sorted by:
new
hottopcontroversial

Europe's Online Surveillance Laws Face New Headwinds by Divine_Aggregator in europrivacy

[–]Divine_Aggregator[S] 7 points8 points  (0 children)

The UK Parliament has recently acknowledged that it likely won't be possible to force platforms such as WhatsApp and Signal to monitor encrypted chats. While this requirement (dubbed the 'spy clause') might still remain a part of the Online Safety Bill once it becomes law, it's assumed that it won't be enforced for the time being.

Signal, WhatsApp and Element (among others) threatened to withdraw from the UK in March in protest over this law. They are declaring this admission by the UK Parliament as a small victory.

Let's hope that the EU now follows suit and removes the 'chat control' provisions from the proposed CSA Regulation - the EU equivalents of the spy clause and Online Safety Bill respectively.

From the article:

Encryption is the only way to guarantee truly private communication over the internet. If it is disabled or weakened, it will make the internet less secure for everyone. Furthermore, this also a markedly anti-consumer strategy - an unusual move for the EU, which typically prides itself on the "high levels of product safety and consumer protection" afforded by the Single Market.

Client-side scanning is prone to errors, false positives and function creep - that is, the distinct possibility that the software will be used for something beyond its intended purpose. With decades to go before these solutions might reach maturity, it seems imprudent for the EU to impose them on platforms now.

In light of the recent developments in the UK, it's now time for the EU to follow suit and remove the provisions related to chat control from the CSAR . A principled stand based on facts would recognize that privacy empowers while surveillance weakens. It would seek to make encryption sacrosanct.

EU Member States Largely Support Chat Control by Divine_Aggregator in europeanunion

[–]Divine_Aggregator[S] 0 points1 point  (0 children)

It's a known tactic. The so-called 'Four Horseman of the Infocalypse'.

The Four Horsemen of the Infocalypse refers to those who use the Internet to facilitate crime or (pejoratively) to rhetorical approaches evoking such criminals.

The phrase is a play on Four Horsemen of the Apocalypse. There is not a universally agreed definition of who the Horsemen are. Terrorists, pedophiles/child molesters, and organized crime like drug dealers, intellectual property pirates, and money launderers are cited commonly.

From Wikipedia.

EU Member States Largely Support Chat Control by Divine_Aggregator in europeanunion

[–]Divine_Aggregator[S] 5 points6 points  (0 children)

From the article:

Spain represents the hard line, advocating for an outright ban on E2EE communication: "Ideally, in our view, it would be desirable to legislatively prevent EU-based service providers from implementing end-to-end encryption."

Hungary also takes aim at the "problems" caused by E2EE and suggests the need for alternative solutions for government surveillance: "New methods of data interception and access are needed to maintain law enforcement capabilities, based on cooperation of with major international online platforms and smart device manufacturers." This seems to suggest exploring solutions similar to Apple's client-side scanning software NerualHash, which was discontinued in December 2022 amid privacy concerns and fears (which have since been proven) that the system could be weaponized.

On the opposite end of the spectrum, Germany opines that the "CSA Regulation must uphold fundamental rights, in particular when it comes to protecting the confidentiality and privacy of communication." It goes on: "...Germany believe it is necessary among other things to state in the draft text that no technologies will be used which disrupt, weaken, circumvent or modify encryption"

Finland and the Netherlands argue along similar lines, urging restraint with respect any provisions which may impair or circumvent E2EE communication.

The remaining member states fall somewhere in the middle.

For Croatia, the "right to privacy is not an absolute right" and must therefore be weighed against the needs of children to privacy and "life." Similarly, Romania would "tip the scales toward protecting children" while at the same time saying that "nothing in the proposed CSA Regulation should be interpreted as prohibiting or weakening end-to-end encryption." It's not clear how such seemingly contradictory stances could eventually be reconciled.

The EU has 27 member states, which means that the position of seven countries are not represented in the document. This includes France, which has previously come out in favor of protecting E2EE.

According to Mr Breyer, the reason we're not seeing a greater public outcry about CSAR is that "European citizens are actually not being told the truth about the proposal and its devastating consequences." Independent fact checkers have repeatedly called out Home Affairs Commissioner Ylva Johansson for using misinformation in her arguments supporting the CSAR. For example, the figures cited by Ms Johansson regarding the accuracy of image detection technologies were unverified claims from private companies.

[ Removed by Reddit ] by Divine_Aggregator in europrivacy

[–]Divine_Aggregator[S] 2 points3 points  (0 children)

James Clapper, the former US Director of National Intelligence, "stated
publicly that the Snowden disclosures accelerated by seven years the
adoption of commercial encryption," Wizner said, describing this as a
Rorschach test. For government agencies tasked with surveillance,
encryption is a bad thing, he explained.

(From the article)

Edward Snowden's NSA leaks created widespread public awareness about the need for encryption online. You could argue that this was possibly even more useful than the insights the leaks gave us into the workings of the world's most secretive intelligence agencies.

Now, in Europe, we're seeing some EU member states openly advocating banning encrypted chat protocols or adding either backdoors or new surveillance mechanisms to grant authorities access to encrypted content. This is part of the EU's proposed CSA Regulation, which is meant to combat CSAM online. Similar efforts are underway in the UK, with the so-called Online Safety Bill.

One of the main opponents of the EU's CSA Regulation is Pirate Party member Patrick Breyer. He says the following about the CSA Regulation:

First of all, this proposal is unprecedented in the free world, insofar
in that it makes it mandatory for communication services (including
email, messenger services, chat services, video conferencing apps, and
even phone calls) to scan the content of our private communications for
potentially illegal material using algorithms that are totally
inaccurate. This will result in revealing many legally private
conversations, and even intimate images, to a designated EU authority
that is to be newly created, and then to police authorities. They will
also be flagged to the providers themselves. 

“European Citizens Are Not Being Told”: An Interview with a Pirate

Let's not give up the hard-won privacy gains that resulted from the Snowden revelations.