The EU could be scanning your chats by October 2025

That's why people need to always pay attention to this stuff. They only have to win once to make it "precedent" and "the way it should be, obviously". THe people in power want to remain in power forever. This is one of the main ways they can stay there, by monitoring every single moment of our lives, even the most private of messages. Of course they will always have private back channels to collude, but the rest of us are cattle to them.

I'm confused now: is now the EU the baddie or the governments? Because these are two different entities - and not at least, also "the EU" is a group of government representatives. So folks if you're in the EU and don't like something the EU does - you do have levers, go vote, campaign, do something to move your own folks to do something on the EU level. And if you're in the US maybe better check your own backyard, I think it's on fire.

Denmark is very liberal in some ways but very much not in others. MitID -- digital id-- is a gateway to everything and is very much gated in terms of access; it took me months to sort out. It's a crime to not tell the state where you live, or to have too many people living in your house (I'd love to know what happens if you give birth on a "full" house -- is there a grace period, or do you have to move?). The work laptop I have been issued with is filled with invasive spyware that no British university employee would tolerate, and it is run (very well) as a benign dictatorship. You can't get a phone SIM card without personal registration. The tax agency know exactly to the øre how much money you received and what you spent it on in a given year as basically every transaction is recorded.

I'm not complaining that much about it -- you have a fantastic social security system, low inequality, high pay and high taxes, leading to a happy and well educated population and great food (no upf!) -- but it is a vision of the 1960s nanny state that really does think it knowd best.

The way article is formulated little bit as clickbait.

Title tries to scare while content says it's just a topic being reintroduced. If anybody knows EU laws and is aware that to introduce such change all states need to agree... then I just wish DK good luck until it's anyhow confirmed at _all_ not many states do support this.

I come from different EU state and I first time hear this is big topic, seems then it's not such a big topic outside Denmark maybe?

> Everyone looking to Denmark as a model state should beware what happens when you have a population with such high trust in its government: the roots of autocracy are allowed to grow unfettered.

Denmark is currently one of the nicest places you can find in the world. If that’s what happens when you trust the government then sign me up!

PS. I know the situation can quickly deteriorate if you’re not constantly monitoring what the government does and agree with OP on that. Just thought it was incredibly naive to try to make the point that this can lead to an autocracy while showing one of the most well functioning democracies in the world. The USA seems like a much better example, and even then compared to most countries in the world, as you can see by the amount of people trying to move there, it’s still a pretty damn nice place to go.

Sure, but this is the same thing as saying "America is going to paint all birds orange" just because one person in the Iowa General House Assembly said we should do it.

Awareness is good but there is a fine line between awareness of specific politicians that suck and just misrepresenting the facts.

Curious if there is any push on the other direction

It is a bit like asking a girl to show you her private parts for years until she has a moment of weakness. That would make you a real creep.

The EU parliament is fake, and the unelected commission has become a pathetic clown show. Their latest VP addition, Antonio Costa, had to be removed from office in Portugal because he was too corrupt. But good enough for leadership of the EU commission.

They had a violent rhetoric, prolonged artificially to this day the Ukraine war and watched the population being slaughtered without sending any troops. So instead of loosing a few territory, the Ukrainian population is now dead demographically. If you prolong enough a war and the population is wreaked, the war is lost. This is what happened in WWI.

Just in the last few days they managed to be humiliated by both the US and China. China went so far to park them in a bus, arrive with no welcoming and have a walk of shame with in silence on a faded carpet.

The EU was about democracy, peace and prosperity. Today it is is pursuing the opposite objectives.

Downvote me if you want, I care more about staying alive than any internet karma points.

And it's a slippery slope. The UK already damned itself with the Investigatory Powers Act of 2016 that allowed for Technical Capability Notices to be served in secret to any organization they desired to backdoor.

Wow I didn't know the UK cared so much about inline functions /s

Do you know what's even funnier with the UK? Parliament has most of the power

This time it will pass while we're making noise. I've done so for a long time, now it's different.

AFAIK there is a rule like that, but it needs that the proposal was voted down. Chatcontrol was never voted on by the EP. They bring it up every half a year and it would not be voted on until they can be sure it would pass.

open source wont save you. if they make encryption without backdoor illegal they will just throw you in jail

Many OSS developers live in Europe and the logical next step will be throwing them in jail for production of illegal software.

So what would stop the list of hashes from being extended with hashes of copyrighted media, evidence of corruption (labelled slander or an invasion of the perpetrator's privacy) or evidence of the preceding abuses of the system themselves?

Once you have an established mechanism for "fighting crime", "don't use it to fight that type of crime" is not a position that has any chance of prevailing in the political landscape - see also all the cases of national security wiretaps being used against petty druggies.

> Ironically when Apple introduced their solution it was actually better than what we have now. It was interesting to watch people lose their minds because they didn't understand how the current or proposed system worked.

What, the cloud scanning of user photos was a good idea for you? The private companyt deciding what is good or bad idea? The automated surveillance that could lead to people wrongfully accused idea?

> f it didn't get flagged then it stayed encrypted on the cloud and no one could look at it.

If Apple can decrypt your data when they find a match, they can decrypt ALL your data. Who says it will be used for good? Do you trust a private company this much?

> Realistically if countries want to read encrypted messages, they can already do so.

How? Are you implying adynchronous and synchronous encryption is broken? Because last time I checked since Snowden our encryption is basically the one single thing in the whole concept of the internet that has been done very right, with forward secrecy and long term security in mind. AFAIK there are no signs that someone or something has been able to break it.

Also, the solutions you present do imply that someone already has the private key to decrypt. Sure, they'll say they'll just decrypt if your a bad person, but the definition of a bad person changes from government to government (see USA), and from CEO to CEO. Encryption should and mostly is built on zero trust and it only works with zero trust. Scanning, and risking the privacy of billions and billions of messages by having the key to read them because there have been some bad actors is fighting a fly with a bazooka. Which sounds funny overkill, but, fun fact, it also just doesn't work. It destroys a lot, and gains nothing.

I don't have a better solution for the problem. But this solution is definitely the wrong one.

> Realistically if countries want to read encrypted messages, they can already do so. Some do too. The fact that the EU is debating it is a good thing.

I agree that the discussion is evolving the bill every time and there are always good amounts of feedback and comments.

It’s a bit annoying when tech websites don’t always update themselves with the latest changes, just labelling it ChatControl doesn’t mean it’s the same policy that was discussed 5 years ago. It makes for good click bait titles, but the technical nuances are missing.

For example, one would be interested to read a comparison between the “privacy” of a tool matching photos against a database of signatures vs. say Apple’s performative privacy in the Photos app or the iCloud + chatGPT/Apple Intelligence mix.

The problem with the CSAM detection is that it can be used for adversarial purposes as well. For example if someone decides an image is politically inconvenient and pressures it to be blocked by hash, then Apple may have to comply or remove themselves from an entire market. Building the mechanism to do that is not acceptable in a civilised society.

And of course does this really solve the real problem of child exploitation? No it doesn't. It allows performative folk working for NGOs to feel like they've done something while children are still being abused and it is being covered up or not even investigated as is so common today.

Improving policing and investigatory standards is where this should stop. We already have RIPA.

All this does is create the expectation that a surveillance dragnet is acceptable. It is not.

> CSAM is also a list of hashes for some of the worst CP video/images out there. It doesn't read anything, just hash matching.

The list presumably contains CSAM hashes. However, it could also include hashes for other types of content.

AFAIK the specific scope at any point in time is not something that can be fully evaluated by independent third parties, and there is no obvious reason why this list could not be extended to cover different types of content in the future.

Once it is in place, why not search for documents that are known to facilitate terrorism? What about human trafficking? Drug trafficking? Antisemitic memes spring to mind. Or maybe memes critical of some government, a war, etc.

This is because, despite the CSAM framing, it is essentially a censorship/surveillance infrastructure. One that is neutral with regard to content.

I mean, it's not like you, your dad, girlfriend or anyone would be planning to perform possibly illegal culling of some species, now would you...???

There's lots of little privileges like this that only seem to apply to politicians. Like, lifelong retirement after just one year of work in parliament and government provided tax-free apartments in central Copenhagen.

The argument for the latter is that it is needed for them to be near the work, but if a private company provides the same to their employees the employee will be taxed by its full value.

Granted, it's less corruption than other places, but definitely still corruption.

The criminals will just use something that hides in plain sight.

I think it was Encrochat devices that booted into a fairly vanilla looking OS, and there was another platform where it was hidden in something like a calculator app.

Yes, 100%. I grew up in Europe, and have been in the US for the last 10+ years, with all of my family still in Europe. I think this gives me reasonable feel for the "situation on the ground."

The best way I can describe my social circles in the US and EU is that in the US, we still have "principled freedom", where there (still) is a majority of people that understand the original ideas of the founding fathers, and can imagine that things could theoretically be different (the word used for this is "tyranny", which sounded super weird when I first came here).

In EU, I see a total disconnect with any foundational principles or values. Worse is that the population would 100% disagree with you on this, but when you probe "what are these values and why are they there," you get mostly circular reasoning based on some neo-liberal viewpoints. Furthermore, people just can't imagine ever losing their freedoms. This makes Europe essentially like the frog in the pot on the stove. If you mention the word "tyranny" to Europeans, they basically think you're a crackpot.

I have seen things change a teeny bit with the war in Ukraine, where folks get at least somewhat concerned, but the concerns are still about an external boogyman. Nowhere is there any realization that big government, with a lot of unelected bureaucrats, typically becomes the enemy of the people because "power corrupts."

[flagged]

Don't know about other countries but in France most of the terrorist attacks have been coordinated using plain unencrypted sms.

The criminals aren't the masterminds people portrait in the movies.

That's trying to find a technical solution to a problem that is not technical.

The sad truth is that law enforcement doesn't have the resources to go after a huge chunk of the cases - particularly before anything serious happens.

For this reason giving them even more power won't markedly increase prevention, but will introduce more cases of people abusing said power. Ultimately the government is run by people, and people are fallible:

https://abcnews.go.com/blogs/headlines/2013/09/loveint-given...

They don't seem at all bothered about it in the UK, they try to cover it up.

As a parent, I can tell you it's insanely easy to manage allowing kids online. Don't.. or 100% supervised. Done

I am willing to increase funding for undercover operatives who infiltrate CSAM smuggling rings and bust them. But nobody asked for this. They always say it is impossible without breaking encryption.

Agree I love those LoRa devices & Meshtastic, but it requires your contacts to invest and carry additional hardware.

Now the most exiting project in that space IMHO is Reticulum because you can transparently mix transports: any radio (incl LoRa), TCP, UDP, etc. [0]

Their Sideband app [1] is not as polished as Meshtastic but you can start over the standard Internet, or I2P, yggdrasil and slowly introduce LoRa among your group of friends over time and if necessary.

Their LXMF messaging format is also interesting.

Those people are really doing a fantastic work.

- [0] https://reticulum.network/manual/interfaces.html

- [1] https://github.com/markqvist/Sideband

- [2] https://github.com/markqvist/LXMF

A minority may be pushing, but a majority is for.

If you look at actual history of Chat Control: it always had majority support, and it was always a blocking minority that stopped it.

If only.

What does this have to do with chat scanning?

Theyre not scanning the chats of the ones complaining, nor any multicultural people? It's about child abuse and it has been a thing for like always.

Also, weakening or prohibiting encryption has been discussed before this multicultural thing that you describe happened, and it will continue to. Like, literally since the start of the Internet the governments are fighting encryption hard.

[flagged]

I've seen it on the fediverse. Thanks to fediverse servers copying images to a local cache the moment something gets posted, hundreds or even thousands of servers started mirroring child porn because one dickhead liked to see the world burn.

My guess is that the source of the problem is that you can easily sign up for a service if it doesn't validate your phone number like every other messenger with a decent following does. If XMPP gained popularity again outside of corporate networks that use it without knowing, we'd also see it there, probably.

Matrix also seems to have gathered a following in the particularly unsavoury parts of a few *chan websites which probably doesn't help.

Due to the design of the protocol and to a degree the audience. Here's a bit more info in form of a video: https://www.youtube.com/watch?v=W8KEuAEYjQ4

> but nowhere seems to have such a CSAM problem as Matrix

Well Tor, i2p, freenet etc. are mostly csam anyway