In the past, we could have made a version of Signal without this spyware, to be installed as an APK (as I would expect the EU to force Google to ban the non-spying version from the app store). With the upcoming Android developer verification, this will no longer be a possibility.
Pretty neat how, out of the blue, two seemingly unrelated efforts manage to tighten together to create the perfect unavoidable storm.
I swear those Thursday bilderberg meetings are a thing.
The thing that depresses me about offhand references to bilderberg group is it's a missed chance to name real names. I don't know who they are, but from chat gpt'ing it looks like there's some particular agencies regularly behind these. One is "DG Home," an EU department on security that drafts legislation.
Another is Europol, a security coordination body that can't legislate but frequently advocates for this kind of legislation.
And then there's LEWP, The law enforcement working party, a "working group" comprised of security officials from member EU states, also involved in EU policy making in some capacity.
Perhaps targeted reform of these bodies is in order so they don't keep producing this legislation over and over. The blocking minority shouldn't just oppose the legislation itself, but make sure that their representation at those bodies is stopping those recommendations from moving forward. The legislating infrastructure needs to be challenged as much as any particular bill.
That's the fun part, they are all public conferences, like: https://initiatives.weforum.org/global-coalition-for-digital...
It doesn't have to be in secret, they can and do plan and coordinate these efforts in the open. When we hear about it, it was already planned for many years.
People have been talking about this for years. Corruption, authoritarianism and fascism is eating the EU from within and people who warned about it were called from tin foil hatters to just nutters.
It seems the general direction in all big organization on this planet. EU is definitely not immune, but perhaps the most resistant so far.
The Data Retention Directive was passed in 2006 by the EU. It was law of the land for almost a decade:
>According to the Data Retention Directive, EU member states had to store information on all citizens' telecommunications data (phone and internet connections) for a minimum of six months and at most twenty-four months, to be delivered on demand to police authorities.
>Under the directive, the police and security agencies would have been able to request access to details such as IP addresses and time of use of every email, phone call and text message sent or received. There was no provision in the directive that permission to access the data must be confirmed by a court. On 8 April 2014, the Court of Justice of the European Union declared the Directive invalid in response to a case brought by Digital Rights Ireland against the Irish authorities and others because blanket data collection violated the EU Charter of Fundamental Rights, in particular the right of privacy enshrined in Article 8(1).
Still are being called that now.
Any political party of any member state that even thinks about being critical of the EU will instantly be completely destroyed by "independent" national (state sponsored) media.
It is exactly the opposite. EU is blamed for everything what is wrong and local politicians are taking credit for whatever is good.
What are you talking about. UK is the prime example of political parties being extremely critical of the EU and eventually getting exactly what they asked for.
But even if you think UK is some kind of weird one-off example - it's not. Look at Poland - PiS has been openly critical of EU for years now and held power for years, will most likely win it again in the next elections. Konfederacja straight up calls EU facist on a daily basis and they have like 20% support for some insane reason.
>>by "independent" national (state sponsored) media.
You have to explain what you mean by this - you can't be independent and state sponsored. Or do you mean unbiasased(like what the BBC or TVP are meant to be, which they are obviously not but they are not "independent")
UK is a wrong example as their issue wasn't EU's policies but the idea of one Europe. They wanted to have control on the borders that was fundamentally incompatible with EU.
Why would you first claim the issue "wasn't EU's policies" and then list the extremely central EU free movement policy as the issue?
Couldn't someone just build that Signal APK without spyware and then get it signed/verified by Google?
The Google change means that every APK has to be signed and linked to a developer with a verified identity.
Unless Google might not be willing to approve this alternative version of Signal, but is there any indication of that? The Signal clients are open source with a permissive license so there's nothing unauthorized about building and distributing a modified version yourself.
The point is, before, you could run apps on your Android phone without anyone's permission. Now, you need Google's permission. You're relying on Google authorizing a Signal build which circumvents laws, and that's not at all a given.
Is there any indication that Google will obey the laws of the EU when they have no vested interest in the outcome?
They only break the law when it earns them bundles of money.
If you do this with Apple they will deny it as “too similar”.
They have no obligation to sign anything, and they aren’t in the business of fighting city hall. Quite the opposite.
There are plenty of devices running older versions of Android which are not under Big G's control and won't be subjected to this authoritarianism. Coincidentally they are also likely to be easily rootable, so you can still have full freedom.
Just don't "upgrade" and ignore all the propaganda telling you bad things about that. Keep building apps that work on older, less-hostile devices and spread the word to oppose this very deliberate planned obsolescence.
> Coincidentally they are also likely to be easily rootable, so you can still have full freedom.
Also easily remotely ownable, so you can be spied on without even having to install any software at all. And any that aren't now will be a couple of years after they fall out of support. Which, by the way, is very hard for the community to step in and do, since they're full of undocumented proprietary binary blobs.
> Just don't "upgrade" and ignore all the propaganda telling you bad things about that.
... and when your fully owned device finally breaks completely?
You've fallen for the propaganda. "remotely ownable" is only true if you do things like visit sites with JS enabled by default, which is what has been the case with true PCs for a long time.
There's a whole community keeping these devices alive, I trust them far more than Big G.
The... propaganda? PoC exploits demonstrating full device takeover by sending an image file are propaganda? What would a real security vulnerability that's not propaganda look like?
libwebp, a Google-originated format... how convenient.
via a crafted HTML page
Don't forget that the majority if not all exploits will use something like JS to obfuscate their existence and frustrate analysis.
Also remember the famous sayings "Those who give up freedom for security deserve neither" and "Live free or die". Accepting the insecurity, because freedom cannot exist without it, is also important.
That's a common misquote
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety"
The extra words are important
"a little temporary" is key.
Also the background context of arguing for taxing the rich instead of making them aristocrats.
No, really. I asked a specific question. What would a vulnerability that's not propaganda look like? Please explain how to distinguish between propaganda and non-popaganda vulnerabilities. I need to be able to distinguish between them for myself.
Molly (signal fork) on GrapheneOS will still be there
Why is it so hard to run virtual android on your Android as a sandbox for these kinds of things.
Since the right people are here, can anyone explain to me why its so hard to "root" (in reality, obtain basic filesystem / networking etc. control) with that OS?
Slow heating boils the frog.
Move now to alternatives. If you must use Android, GrapheneOS with Sandboxed Play Services.
It already took a mountain of resisting the network effect to get at least some half of my friends to chat with me on Signal. The chances to get them to move to something more obscure, that has any additional friction is low and the effort in convincing them will be high. That's not to say I won't try, but man I hope it doesn't come to that.
> If you must use Android
the reasonable alternative being... ?
For people looking for a new phone it could be either Jolla [0] or Fairphone 6 [1]. Both come with their own OS.
[0] https://jolla-devices.com/sailfish_devices/
[1] https://shop.fairphone.com/de/the-fairphone-gen-6-e-operatin...
You got me. None.
I do wish ubports + waydroid would be a reasonable alternative -- but it's wishful thinking.
My only hope is Tesla bringing out a phone with it's own OS at some point.
Tesla...certainly isn't top of mind when I think about makers of technology products that permit true ownership of the hardware / respect their users' privacy.
Also government will not allow it.
GNU/Linux phones.
Name three?
Unfortunately, "reasonable" generally means "can do the things typically done with smartphones these days", which include things like banking, media streaming, and civic stuff - things mediated by the very systems whose vendors aren't just embracing remote attestation, but actually driving its proliferation.
For better or worse[0], this is not a technical problem - it's a social/political one. Technology created it, by making remote attestation possible - but the actual problem is with why companies want to use it.
--
[0] - Definitely worse. Technical problems are easy.
Maybe you need two phones then, one for the civic stuff and the other for private communication.
Perhaps just websites for communication then, through tor or some other protocols.
Are there any that aren't laughably insecure? No? Oh well.
Who, exactly, is so strongly motivated to make such legislation?
Who proposes it and drives it and lobbies for it? It doesn't come from nowhere.
Swedes and Danes are at the forefront.
The truth is that Scandinavian societies are much more authoritarian and illiberal than they want people to believe.
They’ve had to become like that due to their bizarre choices. They really got the worst of all worlds. Net tax beneficiaries, fear, crime and now judicial over reach. How do you do this to yourself?
Very small sample group, but from my talks with Danes, they actually enjoy their lives quite a bit. I disagree with the chat control, but who are we to say what they want or need, if they have been enjoying their lives with the government of their choosing?
I don't think it's that. I think the EU, as a political structure, obfuscates what's going on from the citizens sufficiently, that it's uncommon for citizens to hear about what's actually happening. Some third party has to basically start ringing alarm bells for even a minority of citizens to hear about an issue, let alone a majority.
If I were to ask what my relatives think of Chat Control I'm certain that an overwhelming majority would not have even heard about it. Hard to oppose something if you don't know about it. But even if they did oppose it - does the average European even know how to figure out how their chosen politician voted on the issue? Probably not.
Maybe it's a lack of journalism, I'm unsure, but I don't see any other reason for it. I also think that this is the factor in euroskepticism.
I live in Sweden and I am not a Swede, so I read this country with from an outsider prospective but I am no historian either. From my observations and from I have been reading, Sweden has always had small, low density population living in a harsh environment. A centralised government was an effective way to gain efficiency, and it has historically had much less friction than in other places where other forms of power were more solidified. Socialist Sweden in the 30s and 40s was pretty much as totalitarian as other countries in Europe, but as they did not participate in the war, they have always seen themselves as the "good guys". No point of rupture, as it happened in Germany for example, very little self-criticism. To these days Swedes have very little discussion about what does not work in their country, they just assume that they live in the best place ever and that someone will take care of the problems. They have complete trust in authorities, which is good for many reasons, but it's also often blind and lenient even in front of quite obvious inefficiencies or abuses of power.
For reference of discussion in Sweden see https://chatcontrol.se/ (in Swedish). Social democrats and Christian democrats are the ones who seem to be more supportive of this law.
Media and conversations in a small population with a unique native languages lacks the population for diversity of opinions and often results of blind trust in local government, power structures and group thought influenced by those in power. Who can be critical in this type of society? Ignorance can be bliss.
I doubt your friends are a representative sample. And they probably think they wouldn't be the first ones to be oppressed by this.
Sweden has also had an explosion of organized gang violence; carried out by tech savvy teenagers using encrypted chats.
https://www.theguardian.com/world/2023/nov/30/how-gang-viole...
https://www.cbsnews.com/news/teen-girls-hitwomen-sweden-orga...
https://www.europarl.europa.eu/news/en/agenda/briefing/2025-...
> carried out by tech savvy teenagers using encrypted chats.
This literally doesn't matter. You can just use codewords, hide information via steganography, or even just communicate IRL in absence of encryption.
Using this as an argument to destroy privacy is like deciding we should cut out everyone's tongues because criminals are using them to communicate and surely they will be unable to find alternative methods of communication. Maybe let's ban literacy while we're at it?
Or just host their own actually end-to-end encrypted chat apps.
> “Socioeconomic factors are what mostly constitute the risks of ending up in crime,” not ethnicity, says Felipe Estrada Dörner, a professor of criminology at Stockholm University
This is an interesting comment and sounds correct. I'm curious though, what is the driver of increased socioeconomic distress in Sweden? I thought they were doing pretty well.
I did a bit of reading and it seems like Sweden has been seeing :
- increasing segregation, with low-income and immigrant populations concentrated in certain districts
- a youth unemployment problem
- housing price crunch
socioeconomic factors and ethnicity are highly correlated. So Prof. Estrada Dörner is probably noting that there is no causation (foreigner -> becomes criminal) but the correlation is high and is due to many factors including segregation and latent racism, so maybe the causal factor is more like discrimination -> creates criminals.
Thank you.
For others this is the last para of the first link:
> The Swedish government has proposed new legislation that would allow police to wiretap children under the age of 15 in an attempt to curb the violence, according to the BBC.
So, Chat Control is an attempt by a few politicians to give police some tools to prevent teenagers from shooting each other in gang wars. It's a real problem, it needs a real solution, this looks to be an honest attempt to come up with one - from someone who doesn't know what they are doing.
Interestingly, we've had an uptick in youth violence here in Australia too. It feels eerily similar. It's happening in the same demographic, it's happening while crime overall is dropping, and the authorities here too are struggling to control it. It's so serious it lead to a change of government at the last election. A right wing mob got in by beating the law and order drum with the slogan "Adult Crime, Adult Time". https://statements.qld.gov.au/statements/102316 If anything, that's less effective at stopping crime than Chat Control. Sigh.
Naive question, but what is the cause of youth violance? Or the increase in violance for that demographic?
I live in sweden. Police here is extremely incompetent and unwilling to do their jobs.
They will not seriously investigate any white collar crime, so corruption is completely unpunished.
They focus on gangs and so on, or so they say. What they actually do is aggressively target non violent people who smoke weed and occasionally some small fish dealer. Remember that owning any amount (even trace amounts only detectable by a chemist) of THC is a crime. Yes they do spend resources to go after people who occasionally smoke weed.
Meanwhile if you're a 2nd generation immigrant you will be forever subject to daily discrimination, and getting a job that is not hemtjänst or cleaning is going to be very rare.
[flagged]
They accepted a lot of migration but then expected immigrants to be content with being extremely poor and with no way to improve their condition and got surprise picachu faces when they decided that crime was an appropriate way since no other way existed.
The biggest factor is that the police simply suck at doing their real job but have worked hard at making sure the rank and file doesn't complain in public.
Not surprising that it's from the same place that told us we should be happy with owning nothing.
[flagged]
Comments should get more thoughtful and substantive, not less, as a topic gets more divisive.
Eschew flamebait. Avoid generic tangents.
Please don't use Hacker News for political or ideological battle. It tramples curiosity.
> the government decides what is allowed and what is not.
Hm, you mean the government makes the laws? Shocking, revolting even
In the context of chat, it likely refers to a desire to make sure there isn't any "illegal talk" or "bad think" going on.
[flagged]
You sure know a lot about socialism and words, for someone that doesn't know that these social democrats are called so because it's literally the name of their parties.
Well you sure know a lot about words, but could you change or rearrange them please, because right know I have trouble to make sense of your comment :/
As somebody who lived its early years in a socialist country, all I can tell you is that socialism does not work. Never did, never will.
A lot of EU countries are liberal-socialist, and it works really well.
Canada has a more important socialist component than the US, and it serves them well.
I wonder if you really did not understand my first post, or if it is just your take at flameware.
Its not about flamewars. Its about the fact that socialism doesn’t work.
Have you watched the news lately? EU is a shitshow right now. France is going downhill really fast, Germany - I don’t even about them. And the rest is scrambling with their own issues.
Oh yes, Canadian free healthcare, right? Where a doctor might see you in 6-12 months. If you die in the meantime, tough luck.
No, socialism doesn’t work.
You know, everyone is a lefty until they start their own company, and then they quickly realize what a bunch of crap that ideology is.
Assuming you are living in a modern economy - including the US - around half of it is owned/run by the government, i.e. half of it is socialist (social ownership of the means of production)
capitalism can also be interpreted as something which "serves the modern, specialised multifunctional community by doing your job." to "profit then use the sum to upgrade society"
what the heck you place socialism as something towards <the overall happiness of the society, and not focusing on increasing material wealth>? first that socialism is a temporary state towards communism, that despite, it doesn't need to pursue communism. see China. second; WHY DO YOU WANT TO CENTRALIZE POWER TOWARDS A SELECTED GROUP OF PEOPLE? Karl Marx is fine, but it's a european guy who lived in 1800s. socialism and capitalism are essentially the same with the difference of the hope of donation of power coming from the public vs. the private... you need to be quite naive to believe the goverment will do the good without corruption. much more people with power allowing their goods to be taken. see our history before capitalism
You just proved my point: you use the radical variant of the meaning of the word "socialist", without even acknowledging that it is not the only one.
Have you heard of SocDem, or "social democracy"?
It is everywhere. Even in ones of the most successful democracies on this planet.
It's odd to call people who promote capitalism socialists.
They might have historically believed in gradual transition away from capitalism, but today they seem entirely happy with capitalism with a little corporatism in labor markets. Socialism is mostly branding.
This is where there is a misconception.
This use of the word "socialist" (the use that is NOT meaning "communist dictatorship") is quite equivalent to "politically left".
For example, it correlates with free healthcare, free education.
This is not in opposition to "capitalism".
It is more, like, "maybe profit (financially) less, but care more"?
What is extraordinary is that the idea that there shouldn't be a word exchanged between two individuals that the state cannot listen to was a Stasi wet dream. It is just shocking that western democracies that have held totalitarian regimes at bay for so long at great expense, are now going full big brother.
> western democracies that have held totalitarian regimes at bay for so long
Western democracies have consistently installed and protected totalitarian regimes.
Follow the money. AI surveillance companies like Thorn are shaking in excitement.
https://balkaninsight.com/2023/09/25/who-benefits-inside-the...
The state itself.
Any shred of rights or privacy has reduces it's ability and/or increases the cost of it doing what it deems worth doing.
This is a meme I see and don't fully understand. It seems to assume that the state isn't a democracy, yet the statement is usually applied to democracies like the US. Such statements don't make sense to me when it's the people who are the state, not some "other".
The individual needs and the “needs of the state” are two very distinct things.
This is a classic principal-agent problem. The people are not the state in electoral/representative democracies, they merely elect agents that have their own beliefs and motivations.
The public have no effect on public policy in the US: https://doi.org/10.1017/S1537592714001595
The state is a lecher.
Lobbyists from surveillance product companies.
And law enforcement agencies.
For some reason names are sensored because of the ”privacy and security requirements.”
Our "minister of Justices" is a scared little boy, deeply traumatised by a childhood characterised by the lack of a basic sense of safety. This trauma has never been addressed and with age he has unfortunately become a politician and earned a law degree. His rational faculties and academic degree are of course a faint echo compared to his childhood trauma, so he has no reservations destroying any personal liberty in the name of safety. I feel deeply for the boy, but fear the man.
To whom are you referring? A quick Google didn't reveal which minister from which country you're talking about but I'm curious to learn more.
> Who, exactly, is so strongly motivated to make such legislation?
For the part that Denmark is playing, I think the answer is somewhat readily found in the current national politics of Denmark. We've just had a pretty prominent politician 7 years ago get convicted of being in possession of CSAM. I think that's very personally offensive to our current prime minister. That has to be viewed along with her personal view of herself as the "children's prime minister", to make it into a double whammy.
We've also been dealing an inability of the police to investigate some crime, and the investigative committee established to figure out what to do about it recommended an ability for police to more readily be able to investigate digital material. I imagine the current policymakers imagine Chat Control to play a part of enabling that at a national level.
> We've just had a pretty prominent politician 7 years ago get convicted of being in possession of CSAM.
I don't disagree with your overall thesis about Danish politics at the moment, but... I think it's interesting that politicians are exempt from these monitoring schemes. So it wouldn't have prevented that guy from doing what he did. IIRC, Law Enforcement is also exempt, and they never get up to any of that, no sirree...
ANY time any legislation comes with exemptions for the people in power (legislature and law enforcement) you know it's time for extreme skepticism.
EDIT: It's just the inanity of it that has me despairing. Lobbyism at its finest (see my other comment).
> IIRC, Law Enforcement is also exempt, and they never get up to any of that, no sirree...
The only place I have found anything about that is some random blog from NextCloud (and I don't know why I'd care what Katrin Goethals, Content Marketer for NextCloud has to say about politics but I digress) and the argument is flimsy at best.
>(12a) In the light of the more limited risk of their use for the purpose of child sexual abuse and the need to preserve confidential information, including classified information, information covered by professional secrecy and trade secrets, electronic communications services that are not publicly available, such as those used for national security purposes, should be excluded from the scope of this Regulation. Accordingly, this Regulation should not apply to interpersonal communications services that are not available to the general public and the use of which is instead restricted to persons involved in the activities of a particular company, organisation, body or authority.
From document 11277/24 [1]. Unless it has changed more recently, the exemption is actually considerably broader, and presents the unusual argument that the system will be secure enough for any private personal communications, yet too insecure for any company's trade secrets (which, apparently, have the same weight as national security).
[1]: https://data.consilium.europa.eu/doc/document/ST-11277-2024-...
OK, so the risk were worried about here is internal communications platforms, only available inside an organization like the EU or a company, being used for sharing CSAM? So officials sharing CSAM exclusively with other officials on the company chat server?
I don't believe that's what people think of when they hear "law enforcement is excluded". Officials will still be subject to the law when interacting with anybody else. They will still be subject when interacting on public services. Crucially, everybody will be excluded from private messaging servers, also non law enforcement.
Do we have any reason to believe CSAM is being distributed on the internal EU communication networks?
Wow.
That's...
Wow.
Ah yes, "protecting the children". Meme driven politics.
> Meme driven politics.
It's very much NOT meme driven. We're generally very sensitive to child abuse in Denmark, and even singular cases are usually enough to establish pretty wide bureaucratic systems.
Originally, she launched the "branding" push when they were talking about schools and daycare, but like all branding it spills out into other avenues. I have no doubt she weighs her job around children particularly important.
It's not at all a stretch to me to say that she probably genuinely wanted her party colleague, and CSAM enjoyer, caught faster, and I don't doubt that she believes this is the best way to do that.
That's not a "meme". That's policy driven by observation and factual cases.
> and even singular cases are usually enough to establish pretty wide bureaucratic systems.
This is what the parent commenter meant by “meme-driven”: When singular cases can be turned into an idea that is shared and occupies a disproportionate amount of attention because it gets packaged into a simple idea that is easily shared and repeated.
If a building collapses or a plane crashes that’s a singular case, but the ensuing investigation will be used to enact policy changes based on what went wrong to prevent it happening again. It only becomes ‘meme-driven’ when it deviates from what should be a mundane bureaucratic process, which can include blocking the process as much as putting fingers on the scales.
The parent commentor is the one making it "meme-driven". It is not a meme to advocate for protecting children from actual real life pedophiles.
Real life is not a meme.
What is being advocated is not protecting children, it's the establishment of a mass surveillance state that's every single dictator's wet dream, without any understanding of how trivial it will be for criminals to coordinate and share CSAM in other ways.
If that's not a meme("bUt tHiNK oF THe cHilDRen!!11") I don't know what is.
They're using the original definition of meme, not the more generally understood meaning for the word today, i.e. a joke.
The road to hell is paved with good intentions.
It is corruption, paranoia and addiction to power. The problem is agencies that are supposed to crack down on these things do nothing or are corrupt themselves.
It's surveillance companies, i.e. follow the money. Imagine if you can force every IM app to include your nonsense? BILLIONS of instant installs and subscription fees.
The EU ombudsman actually asked the EU Council to comply with a Freedom of Information request about who attended the meetings about this and all we got was a fully redacted PDF with a list of about 30-40 individuals/groups (literally blacked out in the PDF). It's absurd how non-transparently this is bought & paid for.
> follow the money. Imagine if
Following the money requires actually following money. Not imagined money.
Do we have evidence of these companies lobbying for CharControl?
Stasi wasn't doing it for the money anyway.
That’s what I mean. This honestly looks more like right-wing elements more than commercial lobbying. Doubly suspicious when the unsubstantiated claim is the bogeyman du jour.
What right wing elements?! Almost all of the EU (both at the EU level and member state level) is dominated by self proclaimed socialist parties or coalitions and has been for decades. The push for spying was always there and immediately became worse right after the Snowden revelations more than a decade ago.
Your comment makes 0 sense.
What if I told you that the far right wants the same.
It was redacted ... and very obviously so. Did you read my post?
Attendees can hint at money. But it isn’t money. The lack of transparency is problematic per se. But it doesn’t advance your argument that the redacted groups are the ones you suspect.
I take your point. There were some previous leaked docs about Thorn involvement (I'm pretty sure Palantir was mentioned in those docs, but not 100% sure), so yeah...
The biggest issue is the lack of transparency about the people/groups involved in those meetings and why this ineffectual privacy-destroying idiocy gets pushed so hard.
What they should be doing is giving us the ability to use public apps without the apple store or google play. What they are doing is letting Palantir get our data, despite it being from a country that thas repeatedly threantened Greenland.
This thread is going to be 400 comments of people talking about how stupid this is, how it won't work and never will, how no sane person could possibly want this. And you know what, I agree with all of that.
But there are a few people asking who is pushing for this legislation so hard. That's mostly police forces who are pointing out that they're unable to track the activities of criminal organisations. For example, in the UK sophisticated gangs steal cars and phones and ship them around the world where they're resold. They locate a buyer anywhere in the world who requests a specific car, find that car, steal it and have it in a shipping container within 24 hours. It's impossible to know who's done it, or track any of the communications involved.
In previous eras it wasn't possible to create international criminal organisations of this level of sophistication because it was harder to communicate securely. Now it's possible and we all pay the price of increased criminal activity. Everyone's insurance premiums go up, making everyone poorer. UK car insurance premiums are up 82% between 2021 and 2024 and insurance providers are still making a loss.
Just to drive this point home - watch/rewatch The Wire (2002-08), except make it impossible to tap the communications of the drug gangs because they're all using encrypted messengers with disappearing messages. Immediately the people running the organisation become untouchable. The police likely can't even figure out who the lieutenants are, let alone the kingpin. At best you can arrest a few street level dealers and that hardly disrupts the criminals at all.
On HN everyone is going to say "everyone has a right to private communication, even criminal empires". And sure, I'm not going to disagree. I'm merely pointing out that private communication allows criminal networks to be much larger, more effective and harder to disrupt. And all of society pays the price when we're victimised by criminals.
Edit: I'm not saying breaking encryption is a good thing or that it will work, I'm only pointing out why police forces want access to communication records. They're unable to do their jobs and are being blamed for the rise in crime. To prove that you've actually read my comment till the end, please mention banana in your comment.
This is true of course but the counter argument is that running your own infrastructure is probably not a problem for international criminal gangs but your group chat with the boys is not gunna go through some AI garbage filter and in the end we are still going to get our cars stolen but now the police is knocking because I called Merz a fascist bastard and once the actual fascist win an election they are going to knock on everybody’s door who called Weidel a pick me girl in Turkish.
In summary, without stupid jokes about German politics, the actual stated goal is unachievable but the real world consequences in a Europe that is sprinting to the far right are incredibly dangerous.
> Europe that is sprinting to the far right are incredibly dangerous
Alternative für Deutschland (AfD), the far right party, is against Chat Control.
Because it's not popular, and they are a populist party. I'd wager they will be all for it if they were to achieve power.
I used to be on your side but now that I live as a minority where the locals are increasingly becoming hostile and their very abusive rhetoric is accepted on social media and forums like reddit I actually want them to face the consequences of such speech and be deterred from uttering anything like that with their devices. (They can do so privately at the bar I have no problem with that.)
Another example is the recent nepal protests.
More abstractly I think that a multi-cultural or multi-ethnic society at scale is not able to handle anonymous and private communication without collapsing. If we dont go in the direction of benevolent censorship like China and Singapore I think the west is going to see some dark times.
And how are you supposed to exist as any sexual, gender, religious, or political minority when Gestapo's listening in on every phone? And also, we were talking about private conversations, not Reddit, not any less private than what is spoken in your own home.
I am sympathetic to whatever made you believe that, but if you advocate for such evil, inhumane, reckless systems, you are not a good ally to anyone, including yourself or your community.
Honestly I am on the edge about this, but for the sake of argument how is it evil or inhumane to de-anonymize certain types of rhetoric from digital communication. I dont think freedom of speech includes anonymity in it.
You're giving this government, or one in the future, the tools and access they'll need to opress and discriminate against you, a minority.
> More abstractly I think that a multi-cultural or multi-ethnic society at scale is not able to handle anonymous and private communication without collapsing. If we dont go in the direction of benevolent censorship like China and Singapore I think the west is going to see some dark times.
Those who would give up essential liberty, to purchase a little temporary safety, deserve neither and will lose both.
yeah this is what they say but I think this argument doesnt work at scale. Singapore and China are both safer and relatively free-er than many places
It works remarkably well at scale. In fact, this is the defining trait of all cities, states, and nations that became historical points of reference like Troy, Athens, Rome, Constantinople, Venice, London the US and possibly China in the future.
Each of them thrived because they embraced diversity and freedom, etc. giving themselves access to a much larger pool of skilled talent.
Venice offers the clearest example. At its height, they could appoint someone as unconventional as a sub-Saharan Muslim to command their fleet (think of Othello). But the moment they shifted to a locals-only approach for key positions, their dominance began to crumble.
The problem is that usually locals feel cast aside. And while they too get the benefits, they rarely see them as such… They feel entitled and screwed. Don’t care about the big picture.
Ps. Of course this is very high level as each of these cities / states / etc collapsed under slightly different circumstances.
> I used to be on your side but now that I live as a minority where the locals are increasingly becoming hostile and their very abusive rhetoric is accepted on social media and forums like reddit I actually want them to face the consequences of such speech and be deterred from uttering anything like that with their devices. (They can do so privately at the bar I have no problem with that.)
It's interesting that a member of a minority would not see that this is exactly how minorities get oppressed. Sure, let's make trans hate speech illegal (and completely fuck privacy online in order to make it so)... then we block criticism of Israel... then we block criticism of The Party... now let's block anything that might "corrupt our children"... Actually we don't need that narrative anymore; we just block whatever The Party says to block. I hope being trans stays socially acceptable!
To say nothing of the fact that one country fucking over privacy for its citizens means fucking over citizens of many other countries too, who didn't agree to it.
No to clarify I didnt say make it illegal, I said to de-anonymize it. If you are gonna say controversial things they just have to be tied to your name.
I fail to see how that makes it any less prone to abuse. And I don't see how it would help things. People say horrible shit all the time in person too.
The assumptions is that most people that say horrible things online are cowards and would not say it in person.
If you deanonymise, you'll have to do it on a general basis. This would include investigative journalists, whistleblowers, protesters etc. Surely you can see the net-negative we'll get from that.
They ship entire CARS.
Not some kind of fancy sci-fi grain-of-sand sized microchips that are completely impossible to track. Not even drugs! Cars! Those huge metal objects that weigh over a metric ton each! Those cars!
If the police can't stop criminals from shipping CARS out of an ISLAND COUNTRY, the issue isn't that they don't have a way to breach privacy of every citizen. The issue is that they should be all fired and never allowed to do any government work ever again.
How are they supposed to do this exactly? The car could be through a chop shop and onto a container before the theft is even reported to the police.
Where is this confidence that you can do their job coming from?
Mightn't it be marginally more productive to put a bit of surveillance in front of the container boats, and require registration for the cars being put on them, then trying to totally eliminate free computing and a free internet stopping all secure communication in order to catch the 1/10000000 messages which regard stealing cars?
I don't think the actual accusation is that the police are incompetent, but rather that this can't possibly be the real goal of such a law, because there are approaches to stopping such crimes which are not only far less invasive, but also easier and more practical. So this is at best an excuse, and at worst a justification that the commenter came up with that the actual policy makers never even mentioned (I have seen the latter far too often).
You’d have to X-ray each container to know what was in it in the first place. Prohibitively expensive and would hurt exporters.
Stolen cars aren’t the only criminal activity. They engage in other activities as well. I just used it as an example.
I don't have a confidence that I can "do their job".
I have confidence that the organization is completely dysfunctional. In which case it's probably more productive to raze it to the ground and build it anew than to try to fix it. Especially if your idea of "fix it" involves "give them power to breach chat privacy of every citizen".
A randomly initialized police force would outperform the baseline of "sorry, we somehow can't stop criminals from stealing those huge, serialized cars, and shipping them out of our extremely isolated island country - now give us more privacy breaching powers!"
Even if you gave them those privacy breaching powers? They'll just use them to jail more people for things they said on Twitter.
> Especially if your idea of "fix it" involves "give them power to breach chat privacy of every citizen".
I never said it was though.
Do shipping companies not have a responsibility to know their customer? Is there no required import/export paperwork for a container holding a 2-ton vehicle? Perhaps a title? Some proof of ownership?
I find it hard to believe that it's easier to force surveillance on all these innocent citizens than it is to fine a few shipping companies that haven't done their due diligence.
Inspect containers leaving the country for contraband. Require shipping companies to do KYC. Require documented proof of ownership for vehicle exports.
Don’t forget the rudimentary car security systems that can be breached with a $20 device from Aliexpress
The replies to this thread cannot be serious, on a web forum populated—I thought—primarily by technologists. Surely you all remember the variations on, "If you make encryption illegal then only criminals will have encryption"?
The next step will surely be to make use of communication programs that law enforcement cannot read illegal, right? The police find some person who has committed a crime, caught in the ways that criminals are usually caught, such as with forensics, or simply with the guns and drugs in the boot of their car. Then they can see what forms of communication this person was using, and who was using it with them. At that point, it doesn't matter what those other people were doing: The use of banned encryption technology is the crime. You can roll them up for that, or use evidence of this crime to justify further intrusion into their meatspace lives. And so it goes, on up the chain of a criminal organization. Theoretically, at least.
I don't like this, I don't support this, but as has been said elsewhere in this thread: Let's not pretend this is some insurmountable problem for a government who has already shown an appetite for surveillance.
Sure, you could make unauthorized, fully encrypted communication illegal. But what would be the punishment for using it? Worse than for smuggling, human trafficking, murder? I seriously doubt it. If you're a criminal risking decades in prison for major crimes, using some illegal software is 100% worth it, if it significantly reduces the risk of getting caught for the real crimes you're committing.
You can't make laws that govern how criminals behave. All chat control will really accomplish is maybe a momentary string of arrests(which is meaningless in the long term; there's always someone to take over), and longer term, worse privacy and security for everyone except the criminals.
UK has the idea of contempt of court. Even as it stands, the court can demand you submit some evidence - say an encryption key for a document. And if you refuse, they can even imprison you until you surrender the key.
Another principle is that when someone is destroying evidence, you can presume it contained incriminating evidence.
I think you could make the punishment proportional to the presumed crime.
What is absent from your comment (and also from many arguing against you) is the discussion of trade-offs.
Yes, criminal gangs are bad.
And, for me, and probably many others here too, enabling governments to look at private encrypted messages of everyone is way worse.
Let’s find other ways to prevent these gangs from stealing cars.
> Let’s find other ways
Could you watch The Wire and point out exactly what you'd do differently. I'm picking this example, because the whole point of the show is that they're unable to do anything without a wiretap when faced with a sophisticated criminal gang.
I haven't watched The Wire yet, but I'm assuming ending the War on Drugs wasn't something they tried. It's funny how granting organized crime a monopoly over highly popular goods results in organized crime becoming pervasive and well-resourced.
One would think we'd have learned that lesson a century ago, yet here we are. Until anyone over the legal drinking age can go buy a bottle of Bayer Heroin at CVS, I don't want to hear about how the government is struggling so badly with crime that it thinks my privacy should be on the chopping block.
Yeah, there was an entire season about ending the war on drugs and how it was the only thing that actually worked lol.
Also, they caught the drug kingpin at the end of the show by physically following his lieutenants to a warehouse full of drugs and arresting them all on the way out. The only thing the wiretaps were used for was to build a conspiracy charge against the leader, who had been standing outside for months/years doing face to face meetings with everyone that was arrested, clearly being the one in control of every conversation. If somehow that's not enough to charge someone with conspiracy then it seems removing a small amount of freedom to change that would be far preferable to reading everyone's messages and banning encryption.
"The Wire proves the need for mass surveillance" is the dumbest take I've ever heard. It literally shows the complete opposite.
lol, well thanks for the spoilers. /s
> Could you watch The Wire and point out exactly what you'd do differently.
The whole point of the Wire is how meaningless those wiretaps ended up being.
On either side of the board, the kings stayed the kings, most of the other pieces were chewed up and spit out, a new crop of pieces would come along to replace them, and the game stayed the same.
No sorry, I can’t watch a series with 60 episodes just to debate you online.
Well, at least you took the trouble to find out how many episodes it has. That's something.
Maybe make a point that doesnt involve making assumptions about reality based on a fictional tv show?
I did. People refused to read what I said. Search this thread for “banana”.
You can still do surveillance in the same way that east germany used to.
Get a warrant, put hidden microphones and cameras into their light switches and ceiling lights.
Turn one of their members into a double agent and get them to spy for you.
Of course that's not as easy as total surveillance. Because it's not supposed to be. The extra effort isn't that hard if you're going against a criminal gang, but it's enough to prevent the state from going "fishing" by surveilling everyone.
Right, but the communication is happening over encrypted, disappearing messages. If you had a microphone or a camera all it would capture is a guy sitting in a chair tapping on his phone.
But all this assuming you found probable cause to surveil a citizen in the first place. Where's the probable cause coming from?
And that's assuming that they can even figure out who the higher level bosses are in the first place.
> But all this assuming you found probable cause to surveil a citizen in the first place. Where's the probable cause coming from?
There's a basic right to privacy, which can only be restricted with probable cause. Your argument sounds like you disagree with this very basic premise?
It’s stunning how poor all the replies on this thread have been. Not even an attempt to read what I’m saying.
No, I don’t disagree with the need for probable cause. I was asking, how do you build the case for probable cause against someone you’ve never seen and whose communication is completely encrypted? You can’t. I don’t have a solution for that, and I don’t think anyone does. I am merely pointing out that it’s a problem, and that the police’s suggested solution is surveillance.
Total surveillance is not what the Danish minister is arguing for. He is arguing that communication companies should be required to insert wiretaps following a court order, just like a POTS telecom company would.
> Total surveillance is not what the Danish minister is arguing for
If you backdoor E2EE crypto for one user, you've got to weaken it for everyone. There's no way around that.
What he's arguing for would require wiretapping every citizen, just in case you need to listen to the logs from any one citizen.
Even worse, the criminals will just compile the open source E2EE apps themselves without the backdoor, so the only people you'll be able to wiretap will be law-abiding citizens.
The "best" option (if there even is such a thing) would be to surveil endpoint devices, but the governments have failed to strongarm Apple into complying, so now they're going after the service providers.
Additionally, even with E2EE protocols, you can already tell from the metadata who is talking to whom, which is everything a government needs to get warrants, seize devices, and install surveillance devices.
So in the end, this proposal won't affect criminals, will reduce the security for every law-abiding citizen, and isn't even going to do anything useful against crime.
> you can already tell from the metadata who is talking to whom, which is everything a government needs to get warrants, seize devices, and install surveillance devices.
The standard for probable cause has sharply declined in this scenario you’ve constructed.
And you’re assuming that the government will seize the device, install surveillance software and the criminals will continue to use those devices? I don’t see how.
Even if the government has access to remote takeovers using unpatched zero days, those are not used on local investigations.
That’s _definitely not_ the entire point of the show.
Not only is it not the entire point of the show, you'd have a easier time arguing that the point of the show is that the fundamental problems behind mandates like "deal with crime" are not as simple as "get a wiretap."
Obviously one of the greatest shows of all time has multiple interwoven themes.
But the literal name of the show should be a clue that Wire taps are important. See how they evolve for one. Gangs are always learning, getting more secure with their communication and making it harder to build a case against them. What worked in Season 1 (pagers) doesn't work in Season 3 (burners). Once Season 3 is over everything about how burners were surveilled is then public record, so criminal gangs switch up once more, making it even harder.
Now if you made a show with all the criminals using encrypted, disappearing messages - that would be basically unbreakable. Which was my point.
The point of the show is that the wiretaps didn't ultimately amount to anything, for reasons that had nothing to do with how good the police work was, and everything to do with politics and the systemic failure of institutions.
A few of the pieces were taken off the board, soon to be replaced by new pieces. But the kings stayed the kings, and the game remained the same.
Sigh. It is possible for both things to be true.
That wiretaps allowed them to build a meaningful case against the entire drug organisation, with nearly all the drug dealers in jail or dead or out of the game. That’s not nothing. Without wiretaps they would just have been harassing easily replaced corner pawns.
But what you’re saying is partly true as well. Even after taking whole drug organisations down, it is possible to replace them. As long as the demand existed, and the wholesaler existed, new drug organisations would be formed.
I’m surprised that people came out of it thinking that there was no point to any of the police work. Do you really think it would have been better to not touch the drug organisations in any way?
Should we base all our policy decisions on TV Shows?
Is there a better or more widely consumed source of how reliant police are on communication interception? It portrays the difficulty of pursuing criminals very realistically.
I agree, but I haven't really seen anyone propose what that looks like.
If that is what they wanted, why hide it behind language about child safety? These bills happen in the US too, nearly identical to the ones in Europe. I don't think this is about stopping crime at all. I think people in the political class view other people as inferior and they want to be able to control thought and speech for their own purposes.
>To prove that you've actually read my comment till the end, please mention banana in your comment.
no
Criminals get access to all sorts of illegal things, from drugs to weapons through stolen cars.
Are you telling me that you genuinely believe that they won't be able to download an open source, actually end-to-end encrypted app?
The stupid ones already use Telegram, which is not E2EE. There is no need to change anything for them. Those who are smart enough to choose a secure messenging app today will still be able to do it, even if that app is made illegal.
I don’t follow what prevents criminals of such scale from using another encrypted channel or application after this ban?
So, they are able to get illegal goods through customs and police is not able to catch it because no wiretaps?
The following is supposed to happen in undetectable manner: - stolen car drives from A to B (on roads that can be policed), - at location B let’s assume it’s chopped (finite locations/people that can chop cars) - a container is loaded with heavy, metal car parts, undetected by metal detectors (weight scan, x-ray, visual inspection) - container paperwork is signed by someone (literal government ID is presented here) - customs officers are approving the outbound container that weighs over a metric tonne
You don’t think there is immense amount of incompetency or corruption here?
And what happened to police posing as a buyer, undercover cops, physical surveillance?
We recently shipped our furniture to US, and customs x-rayed it and charged us.
These are literally non-issues.
What about this law will prevent criminals from using encrypted chat applications?
I understand your point, but I fail to see how this law will change that.
It’s one step closer towards https://news.ycombinator.com/item?id=45242970.
Wow, that is more dystopian than I was able to imagine.
Let’s hope it doesn’t get to that.
> there are a few people asking who is pushing for this legislation so hard. That's mostly police forces
Do you have a source? Not doubting you. More curious for their arguments.
if anything should come out of this is that car manufacturers need to come up with a way so it's not this dead simple to steal cars. And it is not that hard. They already have all the tech ready with good security systems. but you know what? those are expensive. and that is something they dont want. so they go with the cheap alternative, which has been cracked 1000+ times already.
So instead of breaking the privacy of everyone, this should only impact the manufacturers.
Just my 0.02
It just forces the police to do good-old-fashioned policing. For example, nab one of the few street level guys and force them to give up the higher-level guys. Maybe make them wear a wire.
The real problem is that we've given up on going after the low-level guys, whether they're stealing cars or selling drugs or pickpocketing the tourists. If we catch them at all, we just release them.
I don't understand how you can ship a car without proper papers out of the country so easily. Maybe focus on that first?
What papers? You think we verify that the contents of every outbound container matches what it says on the manifest? We don't. It would be prohibitively expensive to scan every container. Even if we did, and found a car in a container, how would we know the documents provided aren't valid?
This is a really hard problem. If there's an easy solution in mind, feel free to suggest it.
It's not a hard problem. Shipping companies must know the content of each container by law.
Verify 1 container out of 20. When you catch a stolen car, fine the shipping company for not doing their job. Find employees who performed the forgery of documents and put them in prison. If the company doesn't keep records of which employee prepares which document, fine the company. And so on. Unfortunately police and customs would have to do their job in this case, I can see how they're upset.
So scanning every phone is easier ?
AI and blockchain?
I have no words.
I have no words that you think it is easier to scan every single conversation online, than to enforce proper border/customs checks for freight.
How hard is to pay a dev and make a custom chat just for them?
You can get it up and running in one week on a cheap server.
Ok let's scan every phone in the world instead of just scanning the containers the leave our ports. Sensible.
People who break the law for money have existed forever and forever will. You don't need encrypted messages to smuggle drugs across borders.
> But there are a few people asking who is pushing for this legislation so hard. That's mostly police forces who are pointing out that they're unable to track the activities of criminal organisations. For example, in the UK sophisticated gangs steal cars and phones and ship them around the world where they're resold.
If that is really such a big problem, then why don't the politicians say so instead of saying that this law is for protection children?
That's a fair point, but different arguments work with different audiences.
For what it's worth, they're not making up the CSAM thing. It has never been easier to disseminate/acquire CSAM in a way that you're never caught. That wasn't really possible before, which means there's a larger market for the production of such material.
I didn't bring up CSAM here because HN is militantly against think-of-the-children arguments.
The UK Labour government is one government particularly in favor of tapping all communications "for the sake of the children".
It turned out this week that they knowingly hired the "best friend" of famous pedophile as ambassador to the US.
>I didn't bring up CSAM here because HN is militantly against think-of-the-children arguments.
All consent manufacturing arguments promoting mass surveillance and backdoors are disingenuous to the very core.
Im surprised you dont see it.
This isn't a dilemma unique to encrypted comms or privacy. You have to weigh the net benefits to society as a whole. How much has the lack of secure communication and encryption at rest cost society? How much have the criminals you mentioned benefited from the lack of encryption? How much more difficult would it be for criminals to locate targets and victims with encryption protecting the latter?
Technology has never been the limiting factor in stopping any crime. I've literally shown a cop the exact GPS coordinates of stolen items and they shrug.
If police forces wanted to do a better job here, they would.
Don't presume stopping this sort of crime is the purpose, that theory doesn't hold water.
> For example, in the UK sophisticated gangs steal cars and phones and ship them around the world where they're resold.
This does not happen almost anywhere else - car theft. This is UK issue with local law enforcement / insurance companies.
Phones - just fix your streets, elect politicians that are tough on crime. Simple.
I was curious - Wikipedia says England is not even close to the highest per capita car theft rate. https://en.m.wikipedia.org/wiki/Motor_vehicle_theft
track cars then and shipping containers and whatnot, not people's conversations.
we all pay the price, yes, but we also all enjoy the prosperity it brings us.
at best these are arguments for finally making cars harder to steal. (and for people to own fewer of them and just rent them when they need it. and the renter company can then store them in a big fucking lot with security if they want to.)
...
as other commenters pointed it out, the technology is out there.
sure, it might not convince enough voters, we'll see. but it's sure as shit that these networks are not going back to pen and paper.
Why bother tracking just the cars? Just track every person. When you're born some government agent can implant a tracker in your sphincter. When a car is stolen, they arrest everyone in the area where the crime occurred and then sort it out downtown.
If you've got nothing to hide, then you shouldn't object to having a sphincter implant to track your every movement. And if you happen to be in an area during a crime, you'll certainly be vindicated, so just a little inconvenience in order to ensure that no car will ever be stolen again.
And just think how environmentally friendly that'll be. Maybe people will stop having so many babies to protect their sphincters from being implanted. That'll be super good for the environment.
That's all bullshit because we already live in a panopticon. Everyone's physical movements are tracked, facial recognition works even on partials, there are HD cameras everywhere, continuous uploads of videos to TikTok and Instagram mean fugitives can no longer hide in the public world. Phones, Alexas/Homepods, vehicles etc can be remotely converted in to bugs with a court order (and a bunch of other devices probably are without.)
Whether its car thieves or drug dealers, these exist in the West today by explicit choice, not because it is impossible to stop.
This is conspiracy thinking. Parliament and HMG specifically allow car thieves to impoverish every car owner because ... why?
The previous Prime Minister suffered a bout of unemployment because he was unable to get a handle on the cost of living crisis. Would have been great if he could have gotten car insurance premium downs before the election. Ditto with the current Prime Minister.
> This is conspiracy thinking. Parliament and HMG specifically allow car thieves to impoverish every car owner because ... why?
Because they have no interest in preventing this? It's not that they want this to happen (which would be a conspiracy), it's just that they don't care. The surveillance is built to protect the state, not the citizens.
A guy who worked his whole life to become Prime Minister has no issues with becoming unemployed. I’m skeptical.
> because ... why?
There are official explanations
https://www.cbc.ca/news/canada/toronto/stolen-truck-authorit...
and reddit can show some 'conspiracy'. Conspiracy ones sound more plausible.
Wow, no mentions of banana.
I'm bit more sympathetic to this type of argument than most of HN. Looking at what happens in The Wire, you need a judge to allow the wiretap, right? It's not just a willy-nilly cops-can-see-anything system, right? Though it has happened from time to time that since stuff is digital, people have taken a peek when they weren't supposed to. For instance, there was a case over the summer where someone was looking up people in the Danish CPR database, unauthorized.
But I also think this won't be the same as wiretapping. That was based on an old telephone system that was very much tied to the technology of that time. In particular, it wasn't encrypted, being just a straight up analog circuit. The bad guys couldn't do much other than use code words, or security by obscurity.
With digital, anyone can encrypt, and the cost of decryption is super high. I'm not sure what Snowden said about it, but I think it's fair to say that very few messages could be decrypted.
So what will happen? We will all send our decrypted chat messages to the man, and the bad guys will just write their own chat app, which will be encrypted. Nothing illegal will ever happen on the public channels, which from time to time will have some idiot looking at his ex-girlfriend's messages, while the drug lords just write encrypted messages that probably aren't even recognized as chat text.
In the Wire the police couldn't directly access phone conversations despite them being digital because phone companies needed to see a warrant before handing over any data. That would presumably be the case here as well, communication providers would have to service warrants.
Is it possible for this to be abused? Almost certainly.
Do I think this is a good idea? No I do not.
Despite me mentioning it 10 times, I can mention it once more. I'd prefer communications to remain private. I'm only pointing out ways it hurts society, and why police would like to return to the status quo ante where they could obtain a warrant to surveil criminals.
A huge part of the problem in Sweden, and overflowing to Denmark, is that teenagers are getting hired as hitmen via open channels, told to install Signal, and then communications go dark. If these teenage would be-hitmen had to first roll their own high grade crypto before they could apply, the supply would be reduced.
I don't think this will stop these people. I'm fairly sure I could write some web app, or in an extreme case, provide my team of car thieves with dedicated hardware that just illegally encrypts messages.
I think these laws are simply to catch everyday people chatting about illegal stuff on a phone without any preparation.
Private communication is not that hard, nothing prevents a drug lord spin their own "signal" app, and since they are already criminal, another crime is not a big deaal, so making it illegal to use secure app is dumb. Also i love banana
> They're unable to do their jobs and are being blamed for the rise in crime.
The vast majority of crime is very dumb. Like the three guys who broke into my garage and tried to take my bicycle. The police however is not interested in that: not interested in CCTV recordings, not interested the license plate of the van they were driving.
If the police isn't doing even the simplest things, there's no way in hell they would bother decrypting their whatsapp messages. That's reserved for people targeted by the government, not to fight street crime.
Some of this is being marketed to law enforcement, though. There is a world being sold to law enforcement agencies by some tech companies that one day they'll just be able to click the face in the CCTV, or the plate on the van, and immediately be able to cross reference it with the decrypted messages and other records. Imagine how much more "efficient" that kind of law enforcement could be.
I am perfectly OK with the current level of crime and the current level of freedom. In fact, I'd be OK with slightly more crime in exchange for more freedom. Truth is the police often don't even act on the crimes that are provable using good old-fashioned detective work. So they have no leg to stand on.
In fact, freedom to break the law, revolt and even kill people is necessary for a functioning democracy. The fourth box of freedom is the final check and balance. If enough people (over half the population) determine that the government is corrupt, they need to be able to overthrow it.
And that required and armed population and the ability to organize. Yes, this also helps criminals. Yes, sometimes innocent people will die because the wrong people also have access to guns. That's all the more reason to be able to fight back, both against bad people and against the government.
History repeats itself (with minor variations). People don't value their freedoms, let them be eroded by those who are attracted to power for power's sake, they get abused, and finally either they get fed up and start a revolution or the state functions so poorly it gets invaded.
We're at the stage where freedoms are getting eroded more and more noticeably. I would very much prefer to break the cycle before it comes to rifles and drones.
To point out the glaring holes in your comment:
- Criminals will still use encryption even if its against the law, given they are criminals
- Denmark is one of the safest countries on earth and every year crime has been declining for decades. Even your property theft example is a declining occurrence in Denmark: https://www.statista.com/statistics/1178977/number-of-report...
Given property theft is down and encryption has been available for the entire time period of that chart -- do you have any actual steelman for why Denmark would need this, absent a thirst for power/control, especially now?
> watch/rewatch The Wire (2002-08), except make it impossible to tap the communications of the drug gangs because they're all using encrypted messengers with disappearing messages
The drama of that show was principally derived from the fact that the gangsters never so much as spoke near a telephone. The idea that you're going to force a backdoor into whatsapp and the gangsters are going to throw their hands into the air and turn themselves into the police is frankly idiotic. Criminals already use special apps and hardware to communicate more securely. They will continue regardless of what the law says they can do, because they are criminals. The idea that the rest of us should give up secure communication in order that gangsters can still find ways to communicate securely reaches the level of insulting. The cat is firmly and safely out of the bag on wiretapping gangsters.
I lost count how many times the "lets get rid of encryption" plans have been tried and failed. It's truly ridiculous how these people don't understand anything about encryption and somehow still think this is a good idea.
How is it possible that after years of discussing plans like this, they still managed to not listen to anyone who knows anything about encryption and online safety?
Makes me really worried about the future. There is a lot going on in the world, and somehow they feel the need to focus on making our communications unsafe and basically getting rid of online privacy.
The goal they are trying to achieve is good, but the execution is just stupid and will make everyone, including and maybe especially the people they want to protect, less safe online.
The age verification thing is another example. All it does is send a lot of sensitive traffic over cheap or free VPN's (that might be controlled by foreign states). Great job, great win for safety!
I do not agree with you that they have good intention or have good goals. They know what they are doing, and they are doing it to gain control. I think by saying they have good goals, but they don't know better, we are down playing the danger. They know what they are doing, and they are doing it to have more power over people.
I agree with you (i.e., I share your belief that the whole "safety" argument is a bold-faced excuse to just gain more control and surveillance power over the population), but I believe that the parent comment was just trying to be extra charitable to those pushing for the bill.
I think it is fair to give the opponent's position (which both you and I believe is in the wrong) a steel-man argument treatment, by assuming the best possible interpretation of their argument (even if they don't imo deserve it, and you don't believe in their stated intent).
The approach makes sense to me, as attacking and debating genuineness of someone's intentions is an endless rabbithole. So if you have an option to decimate their case, all while assuming their stated intent to be truthful and genuine, that's a pretty solid way to actually move the needle on the argument in a desired direction.
This! Very well explained.
They have evil intentions, but they are also idiots. The nature of an authoritarian government is one that requires maximizing control for survival. As a particular country shifts to a more authoritarian government, and those people who enabled dumb ideas fall out of power (right, left, or whatever) those same tools will be used by their political adversaries to control, imprison, or kill them.
Why are they idiots? Because western Europe is not yet authoritarian and thus there is little personal benefit to hasten a slide towards it, there are so many other ways to gain power in a free society. (I wouldn't bet money that Europe will remain free in 25 years.)
There is a secondary problem here -- anything that decreases the information security of European countries hands more power to the US and China (and to a lesser degree other nations with advanced infosec capabilities like Russia and Israel.) If you are European (I'm not) the first thing that should be done is investigate the people pushing this stuff.
Everyone thinks they have good goals, and that they are the ones who won't abuse the power given to them. History shows otherwise time and time again.
> good intention or have good goals
People need to understand that some people are abusers by nature and mentality, some from birth, some by upbringing. And they crave power.
The sayings like "those who want power rarely deserve it" exist for a reason, except until the last few decades we didn't have a good enough understanding of psychology to explain why. Now we do. Some people have anti-social traits and they should never be allowed in positions of power because they are mentally ill.
Difference is "normal" mental illness like psychosis is harmful to the individual who has it. Anti-social mental illness is harmful to those around them, especially those under them in hierarchical power structures.
It’s right there in the name: Chat Control. Take them at their word!
Look at Australia’s “hacking” bill. It was about letting the government hack (take over) your account and post as you. The “hacking” referred to ahat THEY would do — to YOUR accounts:
https://www.accessnow.org/surveillance-state-incoming-with-a...
Australians even made a movie about a dystopian future:
The name is "Regulation to Prevent and Combat Child Sexual Abuse".
"Chat Control" is not an official term, but a name chosen by critics of the law.
wonder if opposition should first fight for an addendum to correct the title in all those double speak laws, and then fight to curb it.
The seeming trend that worries me the most these days is the lack of competence at multiple levels of society. Our leaders, their supposed subject matter experts, the people doing "the science" all seem to be demonstrably incompetent at their jobs. I don't know if this is an actual trend or just the perception of one but it's concerning either way.
"the science" I don't agree with this part, and I think it's quite dangerous to rope that in.
Science is not one way of thinking, it's a methodology, it's seeking truth. There might be bad actors and idiots, there is likely lots wrong, but the beautiful thing about science is that facts matter. If someone publishes bullshit you can repeat the study and proof them wrong.
That science is (wrongfully) taken as justification for stupid things, is not on "the science" as a whole.
If anything makes me hopeful, it is science and the remarkable developments happening.
Why do you call them "leaders"? They are "people in positions of power".
I don't understand where this desire to be led comes from. Other people do not have your best interest in mind. I want others to get out of my way, unless we have a conflict of interest and then we _might_ need a third party to resolve it. But I certainly don't need or want to be led.
Because I fundamentally disagree with the whole "power" is everything dynamic that seems to crop up here. They are leaders because people follow them. The only power they have is the power that others give them. Leaders captures that better than "people in positions of power".
you think it's bad now
wait until they start all using "AI", that'll agree with everything they say
You're absolutely right. Competency has lost its value.
When was the last time you heard someone praise someone else's competency?
>Competency has lost its value.
Sycophancy, however, will always gain.
Key enablers that ensured those plans fall apart were PC platform and default code freedom on it. It doesn't work because anyone can just compile the clean versions of apps using gcc, on PC. Same cannot be guaranteed on Android and is not even happening on iOS.
We shouldn't have shrugged off the weird feeling of shackles on our wrist when iOS(iPhoneOS) was first released. We should not have relied on geohot stopping by and dropping a jailbreak he found. We should have voted to force it open by law.
cannot emphasize this enough. Workarounds were always tolerated because they silenced the potential competition until the frivolous features that people did it for (namely customization) were all available by default, closing the door for what Apple actually hated (side-loading). They are expert software politicians, just look what they do with the EU's open-ecosystem demands
The proximate goal they're trying to achieve is mostly irrelevant when compared to the broader technical goal. That goal is to force all messaging systems to re-architect so they include a "bump on the wire" that hosts a scanning mechanism sophisticated enough to recognize novel (unknown) image content. This implicitly requires re-architecting these systems to contain neural-network image classifiers that operate over a model that's kept secret (to the user/client.) Everything else is sort of irrelevant compared to the implications of this new architecture.
The "good news" for now is that the systems deployed in this model won't classify text, only images and URLs. The bad news is that the current draft explicitly allows that question to be reviewed in the future. And of course, once you've re-architected every E2EE system to make image scanning possible, most of the damage to cybersecurity is likely already done; a year or two down the road, text scanning will probably be viewed as a modest and common-sense upgrade. I expect that folks who object to text scanning on cybersecurity grounds will be informed that the risks are already "baked in" to the image-scanning model, and so there's no real harm in adding text scanning.
Leaving aside the privacy issues, this is basically an existential national security risk for Europe. It's amazing to me that they're walking right into it.
> I lost count how many times the "lets get rid of encryption" plans have been tried and failed.
They only need to succeed with it once, so they'll keep trying again and again.
That's exactly why it's very important to raise awareness about it everywhere.
> Makes me really worried about the future.
It's important to remember that government is not your friend, isn't meant to be, and never has been. It's a machine of control that needs to be held in constant restrain by the population. Obtaining more control is the expected behavior of those who come into power, shown through all of history.
What is progressive about rampant decontextualized chat? I read these anti-control statements by what appear to be tech zombies who know nothing about the tech being promoted. LLMs/ML are based on faulty, Western units that are about defining reality in individualistic, material terms, lacking interdependence and relying on arbitrariness to destroy that chance for shared experiences.
If governments are leery of LLMs for the wrong or right reason and the industry and technology lacks any kind of grasp of what it is and what the inputs are, then BOTH are wrong and the tech needs dismantling.
If the decontextualizing of communication is epidemic, as it appears to be in Chat, then the industry has failed not grasping the first thing about the technology.
This is about power of the state over the individual. Full stop.
all of this is basically irrelevant, given that the type of ppl who this legislation claims to target can always just resort to email + pgp or some such, over which governments don't really have any meaningful control...
The fact that it instead applies to 99.999% of the population is not exactly irrelevant
My guess has been an unholy alliance between 'IP holders' like Hollywood (and increasingly games), and the surveillance industrial complex.
Add in the fact that both China and the US already have practically near omniscient digital oversight of everything their citizens do through server and OS level backdoors, the uninformed politicians in the EU/UK are easier to tempt by lobby groups crying in the name of the children.
No, this is not corporate lobbying responsible. Stop giving your beloved politicians an out and acknowledge they do not have your best interests at heart, only a thirst for power.
The buck stops with the politicians signing this into law.
Of course, I almost forgot.
No better way to quench your thirst for power than to choose to go into Danish politics and move up to EU politics to herd 500 cats to be in favor of some legislative surveillance scheme that, if implemented, you'll immediately lose all control over to different technocrats.
I'm sure you'll find somebody who fits that bill, but since it's a democracy, we're more interested in why the other 45% went along with it because they can be reasoned with.
> The goal they are trying to achieve is good, but the execution is just stupid and will make everyone, including and maybe especially the people they want to protect, less safe online.
If so, the best way to stop that is to sugest a good way to achieve the good goal.
How would solve these good goals?
Ban targeted advertising, let social media companies die.
It is perfectly possible to encrypt a message such that two different keys can decrypt it. There is nothing in modern encryption that makes that impossible. See https://faculty.cc.gatech.edu/~aboldyre/papers/bbks.pdf and many others.
So your chat app encrypts your message with the recipient's public key and the state's public key.
Hey presto, you have a message which cannot be read by someone who casually intercepts it. If the state seizes your message - or records it for later analysis - they do not need to break encryption. There's no plain-text version laying around for anyone to sniff.
Is this a good idea? No. Even ignoring the civil liberties aspect, we know that key management is extremely difficult. A leak of the state's private key(s) could be devastating.
But let's not pretend that this is somehow technologically impossible.
>>> A leak of the state's private key(s) could be devastating.
Preventing this leak is what's technologically impossible. A leak includes when the government that's keeping the keys decides to start abusing their access to the data.
It's really hard to say whether something like that is impossible.
I'm not aware of, for example, Google's private signing keys for Android being leaked. Sure, plenty of CAs have been breached - but not all. That suggests it is possible to key these keys secure.
That's fair. But it turns "possible" into a statement about a company's or government's expected degree of restraint, rather than a mathematical statement about the robustness of an encryption scheme.
The famous case is what happened to government birth records when the Netherlands were overrun by Germany in WWII. They weren't even encrypted, but mere transfer of access led to tragedy.
> Sure, plenty of CAs have been breached - but not all. That suggests it is possible to key these keys secure.
"Sure, plenty of people lose at the casino - but not all. That suggests it is possible to find a winning strategy."
Why would someone want to breach Google's private signing keys? It's easy enough to get malware signed just by submitting it through their ordinary processes.
A better analogy would be the keys used by Microsoft to secure Outlook inboxes.
> Preventing this leak is what's technologically impossible.
Is it? Put the key in a TPM module in a well guarded server in a well guarded datacenter. Have the prosecution send the encrypted blob to the server and then receive the messages in clear from the server.
That way, there is absolutely no way the private keys can be leaked.
When people say it is impossible, they clearly mean it is impossible to do in a way that isn’t entirely broken by losing one key. You know this and please don’t pretend that you don’t. When competent cryptographers say the word impossible it has a very clear definition.
But how is that any different from the intended recipient losing control their key?
Take a look at the number of people who lose their crypto keys and watch their money vanish.
All encryption is broken by the virtue that key management is impossible for most people.
The intended recipient does not hold a master key to an entire nations communication. That's the difference.
One person losing control of their keys only really affects them and people they talk directly to. The government having some super key(s) that access everyones messages affects everyone.
The govt key decrypts everything, real-time and stored/archived, sent in that nation during the time it is in use, and that key is in use in multiple places/machines, and is in an org that is a high-profile target for many other reasons (so could likely be exposed in a crack that initially had other purposes.
In contrast, a person's key can decrypt only that person's messages, is used only in one place (usermset of machines), and is a generally low-value target.
Insanely huge difference between losing a person's key vs the key to an entire nation's communications, even if it is the key of the nation's president -- still far lower value & consequences (start with: if you have the nation's key you can decrypt the president's comms anyway).
> It is perfectly possible to encrypt a message such that two different keys can decrypt it. There is nothing in modern encryption that makes that impossible.
Not really, any more than it's possible to write a message that says the same thing whether you read it in English or Swahili. You might be able to do it once as a novelty, but the approach won't generalize.
There are multiple-recipient schemes, but they don't rely on using two different keys to decrypt the same message. Instead, you encrypt the message (once) using a (single) symmetric key, and you prepend a bunch of different messages saying "the symmetric key is xxxxxxxxxxx", one for each intended recipient. Those are encrypted with keys specific to each recipient, and each recipient has to attempt to decrypt them all and select the one that decrypted successfully.
The paper you link appears to be discussing an entirely different problem: its definition of a "multi-recipient encryption scheme" does not contemplate sending the same message to several different recipients:
> There are n receivers, numbered 1, ..., n. Each receiver i has generated for itself a secret decryption key sk_i and corresponding public encryption key pk_i. The sender now applies a multi-recipient encryption algorithm to pk_1, ..., pk_n and messages M_1, ..., M_n to obtain ciphertexts C_1, ..., C_n.
> Each receiver i can apply to sk_i and C_i a decryption algorithm that recovers M_i.
> We refer to the primitive enabling this type of encryption as a multi-recipient encryption scheme (MRES).
Note that there is no requirement for anyone other than recipient i to be able to understand message M_i. As described, all encryption schemes are multi-recipient encryption schemes, because you can just consider each message M_k individually and encrypt it to recipient k using a single-recipient scheme.
Are vpns controlled by private companies safe?
Depending on meaning of "safe". They all need to comply with law enforcement data requests.
Partially it is new corrupted people getting bought in positions of power. There is interest behind this stuff that we have not eradicated. As long as that is allowed to continue, we have to take down one puppet after another. A new puppet is already waiting for their chance to make buck campaigning for the same shit again. After some years in office they don't care what happens to society afterwards. They only care they got their fat paychecks and post politician positions in management layers of big corp.
And we elect their parties and these people over and over again, instead of making them utterly fail the next election. Too many of us do not see through these thinly veiled attempts and too many of us are too comfortable to vote them out.
Isn’t the point of Chat Control to scan on the device so that they can say encryption isn’t affected?
Chat control opens an additional data channel where messages are sent through, if the detection algorithm finds something suspicious. It effectively makes encryption useless, because someone else, who shouldn't be part of your conversation, is also able to read your messages.
I don’t understand how people like you continue to grant good faith to government.
You are the people who make this kind of repeated attack on freedom possible.
I think you're confusing technical encryption with the privacy of encryption.
For example, let's say I implemented a CSAM-scanning AI model in my chat app, which runs locally against your message, before communicating the message over an encrypted HTTPS channel. If the message is flagged, it can be sent over an encrypted HTTPS channel to authorities, on a secondary separate connection. At no point, did it leave the device, in unencrypted form.
Is that message encrypted? Yes.
The way that you want? No.
Governments have recognized this distinction, and have figured out they can have their cake and eat it too; the security of encryption with none of the privacy.
>If the message is flagged, it can be sent over an encrypted HTTPS channel to authorities
okay, but how do you prevent me from intercepting that communication.
Or even running my own copy of the local model and determing ahead of time whether it will trip the alarm. If the attacker has access to the model, they can effectively make a GAN to modify images to get past the filter.
Or even just having a proxy that pretends to be the official service but that just drops the reported messages.
> In cryptography, encryption (more specifically, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode.
From Wikipedia. They can’t have their cake. You are breaking the concept of information into smaller steps (e.g. message) when that is against the definition.
Governments don't define encryption that way - they define encryption as the process of transforming information in a way that, ideally, an adversary cannot decode. Messages are unreadable if Russia hacked Vodafone, or China hacked Verizon, that kind of thing.
There's a significant difference there between a government's definition and Wikipedia's idealism. Or, even if they subscribed to the Wikipedia definition, they would say they have the legal right to be an authorized party.
Creating new words and definitions doesn't justify any initiatives. The point is that they try to mislead the common people. So we can't really say that "someone is confusing the terms", when the entity in question just created the new definition?
It works, because you already tried to argue with that. And it is not the Wikipedia. The whole existence of encryption is evolved around the concept of information. And even the government's definition can be argued, because the adversary is defined by the sender and the receiver, not by anyone else.
When there is law, then the definition matters and there is legal stand, but before that, it is just an initiative which tries to mislead.
Another example of such degenerate-encryption would be having messages "end-to-end" encrypted, but a copy of the key is kept by a service-provider or even sent in advance to a government agency.
People usually mean "end to end encryption" in these situations, and by adding a third "end" to the system, you bypass the whole point of end to end encryption.
My above example is end to end encryption compatible, it's just that you don't get to pick the end it might go to. However, the connections between ends are still encrypted. As such, it passes the technical mathematical definition (one end having a direct pipe to the second end, with nothing possibly in between), but not the philosophical one.
Governments have never cared about the encryption philosophy; only the math aspects and international risk - which, in this example, are technically satisfied.
> these people don't understand anything about encryption and therefore still think this is a good idea.
Fixed that for you.
I suspect the primary reason that people in this position fail to understand anything about encryption is that it is their job to do so.
> they still managed to not listen to anyone who knows anything about encryption and online safety
Why do you assume something like that? Do you actually know the arguments that the parties in favor of this kind of regulation are presenting? And can you dismiss them based on objective facts?
> The goal they are trying to achieve is good
That is what should be, in my opinion, the basis of this discussion. Assume good intentions and try to work out with the parties involved to achieve the goal in a reasonable way. This is the way, I believe.
Hand-wavingly dismissing other party's arguments would be in my opinion disingenuous.
>>Why do you assume something like that? Do you actually know the arguments that the parties in favor of this kind of regulation are presenting? And can you dismiss them based on objective facts?
The moment anyone brings up the whole "just put a backdoor in that only we can access" despite years of people who actually know better saying that's not possible, is the moment when any further arguments become moot and not worth any further engagement or assumptions of good intention.
That's the single argument all these stupid "chat control" like proposals are based on.
> just put a backdoor in that only we can access
Who is arguing for a backdoor? Do you actually know what are the proposed technical approaches or are you making assumptions?
> people who actually know better saying that's not possible
What is not possible?
> all these stupid "chat control" like proposals
For example here, you make your argument by stating that these proposal are "stupid". There is no effort that I can see to even try to understand where the other party is coming from.
And that is an issue, in my opinion. I think that a productive and honest conversation about a complex issue like this one requires empathy with the other party's position.
I'm not assuming anything, I work in software development. In this industry we spend ungodly amounts of time and resources to attempt to keep data safe, and create systems like the ones proposed to flag and handle malicious activity of many kinds. I think I know quite well how hard it is, and how easy it is to get it wrong, with potentially very real consequences.
The only things being handwavingly dismissed are the collateral damage, side effects, very real risks, and concerns about the effectiveness of the proposed solutions.
> Why do you assume something like that?
This is very easy to answer. Just look up what all the responses were, for all the times this kind of stuff was proposed.
After the 10th time you assume good intentions and they still try to do the wrong thing, are you a fool or a helpful patsy?
Why risk all of the good the EU has done with such a catastrophic proposal? This would come close to nullifying the entire endeavour.
EU gets infiltrated by corporate interest just like every single country's government does. It's a constant fight against lobbyism and financial interests opposing the citizens' rights. I wish it wasn't so, but greed knows no bounds.
What exactly is the plan? To mandate some client side checking so that transfer encryption backdoors won't be needed?
At what level would you need to do that? E.g. for iOS and then iOS need to comply with every app store app having it or else they can't operate in the EU? Is that the plan?
Every chat application must comply by law and companies which make them without government permission will be made criminals. It's similar as the UK Online Safety Act: 4chan staff will be arrested if they ever touch the UK soil.
No one has really pointed forward a convincing explanation of who is behind this movement. The idea that this is the police is ludicrous to me, I don't know every european country but my overall opinion is that they have very little sway over anything.
I am in a group of high civil servants for digital services in France and strangely no one seems to have heard about the project despite these people drafting most of France's position on numeric policies.
My view is it is probably more about mass control (avoiding a movement like Gilets Jaunes and the like) than anything else.
What’s the endgame here, with porn, chat control and age verification occurring globally, when will this end and where will we end up? What are the realistic outcomes?
The end game is politically controlled speech. First you can't share porn, then you can't share violence, then you can't share police abuse, until it starts to creep into the world of anything unflattering to those in power.
And of course, it will all be under the guise of safety and harm reduction, but the veil will keep getting thinner and the amount of things covered more comprehensive
We are way beyond that. In certain european countries you cannot legally share privately a sentence that would offend someone else.
Which certain ones would those be then? And which laws would it be breaking?
Last month, a Finnish court judged that using derogatory words in an email sent privately to the offended person counts as defamation.[1] When this was discussed in the Finnish Reddit [2], some found it unjust that it counts as defamation even though the message wasn't sent to third parties, but it is indeed how the law was written.
[1] https://www.iltalehti.fi/kotimaa/a/6c9a65fe-f706-449e-b0d9-1...
The hate crime bill in Scotland for instance.
Do you have any source for that?
Not the person you are asking but it is getting worse by the day [1][2]. Speech policing is becoming a higher priority than dealing with violent crime. Protests are also increasing in number and frequency.
[1] - https://nypost.com/2025/08/19/world-news/uk-free-speech-stru...
[2] - https://freespeechunion.org/police-make-30-arrests-a-day-for...
> you can't share porn, then you can't share violence
First Porn, Now Skin Cream? ‘Age Verification’ Bills Are Out of Control (https://www.eff.org/deeplinks/2025/03/first-porn-now-skin-cr...)
I'm not seeing the connection to censorship at all with the skincare and diet products. It's illegal to sell certain things to children because they've been deemed harmful. Same with legal (for adults) drugs. If you don't check ID before giving it to a child, that's a crime, and I expect you to be prosecuted, yes.
Actually the California bill seems absurdly weak, and it seems to be enough to just ask if they're 18.
The Washington bill is stupid for restricting creatine supplements, which the evidence indicates provides physical and cognitive benefits with no real drawbacks. It's the one muscle building supplement that's actually known to work, and should be excluded like protein powder. But otherwise restricting people from selling dubious dietary supplements to children doesn't seem terribly wrong on its face.
Or, say… posting condemning comments about Charlie Kirk online..?
Not often mentioned but violence is the greatest enemy of people in power.
They always say stuff like "violence doesn't belong in politics", "violence is always wrong". But look at the French revolution, they had to cut the dictator's ("king's") head off to stop him from trying to get back into power. Look at the US for for independence, how many redcoats had to get shot before the UK decided it's not longer economical to keep oppressing the colony. Look at the assassination of Reinhard Heydrich, a public execution of a mass murderer.
And for now we're allowed to celebrate those events. Some are even national holidays. But we can not publicly discuss current events in the same manner. Those supporting recent assassinations or attempts usually get banned and many don't even dare voice their support. But there is some line where the fourth box of liberty _should_ come out. And I don't think we have enough freedom of speech currently to discuss where exactly the line lies. (Note to mods, I don't have an opinion on the recent shooting and this message is not related to it. I would have posted the exact same thing even if it didn't happen and have posted similar messages in the past.)
BTW this is funny: Brandon Herrera posted a video reconstructing the headshot by Gary Plauché where it's obvious both him and the commenters support the killing. He also reconstructed the, well, earshot by Thomas Matthew Crooks and denounced it. I wonder if he would support an assassination if it turned out Trump got, say, a massage with a happy ending from an underage girl trafficked by his friend. That would imply being a pedophile is worse than being a fascist[0] in his mind.
[0]: https://acoup.blog/2024/10/25/new-acquisitions-1933-and-the-...
---
Anyway, violence should be used carefully as a last resort but people in power are afraid of it because ultimately, no matter how much power they have, they still need a continuous supply of oxygen to their brain, which can be interrupted in a number of ways and the probability of such an event increases proportionally to the number of people they exploit.
Without the ability for people to have private conversations and organize politically in private, democracy is impossible. It wasn’t as much of a problem in the times when everything happened IRL, but now online is the default.
So the endgame is that an anti-democratic government eventually wins an election and uses its new tools to crush dissent and make opposition parties impossible.
Boot stomping on a human face forever.
Nobody is in charge. It's a headless blunder operating under the illusion of a master plan.
Or a small set of supranational entities that are responsible for creating the illusion of national entities are taking advantage of the headless blunder that are nation-states to execute their master plan in lockstep.
I mean yes, obviously. I just wanted an opportunity to use my favourite quote from The Cube (1997).
Do you have a license for this TCP packet?
Drink verification can to send a packet.
Residential ISPs will only transmit packets that have a valid device attestation signature from one of the well-known device vendors. "Unsafe" software won't get access to the devices' secure enclave to sign their packets, so their packets will either have to be transmitted in plaintext, or they'll be dropped by the ISP.
Probably.
That's why you need to diversify software ecosystems now.
The endgame is to kill independent media
If we're going to go this route can we at least re-introduce the fairness doctrine?
Easy. They really like what China is doing, but they can't because of that pesky democracy.
China is every wannabe dictator's digital wet dream.
A political party that is free from lobbyists and actually care for its citizens would be a good thing though. Number one reason of the decline in the west.
I think that decentralized solutions to the Web mostly suck because they're worse to use for the majority of people. But if the Web becomes useless for things people actually care about, decentralized solutions will creep in. People won't simply give up, the things that work will become better in the ways that serve prospective users.
That's kind of the worst case scenario, though, where bad politicians don't get removed from office. We can hope that most people will decide that enough is enough, or politicians will quietly back down when they realize they're dooming their own careers.
The worst case is when only approved hardware and software will be legal, and every level of infrastructure will be enforcing that. You can say good bye to decentralized solutions then.
Note how Apple is already a bit like that, banning certain torrenting apps even from alternative app stores [0]. I’m just mentioning that as a demonstration of the feasibility of such closed and controlled ecosystems. Now restrict ISP network traffic to packets signed by approved hardware, and there aren’t that many practical loopholes left.
Brazil's senate has already approved a bill, PL 2628, which is broadly similar to the UK's Online Safety Act, but also requires sistemas operacionais de terminais ("terminal operating systems") to implement age checks in a secure, auditable fashion.
The days where you could run whatever OS you want on hardware you own will soon be over. And you know what? There's not a damn thing any of us can do, so may as well just buy Apple gear.
Full government control of all digital media and digital communication.
Westerners always pointed fingers at China, North Korea and Russia, but in this case we are seemingly attempting to lap them.
IMO, the endgame is tyranny that we cannot escape. Something like stasi on hi-tech steroids. Such a tyranny can only be possible if there are no places on earth we can escape to and if domestic survelliance is so comprehensive that potential threats are eliminated before those threats realise what they are up to. In such a state, when there is neither external no internal pressure, the tyrant can rule for centuries. The thing is, there is a nontrivial number of those among us who prefer this way of life, and they are very capable in achieving their goals.
The realistic outcome, most likely, is mDL (mobile driver's license) automatically being passed through from your OS, to your browser, to the website. This will make compliance with age verification requirements easy, in addition to making ban enforcement and blocking crawlers/robots/spam much easier.
There's already a W3C browser standard in development - The Digital Credentials API. Apple is adding support for "Verify with Wallet on the Web" in iOS/macOS 26. Chrome is currently rolling out Origin Trials.
https://digitalcredentials.dev/
https://www.w3.org/TR/digital-credentials/
https://developer.apple.com/videos/play/wwdc2025/232/
https://developer.chrome.com/blog/digital-credentials-api-or...
On the flip side, there's no anonymity. Welcome to the real Web 3.0 - an internet which has been finally put in a box, for better and worse. An internet which is finally forced to respect national laws, for better and worse. An internet where what you say online, will be treated with no difference than if you had said it in person.
From the second link:
> The privacy considerations for digital credentials are not static. They will evolve over time as the ecosystem matures, and may be informed by the behavior of other actors in the ecosystem, improvements in other layers of the stack, new threats to user privacy, as well as changing societal norms and regulations.
Boil the frog slowly and carefully, and look out for opportune moments that could help to speed up the process.
The Semantic Surveillance Web
> An internet where what you say online, will be treated with no difference than if you had said it in person.
It's 1984. Surveillance in your home so you only speak the government speak. If you criticize the government or the genocides commited by them you're "doing hate speech/wrong think" and you'll receive the cops at your door to be disappeared without recourse
The populace will be told you were evil and no one dares question too much or they will be next.
Or we can tell them to fuck off and stop buying into every little crisis and fake right v left fight they try to sell.
The goal is always to suppress the ability to dissent political.
It was trialed during covid and people absolutely cheered for this type of control.
Now it's only a matter of time unless people accept that it's never acceptable. Not even with "perceived threats". Covid passes and social scores to do activities where absolutely a wet dream for govs and corporations alike. The corporations that benefit from government mandated tools love getting free money and governments love control. They know the tools never spy on them, and that's why everytime they're the ones committing crimes or ignoring their rules it's "a mistake or nothing to see here".
On sufficiently long time scales, there is only one realistic outcome: the internet will not tolerate censorship and will not abide state control. It is bigger than people and computers; it's an evolutionary force.
This goes even beyond the delusions that we believed in the 1990s which have been proven embarrassingly naive.
But I wish you were right.
What happened in Nepal earlier this month proves that a brighter future is possible, if people get fed up enough.
Does it? Some parts of the world have revolutions every other week and are still jot as good as anything we have in the west despite our massive flaws
Revolution simply rolls the dice again. In states which used to have functional institutions and the organizational memory is still present, they can lead to good outcomes. In states which never had them, they cannot be created out of thin air.
A historian called Sarah Paine explained this nicely with examples of how the occupation of Afghanistan failed to create democracy but the occupation of post-WW2 Germany succeeded because Germany used to have a democracy whereas Afghanistan never did.
In this particular context, the recent Nepalese revolution succeeded in overturning attempts to limit citizens' communications, i.e the Nepalese equivalent of "Chat Control".
Since this is EU level legistlation and blocking minority is already ignored (e.g. going in to the streets does not matter in there), it is much more difficult.
Maybe we should schedule a day in the future where everyone travels to Strasbourg/Brussels for a demonstration.
If an equivalent % of the population got in their cars, drove to Brussels and started setting EU government buildings on fire like in Nepal, things would change pretty quickly. The EU can only do soft totalitarianism because it doesn't have the kind of police force that a full-blown totalitarian state has.
Don't worry, they're working on that. Give it a few decades and generations to get personal locomotion automated and legislated out of the commoner's reach and they'll start ruling from highly secured ivory towers partitioned off from the public transit grid. Then resistance won't even be practicable in the numbers sufficient enough to cause disruption to the edifi of power.
And if you have enough young people, which Europe does not.
and what if a system of mediation can pick up the encrypted messages sent by dissidents and formulate a plan to crush the resistance? To government-for-hire companies, it's a service problem, not a systemic one.
Can we see the exact votes somewhere?
Notes are usually leaked by netzpolitik.org a few days after.
How long till we start sharing encrypted text files?
Tic, tac, tic, tac, tic, tac...
Mark my words.
If this could possibly work it would have already been implemented for DRM. It doesn't even really work if you have complete control over content distribution. I get that politicians want to be seen as being active in combating crime. But the only proven way to prevent creating and proliferation of CSAM is to educate the masses.
Why does Denmark hate citizens privacy so much?
The Nordic countries have always been into social control but Denmark adds a side of paranoid ethnonationalism into the mix which leads to some very strange values.
The current world is so crazy that I would easily bet that it is strange that a small country like Denmark is so obsessed about running all European privacy, and there might be hidden corrupt interest behind that.
I would but be surprised that US is pressured some people there.
...and Hungary, Belgium, Sweden before Denmark. All tried to pass it. The next in line for EU presidency is Cyprus, a supporter.
Viktor Orban likes this for obvious political reasons, as this can be used to spy opposition.
Name and shame the clearly corrupt politicians that are being paid by someone who wants to benefit from all the compliance bullshit that will come from it.
Disgusting pigs.
> Danish Minister of Justice and chief architect of the current Chat Control proposal, Peter Hummelgaard:
> "We must break with the totally erroneous perception that it is everyone's civil liberty to communicate on encrypted messaging services."
> Share your thoughts via https://fightchatcontrol.eu/, or to jm@jm.dk directly.
Denmark has integrated Palantir for the police, so the Minister of Justice is likely the one who pursuits it most.
More about Palantir in Denmark:
https://www.tandfonline.com/doi/full/10.1080/1369118X.2024.2...
Alan Wade started the data analysis company Chiliad with Christine Maxwell (sister of Ghislaine). Palantir was sponsored by In-Q-Tel while Alan Wade moved on to being CIO of the CIA.
People in the orbit of Thiel are in favor of getting Greenland, one way or the other. Good luck Denmark with your software.
1984 playing out in front of us. Again.
Politicians like Peter Hummelgaard are ghouls. They want their eyes in your home, watching you at all moments. And then they want to control what you do and see and think.
Defending our liberties and privacy is a never-ending battle.
The reptile-brained politicians really hate that we can think our thoughts in secret and communicate with each other in secret.
More likely they just really enjoy taking the money that private entities hand out like candy as a reward for pushing legislation that will cement their society-eroding business models for ages to come.