to EU. And i don't know about other countries, but my country sends complete degenerates to EU, like litteraly degenerates.
Effect of law enforcement not doing their jobs. Chat Control is illegal in many countries including Germany and that includes preparation for the roll out. Just need a prosecutor with a spine.
If we're gonna be undemocratic, can we at least also get have bullet trains and expanded social programs?
I wish… instead in Germany we are getting Merz disdain and mandatory doctor approval for sick days…
> Meta, Google or Microsoft ... to voluntarily search private chats, emails, and messenger services for material related to [excuse]
Look, there are no private chats on any platform or app provided by Meta, Google or Microsoft. They are known to send a copy of everything at least to the US government (the Snowden revelation). So, what's it to them to also do searches on behalf of European authorities? Plus, what do you mean, you don't want to? Are you for the pedophiles? Maybe you're a pedophile yourself! Search his chat logs, tout de suite!
We must really get the people around us to stop using WhatsApp, Teams, GMail, and all of that junk. There are excellent alternatives - we are only a laziness' reach away from actual half-decent privacy.
Lobbyists running the show. It's kind of a copy/paste of the US system.
i'm so tired of this bs, these elected people act as tsars, even when said NO they try again and again while employing shady tactics and there is no way of punishing these a*holes. Elections exist, but when same 35% (number taken out of butt, but point is - it's low) of people vote we get same sht who elects same sht to EU. And i don't know about other countries, but my country sends complete degenerates to EU, like litteraly degenerates.
> ... these elected people act as tsars, ...
They are not elected. Even the EU is illegal, since joining the EU was rejected by people of many European countries, but that was ignored.
They just do what they want and do thorough media coverage. In rare cases that doesn't work, people just dissapear.
Talked to a fellow European coworker recently and they seem very supportive of chat control and that it was necessary to stop "far right nationalism" and then I pressed on for them describe what it is and they got angry and refused to clarify. I think this is a good snapshot of where Europe is right now that chat controls have become politically weaponized and people who are supportive of it seem clueless as to what it actually is proposing.
Future looks very dim for EU as a whole, I'm glad I left it for America
you're right, the US is totally freedom and stuff. no problemo that you gotta show your social media accounts when entering, so you can get checked for alignment with the regime. no problem at all. both suck atm, that's the truth
Life in EU seems like a mother-in-law simulator.
Like cool you get leftovers you can warm up (never something fresh, innovative), but then you also have to deal with the drama and cringe.
The cypherpunks were right. Rights to encryption are only a part of what we need.
The other part is steganography, or hiding real messages within a innocuous anodyne message stream. And encryption can be used in conjunction as part of hiding said messages.
It can be within pictures with the lowest bit values. It can be constructed punctuation and spaces. Lots of things.
But hidden and plausibly deniable messaging is the ONLY way to defeat a government(s) that want to invade every communication aspect for humans.
The trouble with pictures is that when you share them online the platform will likely compress them before serving them to others, spoiling your steganography. I think text-in-text is the way to go. Decrypt that recipe for brownies into the actual message. For example: https://arxiv.org/abs/2510.20075
One can host their own private or semi-private forum, chat server, chan board, etc... and choose not to re-encode the images and/or permit .tar .7z .zip archives and so on. Keep the bots away with basic auth to minimize skiddie risk to platform RCE's.
It's unlikely people can move their friends to their own platform but the best way I have found is to call it a "fall-back" platform for when Discord and others are temporarily offline. Get people used to the idea that is the place to share things they do not want leaked when the big platform 3rd parties expose files. The admin can encrypt the storage and periodically zero out files and zero out empty space for privacy.
People with slightly higher opsec may choose to block mobile proprietary devices.
Joining a private space that's set up for steganography, or facilitating such a space either by self hosting or by logging in somewhere as an administrator, is sort of at odds with the nothing-to-see-here approach that steganography takes. An adversary that has compromised one message can then use whatever metadata is intrinsic to that space to suss out which other plaintexts might contain a secret, and which other humans might be exchanging secrets in that place.
The ideal hiding space would be visible to the public, and indistinguishable from a mountain of other material that's visible to the public--especially if they don't have to log in to see it. That way if a message is found, the search for co-conspirators doesn't narrow at all.
In that case I think you may be out of luck as most platform change the images. Sometimes they just remove exif data but some compress or optimize in their view the images. In that case maybe find a public site that allows archive files.
My point is that text is a better medium for this anyhow.
What I don't understand is, what kind of legitimate criminal would not use such techniques? Are bank robbers planning things out on iMessage? If so, presumably they won't be criminals for very long. Therefore these types of initiatives only impact the innocent and inept but still active criminals.
The purpose of these efforts is not to catch criminals, at least not primarily, it’s to map the spread of “dangerous” ideas and the networks behind them. In other words, to prevent effective political change.
Found a new problematic meme? Someone leaked a video of you taking a bribe? Someone published a photo of damage from a missile strike? Add it to the database of forbidden media and quickly track down the source.
They'll make sure to catch just enough criminals that when you say it's all bullshit some snooty waste of oxygen on HN can say "well akshually" and link you to some cherry picked news story that makes it all look like a good thing because they caught some small time house painter dumping waste paint in the sewer or nabbed someone for selling vapes to teenagers.
The past has shown that “legitimate” criminals tend to be more careless and have a poorer technical understanding than you’d think.
This is not a defense of surveillance, just that your argument doesn’t hold as well as you might believe.
Security is the reason given to us since most of us are too trusting or dumb to look any further into it. It becomes clear security isn't what they're doing it for after giving it more than a few minutes of thought
Epstein used Gmail
True!
That's an excellent take.
Unfortunately, verified devices will close that loophole.
Local governments are likely to block the initiative. We need a Polish based messenger that won't bend to chat control fascist initiatives.
Nothing is brought to the Commission that local governments do not secretly want, but publically rage against because the voters are against it.
When Brussles then decides, 'there's nothing we can do, it's an EU thing' ... and a moustache-twirl.
The only thing that can stop this is to completely dismantle the EU. Which means, unfortunately, voting for people any good person should rightfully despise.
Dismantling the EU is like burning down your own house to get rid of flies. That is absolutely not the right solution. Without the EU, chat control would already have been implemented in its worst form everywhere, just as it already is in the UK. The UK left the EU and implemented its own version of chat control.
So now that this is done the first thing we need is a list of platform covered and potentially covered by Chat Control.
It is still unclear to me if Proton Mail, Tuta, SimpleX servers, Signal, etc. fall under this or might.
Do they even have to officially declare if they are complying?
I'm always astonished how democratic politicians willingly allow for tools which might be misused by a future undemocratic party.
I'm not a politician or some civil rights activist but I can see that. It's right there. We have a similar situation in Germany these days. We'll be giving more rights to the Federal Intelligence Service ( foreign intelligence) and the Federal Office for the Protection of the Constitution (domestic intelligence). Basically allowing them to act more offensive (or offensive at all).
We're one or two elections away from having fascists in the government again.
Is it already a conspiracy theory if I suspect them of doing that deliberately because I can't imagine them being stupid?