The Internet Watch Foundation, an organisation funded by almost all of big tech, is already at work pushing for client side scanning next [1], for the children, of course.
I feel like if people wanted to counter this push, the more effective route would be addressing the "for the children" motivations seriously rather than fully dismissing them. You could cut the legs out of this effort by capturing the part of the population that does have an honest desire to protect children by offering an alternative that actually protects children. Instead, that concern is treated as 100% disingenuous which pushes many normal people to the side of wanting to enact these controls. This is a political problem, you need to solve it with politics.
I know a number of people who have gone down this route, including Senators. For example, here's Senator Wyden's proposal to add $5 billion in mandatory funding to investigate and target sexual abusers [1]. The problem with these efforts is that they're expensive: fighting child exploitation requires enormous amounts of funding.
Guess what doesn't require billions of dollars? Mandatory scanning paid for by tech companies, followed by dumping the billions of hits they produce [2] on overworked police and clearinghouses that mostly ignore them.
Then fund the initiative by taxing those same tech companies. "This problem is hard or expensive to address" does not assuage the desire to fix the problem.
There are countless reasons to be against these chat controls, but it's easy for a layperson to understand how they would address their specific concerns. The only way to effectively counter that is providing an alternative that does a better job.
Why stop there? This system can easily be used to target welfare recipients, immigrants, LGBT+ people, black/brown/indigenous people, pretty much any disfavored group of choice!
You're just one election away from "that was during the previous term of office"
Funny, that Mullvad link, given their CEO has funded the Swedish Örbreo party. They've said all sorts of stuff including the very sanitized term "remigration".
Your comment doesn’t make it clear why supporting this party would interfere with making a point on mass surveillance. If there is a link could you describe it?
Kind of surprised they don't just pitch it as a way to root out Russian propaganda and right-wing extremism. Public opinion would shift overnight. They'd practically demand it!
Actually, what are the partisan leanings of the parties actually actively pushing this, since you’ve brought it up?
Despite being fairly left-leaning I wouldn’t automatically blame the right for this particular type of invasive nonsense… is this a centrist spawned nuisance, or something?
The Chat Control 1.0 rule is simply that organisations like Meta are allowed to scan messages if they want to. In other words your Facebook messages are not private from Facebook. Surely we already knew and expected that.
Chat Control 2.0 is the worrying one because it mandates scanning and bans E2EE.
These two things should not have both been given the same branding.
I think it's the contrary. People don't want Zuckerberg reading their private messages, and everyone in Eutope uses WhatsApp, which is advertised as E2E encrypted.
Therefore it makes Chat Control 2 a harder sell.
To be fair I think "<anything> Control" makes it pretty clesr it's nefarious. They missed the opportunity to call it "Chat Safety".
I think the name is meaningless to the average layman, therefore useless. Something like "(private) chat police" would probably transmit what this is about but is not as catchy.
I think that framing would be much more vulnerable to companies saying "no no, there's no human reading your chats, we just want to apply these fixed filters".
Not everyone. Politicians and all their communication are to be excluded, for they have decided it is obvious that we can trust them. It's just the rest of the world that is considered untrustworthy. This also absolves them from having to go through a trial period of having the software tested on themselves, so they will never have to know about any ridiculous false positives. Or worse: all the stuff they communicate which they never considered to be problematic - it would have been so nice if they had at least had such a trial run, for say, about one or two years, with anything that is being flagged open for anyone who wishes to see.
The problem with this software is at the very core of why any sane person should reject it; a company like Thorn has no incentive whatsoever to actually come up with something that would work properly, especially since the target demographic that is to be monitored, is European. No worries if some firmware update bricks a massive amount of devices. Good for business. And I bet the US Government would also prefer if they prioritized having the backdoors work properly for listening in, over having the software scan properly (taking all the cultural and linguistic differences across the continent into account) just so that it will be capable of actually flagging what it is (for now) meant to flag.
Having your entire infrastructure of digital devices augmented with surveillance software is a bad idea in itself, but it's sheer madness if you're having this done for the whole of Europe, by using an American software endlosung/solution that was pushed by a Hollywood-actor who was so genuine in his motivation to save the children... truly impressive show of tears for someone who had the chance to save a number of girls from his predatory co-star a long time ago, like, to save them for real, yet he chose not to intervene... Years later, he's with Thorn, but still what he knows best is acting, so instead of focussing on actual victims, he's acting as if he gives a toss about present day children, knowing full well he is selling a dodgy technology using horror-scenarios they actually invented themselves for this very purpose.
In subsequent years this has led to an actual increase in number and variety of perpetrators in the field of sexual abuse and/or trafficking of minors - where it was quite a niche field in crime before - niche and overall way more predictable, making it possible to prevent quite a bit of it, too. Thanks to the fearmongering and constant need for succesfull detection of victims (as it is the metric they've used for years to keep the people providing them with money and power excited about the project) it has become much more problematic. The efforts of groups like Thorn have so effectively spread these horrorstories by pushing them as 'news' using so many newsoutlets, that this in itself caused a whole new demographic of messed up people to act them out, making the horrors a reality.
All this should be enough for anyone to know that, if you're totally hellbent on having a thing like chat control implemented, doing so by choosing to stick with software sold by these people or anyone from their circles will be disastrous.
Yes but that's how all of these objectionable legislations are introduced - first it's voluntary, then they wait a bit and say "companies aren't doing it, we'll need to make it mandatory".
Easier to push through if the only thing they're changing is "may" to "must".
Perhaps in the future cars will not only record your face but also listen in for hate speech. Most cars have SOS and GPS modules so calling the police if someone in the car shouts a slur is just connecting some code together.
Why do you think this is only going to be in Europe? This will be the global norm modulo some astroid hitting earth or civilizational crash.
The trajectory is crystal clear: access to information (AI), control over personal finance (CBDC), privacy of personal communications (handful of big tech MITM in everything), metered social interactions (today China, tomorrow the world over).
Fortunately the US has not only freedom of speech in the constitution but also tens of millions of armed civilians that place a hard limit on how much control the government can have over people's speech. The only reason the Chinese government can achieve such control over speech is because it can disappear anyone who speaks against it.
It doesn't even need guns; Nepalese youth managed to stop social media censorship there just by going to the political capital and threatening to beat the MPs to death.
America may have tens of millions of armed civilians, but I'm not convinced that so many of them care about freedom of speech, particularly when it comes to people who they disagree with.
Has the armed civilian population done anything to protect constitutional rights? Last time a section of them mobilized, it was to overthrow a rightfully elected government.
They were unarmed and the government was and continues to be scared shitless of that "attempted overthrow" (with no weapons? Does anyone really believe that had any chance of succeeding?) to this very day.
Seems to me like that Second Amendment thing could be very effective with a sufficiently motivated population.
I think this should go one step further. If you don't praise the magnificence of your local EU politicians then your car's breaks will stop working and an electric shot will be administered to everyone presently in the car. That will satisfy EU-rocrats.
The coming revolution will be well deserved I think.
It is cheaper for the government to just lock the car doors for the length of your sentence. Saves them space in prison. You are allowed to use the McDrive twice a day. The windows will drop 8 centimeters, enough for a Big Mac.
Didn't Biden's big infrastructure bill already mandate that NHTSA develop regulations to require driver monitoring sensors starting next year? Or was that provision cut or reverted?
Hey, at least they can feel secure in the knowledge that they're not contributing to global warming by using AC and instead dropping dead by the thousands.
> The worst thing I have to hide is knowledge about my intentions, none of which are bad/illegal/immoral.
Correction: None of which are bad/illegal/immoral _right now_. The "I have nothing to hide" crowd will surely change their tune the moment any of their data starts to be used against them.
That would have to happen, and by then it's too late. The best historical example is, not to Godwin the thread, but Dutch Jews who registered with the government and then when the Nazi's took over, that information was used against them. Political expression online is relatively safe under the current regime, but who knows if a future regime will also feel that way. If you posted something online about immigrants or criticizing a politician that became illegal to express, where would you be? Seems far-fetched, but in the history of the world, it isn't. People would rather not get persecuted for saying something they said 30 or more years ago because a lot can change in that kind of time. What once was acceptable becomes not in the different light of decades later. I'm sure if you go back to the very first comments I've made here, you'll find something embarrassing, though maybe not illegal. (An ernest plea that information wants to be free, probably.)
Communication wasn't digitally indexed and recorded forever, historically, and something intimate I whisper to a lover or very close friends doesn't ever need to see the light of day.
The guise that there's a predator out there, trying to cocerce 13 year old children to have sex with them is a good cover by the government to gain this control, because how do we refuse that? Won't somebody think of the children? So we have to acknowledge that yes, there are bad people out there, and no, I don't support Prince Andrew or the Epstein class, but at the same time, in the history of government and abuses of power, Chat control is going to be used against you and I, and not the Epstein class.
This is about 1.0, which sounds ok - it basically allows providers a legitimate exception from data privacy laws to scan for CSAM in not E2EE communications. I reckon gmail, iCloud mail and the like already scan attachments for malware and emails for phishing scams, now they can also scan for child abuse.
"We decide on something, leave it lying around, and wait and see what happens. If no one kicks up a fuss, because most people don't understand what has been decided, we continue step by step until there is no turning back." -- Jean-Claude Juncker
Can anyone explain something? Since there are so many open source chat applications, what keeps anyone from "just" exchanging a key with someone else out of band, and then modifying the client so that it uses that key to encrypt all communication? I understand that this does not scale to big groups, but surely whoever is pushing this crap must have thought about this? Or is the idea that we will have completely locked down PCs as well ala android and ios so you can't run anything unapproved?
Nothing is stopping people from doing that. It’s just more inconvenient than other available options. If I were a politician trying to remove private communication, I would first pass something that allows scanning communications, then pass something that allows e2ee messages to be scanned, then make it illegal to use non-scannable e2ee messaging. People could still do it, but now they could be punished if they’re ever caught
What is the US legislation on this - I thought providers were already mandated to take action against distribution of CSAM, or is that only for public-facing posts?
Somewhat unsurprisingly too, since the negotiations about a more comprehensive CSAM legislation (the one that now doesn't contain chat control 2.0) isn't done yet.
The unquestioned view in certain circles - including here - is that when the EU/UK does something that chips away at people's online privacy, there's un ulterior motive.
It's entirely possible that politicians just want to do something about CSAM and young people having their mind twisted by social media. The electorate do seem to be keen on some sort of action.
Other governments across the Channel also want to protect children online, while at the same time dismissing thousands of reports of grooming, for fear of being labelled "racist".
The EU's position on privacy seems pretty consistent to me - they're against your data being monetized by private entities but not against building governmental tools to monitor private entities.
In good faith this could be summarized as "Personal data should be used for public safety but not for profit" - but that philosophy is definitely a strong contrast with the basic American philosophy towards civil liberties.
Not "access to ALL of your data". Also, as confusing as it might be, it is in the nature of EU (at least IMHO) to not have a clear position over multiple legislatures.
Maybe big tech weren't good a lobbying bureaucrats against GDPR but got better at lobbying in the EU for this. There's also been a slight shift towards authoritarianism in the last decade, which naturally love the possibilities of stricter communication control.
Children protection and russian propaganda are the tried and tested covers at enforcing age verification, message scanning, and probably any future pan-european surveillance network.
It seems fairly consistent, doesn't it? CC 2.0 is that the government must be able to access things, and GDPR has a legal basis exemption that is defacto used every time by government entities. The general idea is that private parties cannot consent to things to each other but that residents of a place consent to being governed by the government. e.g. you can't consent to having someone jail you; but you also can't opt out of jail by the government.
Personally, the politics of Europe is really not for me, but I can see why others might find it attractive. In the end, history will show us which path is adaptive.
There's no position on privacy. They make whatever laws the corporate laws and elites like, and that furthers their own bureucratic reach. GDPR is a good way to create a "compliance moat" against smaller players, and to give the EU bureucrats more power.
Not even that. The government outsources a lot of their functions, so a LOT of organizations have access to extremely private data, where necessary.
For example, Palantir gets access to "large and diverse (government) databases with Dutch citizens’ data for analysis" (including mental health treatment data) under the GPDR to help police in the Netherlands do terror investigations (from 2012 to 2019). I'm sure you can appreciate the wisdom and privacy-enhancement in that just as much as me!
There are large lists of private organizations that get access to government data about citizens ... every country has multiple (public and secret ones).
Oh, they also "failed to mention" this to parliament, and this was only discovered after a journalist got a tipoff and requested financial data about the deal ... for about 5 years. Of course, there was never even the slightest investigation into this.
The thing is that according to the Universal Declaration of Human Rights privacy and the right to private communication is a basic human right. And GDPR was literally enacted to enforce this human right.
Now one basic principle of democracy is that supreme courts are superior to the people in power. Someone needs to watch the lawmakers so to say. Because it could actually be that the European commission enacts laws that are illegal. And Chat Control 2.0 could actually be illegal because it violates the Universal Declaration of Human Rights. However, somebody has to take them to The Court of Justice of the European Union to test it.
I think the position can best be approximated as "companies should not be able to do this, but you should trust your government to do this to you". (That's a bad position that needs to be defeated every time it arises, but it's a consistent position.)
You don't have to use Amazon/Meta/Google. You have to use the government.
Let's not forget that these are the people and laws that are supposed to represent and help you, not the other way around. While private companies have no such obligation.
For now none of Amazon, Meta, or Google can jail you or legally do violence on you, separate you from your family, etc. Your sense of threat is extremely miscalibrated.
Not really. I know what you are playing at. The probability of the government being vindictive towards a single family, whilst not truly zero, is for almost all practical purposes zero.
The probability of a (my or your) child enduring harmful content, perpetuated and enabled by Meta/Google (in particular) is almost a certainty.
you want to provide unfettered warrantless access to all of your communications. ive been fighting against that sort of thing for approaching 40 years now.
what a crazy turning of the tides to see this comment in the gray.
i suppose the times have changed from when most people on the internet were cypherphunk. now it's common to see people say "i have nothing to hide, please scan all of my communications", unironically invoking "please think of the children".
lol, say someone publishes an E2E distributed extension to an existing chat protocol.
Are you going to arrest someone for writing code? Are you going to arrest people who use private communications? Sounds like a legislator carve out hot and ready to happen.
I get the point, ban E2E, OK sure, but what if some software is designed in such a way that the company doesn't provide it, but it just happens to be compatible with the protocol extension? Are you going to arrest the authors if they don't explicitly ban it?
It's all coming together:
Even if an open protocol was developed and published, and everyone would just use AI to create their own app in order to be private, Google is shutting down that path by preventing "unsanctioned" apps from being installed (not to mention Apple, which already does it).
People wouldn't be arrested for writing code, but as it happened in Spain, people with Pixels and GrapheneOS are already treated as drug dealers
Easier? You mean easier to duplicate? No need to split up the discussion. There's the link, welcome to continue discussing over there, instead of pushing the news back in front of the rest of those who may not have missed it.
Even if defeated, this is Terminator legislation - it will never stop coming back until it wins.
The Internet Watch Foundation, an organisation funded by almost all of big tech, is already at work pushing for client side scanning next [1], for the children, of course.
[1] https://www.iwf.org.uk/policy-work/preventing-the-upload-of-...
I feel like if people wanted to counter this push, the more effective route would be addressing the "for the children" motivations seriously rather than fully dismissing them. You could cut the legs out of this effort by capturing the part of the population that does have an honest desire to protect children by offering an alternative that actually protects children. Instead, that concern is treated as 100% disingenuous which pushes many normal people to the side of wanting to enact these controls. This is a political problem, you need to solve it with politics.
I know a number of people who have gone down this route, including Senators. For example, here's Senator Wyden's proposal to add $5 billion in mandatory funding to investigate and target sexual abusers [1]. The problem with these efforts is that they're expensive: fighting child exploitation requires enormous amounts of funding.
Guess what doesn't require billions of dollars? Mandatory scanning paid for by tech companies, followed by dumping the billions of hits they produce [2] on overworked police and clearinghouses that mostly ignore them.
[1] https://www.wyden.senate.gov/news/press-releases/wyden-eshoo... [2] https://www.hstoday.us/subject-matter-areas/cybersecurity/su...
Then fund the initiative by taxing those same tech companies. "This problem is hard or expensive to address" does not assuage the desire to fix the problem.
There are countless reasons to be against these chat controls, but it's easy for a layperson to understand how they would address their specific concerns. The only way to effectively counter that is providing an alternative that does a better job.
Interesting. It would be easy to detect hate speech client-side too I’d imagine. My phone already listens for certain words.
Why stop there? This system can easily be used to target welfare recipients, immigrants, LGBT+ people, black/brown/indigenous people, pretty much any disfavored group of choice!
You're just one election away from "that was during the previous term of office"
https://media.mullvad.net/web/chatcontrol2_en.jpg
Funny, that Mullvad link, given their CEO has funded the Swedish Örbreo party. They've said all sorts of stuff including the very sanitized term "remigration".
Good comic, but they're no longer credible.
Your comment doesn’t make it clear why supporting this party would interfere with making a point on mass surveillance. If there is a link could you describe it?
> for the children, of course.
Kind of surprised they don't just pitch it as a way to root out Russian propaganda and right-wing extremism. Public opinion would shift overnight. They'd practically demand it!
Actually, what are the partisan leanings of the parties actually actively pushing this, since you’ve brought it up?
Despite being fairly left-leaning I wouldn’t automatically blame the right for this particular type of invasive nonsense… is this a centrist spawned nuisance, or something?
The Chat Control 1.0 rule is simply that organisations like Meta are allowed to scan messages if they want to. In other words your Facebook messages are not private from Facebook. Surely we already knew and expected that.
Chat Control 2.0 is the worrying one because it mandates scanning and bans E2EE.
These two things should not have both been given the same branding.
>These two things should not have both been given the same branding.
the confusion is purposeful, because it is easier to convince people that 1.0 is okay, which makes 2.0 appear like a version bump of the same thing.
“Chat Control”, along with the version numbers, is a naming invented by the opponents, not by the proponents.
huh, i stand corrected. what a massive blunder in that case.
and they should not have done that
I guess calling it Chat Stasi would be too on the nose :/
https://en.wikipedia.org/wiki/Stasi
I think it's the contrary. People don't want Zuckerberg reading their private messages, and everyone in Eutope uses WhatsApp, which is advertised as E2E encrypted.
Therefore it makes Chat Control 2 a harder sell.
To be fair I think "<anything> Control" makes it pretty clesr it's nefarious. They missed the opportunity to call it "Chat Safety".
The name "Chat Control" is great because it implies a lockdown on free speech and the exact consequences that are going to happen to everyone.
I think the name is meaningless to the average layman, therefore useless. Something like "(private) chat police" would probably transmit what this is about but is not as catchy.
I think that framing would be much more vulnerable to companies saying "no no, there's no human reading your chats, we just want to apply these fixed filters".
That's suitable for Chat Control 2.0. Applying the same name to v1 just muddies the waters, probably intentionally..
Agreed.
Not everyone. Politicians and all their communication are to be excluded, for they have decided it is obvious that we can trust them. It's just the rest of the world that is considered untrustworthy. This also absolves them from having to go through a trial period of having the software tested on themselves, so they will never have to know about any ridiculous false positives. Or worse: all the stuff they communicate which they never considered to be problematic - it would have been so nice if they had at least had such a trial run, for say, about one or two years, with anything that is being flagged open for anyone who wishes to see.
The problem with this software is at the very core of why any sane person should reject it; a company like Thorn has no incentive whatsoever to actually come up with something that would work properly, especially since the target demographic that is to be monitored, is European. No worries if some firmware update bricks a massive amount of devices. Good for business. And I bet the US Government would also prefer if they prioritized having the backdoors work properly for listening in, over having the software scan properly (taking all the cultural and linguistic differences across the continent into account) just so that it will be capable of actually flagging what it is (for now) meant to flag.
Having your entire infrastructure of digital devices augmented with surveillance software is a bad idea in itself, but it's sheer madness if you're having this done for the whole of Europe, by using an American software endlosung/solution that was pushed by a Hollywood-actor who was so genuine in his motivation to save the children... truly impressive show of tears for someone who had the chance to save a number of girls from his predatory co-star a long time ago, like, to save them for real, yet he chose not to intervene... Years later, he's with Thorn, but still what he knows best is acting, so instead of focussing on actual victims, he's acting as if he gives a toss about present day children, knowing full well he is selling a dodgy technology using horror-scenarios they actually invented themselves for this very purpose.
In subsequent years this has led to an actual increase in number and variety of perpetrators in the field of sexual abuse and/or trafficking of minors - where it was quite a niche field in crime before - niche and overall way more predictable, making it possible to prevent quite a bit of it, too. Thanks to the fearmongering and constant need for succesfull detection of victims (as it is the metric they've used for years to keep the people providing them with money and power excited about the project) it has become much more problematic. The efforts of groups like Thorn have so effectively spread these horrorstories by pushing them as 'news' using so many newsoutlets, that this in itself caused a whole new demographic of messed up people to act them out, making the horrors a reality.
All this should be enough for anyone to know that, if you're totally hellbent on having a thing like chat control implemented, doing so by choosing to stick with software sold by these people or anyone from their circles will be disastrous.
As far as I remember, law enforcement officers or army people were to be exempted too
Yes but that's how all of these objectionable legislations are introduced - first it's voluntary, then they wait a bit and say "companies aren't doing it, we'll need to make it mandatory".
Easier to push through if the only thing they're changing is "may" to "must".
Tough week for euros. Cars that record your face while driving and now apps snooping on communications.
Perhaps in the future cars will not only record your face but also listen in for hate speech. Most cars have SOS and GPS modules so calling the police if someone in the car shouts a slur is just connecting some code together.
Why do you think this is only going to be in Europe? This will be the global norm modulo some astroid hitting earth or civilizational crash.
The trajectory is crystal clear: access to information (AI), control over personal finance (CBDC), privacy of personal communications (handful of big tech MITM in everything), metered social interactions (today China, tomorrow the world over).
Until the sun grows in a final blaze of glory and burns all Qurans at the same time for 100 million years?
Fortunately the US has not only freedom of speech in the constitution but also tens of millions of armed civilians that place a hard limit on how much control the government can have over people's speech. The only reason the Chinese government can achieve such control over speech is because it can disappear anyone who speaks against it.
It doesn't even need guns; Nepalese youth managed to stop social media censorship there just by going to the political capital and threatening to beat the MPs to death.
America may have tens of millions of armed civilians, but I'm not convinced that so many of them care about freedom of speech, particularly when it comes to people who they disagree with.
From the Chinese constitution:
Article 35 Citizens of the People’s Republic of China shall enjoy freedom of speech, the press, assembly, association, procession and demonstration.
Hahah, that's also what the Constitution of the Soviet Union stated. Tell that to everyone that got sent to the Gulag's for speaking up.
Has the armed civilian population done anything to protect constitutional rights? Last time a section of them mobilized, it was to overthrow a rightfully elected government.
They were unarmed and the government was and continues to be scared shitless of that "attempted overthrow" (with no weapons? Does anyone really believe that had any chance of succeeding?) to this very day.
Seems to me like that Second Amendment thing could be very effective with a sufficiently motivated population.
You say that like it’s a bad fnord
i am interested in hearing why you think it is not god awful
I mean, I get that these things are typically matters of opinion, but if you value things like freedom and privacy, these things are objectively bad.
I think this should go one step further. If you don't praise the magnificence of your local EU politicians then your car's breaks will stop working and an electric shot will be administered to everyone presently in the car. That will satisfy EU-rocrats.
The coming revolution will be well deserved I think.
Man, the paranoid ramblings every time the EU gets mentioned here really are something else...
Car could also become judge and executioner. Swift justice is just one curve away
Drive you straight to prison
It is cheaper for the government to just lock the car doors for the length of your sentence. Saves them space in prison. You are allowed to use the McDrive twice a day. The windows will drop 8 centimeters, enough for a Big Mac.
America is leading the way on that one:
https://arstechnica.com/cars/2026/07/two-teens-learn-the-har...
The car’s computer voice: John Spartan you are fined one credit for a violation of the verbal morality code!
This is called eCall, a fairly intrusive system built into even some motorcycles.
Danger, danger. Cannabis detected in the vehicle.
Well, it is some kind of social control. People who conform, have more rights than those who reject fascism.
Boy, do I have news for you: https://www.tesla.com/ownersmanual/model3/en_us/GUID-EDAD116...
Didn't Biden's big infrastructure bill already mandate that NHTSA develop regulations to require driver monitoring sensors starting next year? Or was that provision cut or reverted?
That provision did get removed, but only for ICE cars.
Hey, at least they can feel secure in the knowledge that they're not contributing to global warming by using AC and instead dropping dead by the thousands.
the children... :)
It's not particularly effective with school shootings in the USA.
what about...
More guns?
I wait for mandated methane sensor in everyone's anus.
Cars sold for the past years already record and transmit all your movements and telemetry, I'm sad to say.
Maybe they should pause on being such snobs towards American politics to take a long hard look at themselves.
Honestly, it is mostly a reaction to how society has evolved, for the worse. Rock and hard place.
The worst thing I have to hide is knowledge about my intentions, none of which are bad/illegal/immoral.
Scan away, I'd rather try to protect my children, other children from unscrupulous characters.
> The worst thing I have to hide is knowledge about my intentions, none of which are bad/illegal/immoral.
Correction: None of which are bad/illegal/immoral _right now_. The "I have nothing to hide" crowd will surely change their tune the moment any of their data starts to be used against them.
It is being used against me, but not my governments, by private enterprises :)
That would have to happen, and by then it's too late. The best historical example is, not to Godwin the thread, but Dutch Jews who registered with the government and then when the Nazi's took over, that information was used against them. Political expression online is relatively safe under the current regime, but who knows if a future regime will also feel that way. If you posted something online about immigrants or criticizing a politician that became illegal to express, where would you be? Seems far-fetched, but in the history of the world, it isn't. People would rather not get persecuted for saying something they said 30 or more years ago because a lot can change in that kind of time. What once was acceptable becomes not in the different light of decades later. I'm sure if you go back to the very first comments I've made here, you'll find something embarrassing, though maybe not illegal. (An ernest plea that information wants to be free, probably.)
Communication wasn't digitally indexed and recorded forever, historically, and something intimate I whisper to a lover or very close friends doesn't ever need to see the light of day.
The guise that there's a predator out there, trying to cocerce 13 year old children to have sex with them is a good cover by the government to gain this control, because how do we refuse that? Won't somebody think of the children? So we have to acknowledge that yes, there are bad people out there, and no, I don't support Prince Andrew or the Epstein class, but at the same time, in the history of government and abuses of power, Chat control is going to be used against you and I, and not the Epstein class.
For my fellow EU citizens, you can contact your representatives here: https://fightchatcontrol.eu/
I did.
This is about 1.0, which sounds ok - it basically allows providers a legitimate exception from data privacy laws to scan for CSAM in not E2EE communications. I reckon gmail, iCloud mail and the like already scan attachments for malware and emails for phishing scams, now they can also scan for child abuse.
cc 2.0 is a different beast.
"We decide on something, leave it lying around, and wait and see what happens. If no one kicks up a fuss, because most people don't understand what has been decided, we continue step by step until there is no turning back." -- Jean-Claude Juncker
It's still objectionable with a false positive rate of 50-80%.
Can anyone explain something? Since there are so many open source chat applications, what keeps anyone from "just" exchanging a key with someone else out of band, and then modifying the client so that it uses that key to encrypt all communication? I understand that this does not scale to big groups, but surely whoever is pushing this crap must have thought about this? Or is the idea that we will have completely locked down PCs as well ala android and ios so you can't run anything unapproved?
Nothing is stopping people from doing that. It’s just more inconvenient than other available options. If I were a politician trying to remove private communication, I would first pass something that allows scanning communications, then pass something that allows e2ee messages to be scanned, then make it illegal to use non-scannable e2ee messaging. People could still do it, but now they could be punished if they’re ever caught
Waiting to see what the Europeans do. They talked the talk. Let’s see what is the next move.
What is the US legislation on this - I thought providers were already mandated to take action against distribution of CSAM, or is that only for public-facing posts?
When is it coming online? I have seen so many of these headlines that I feel it's always about to kick in, but I never get any closure.
Had expired in April. This is a tentative of bringing it back up even though it expired after a number of previous extensions.
This was online already. It is existing law that is being extended rather then expired.
Somewhat unsurprisingly too, since the negotiations about a more comprehensive CSAM legislation (the one that now doesn't contain chat control 2.0) isn't done yet.
CSAM? You mean the system the Belgian state uses to identify children online?
(not even joking https://www.csam.be/en/index.html )
Fantastic quotes for services the Belgian government offers:
"Make your life easier with CSAM"
"CSAM ensures that everyone follows the same rules"
"If you are interested in a service CSAM has to offer, please go straight to our Contact page"
Hmm, so… what happened while it was online? Any scandals?
2 August 2021.
It already was in force, and EU states are presumably using it right now despite that being illegal. Only to protect the children, of course.
Give it time. I’ll see you in 5 years
I don't understand the EU's position on privacy. On the one hand, they enacted GDPR to give you control over access to your personal data.
On the other, they need access to all of your data.
The unquestioned view in certain circles - including here - is that when the EU/UK does something that chips away at people's online privacy, there's un ulterior motive.
It's entirely possible that politicians just want to do something about CSAM and young people having their mind twisted by social media. The electorate do seem to be keen on some sort of action.
This is being heavily pushed by certain actors so it's not just politicians wanting to do something about CSAM: https://balkaninsight.com/2023/09/25/who-benefits-inside-the...
Many abuse survivors and youth advocates strongly oppose Chat Control; here is one voice detailing why: https://www.linkedin.com/pulse/why-i-dont-support-privacy-in...
Other governments across the Channel also want to protect children online, while at the same time dismissing thousands of reports of grooming, for fear of being labelled "racist".
>It's entirely possible that politicians just want to do something about CSAM
except that honest-to-God child rapists get extremely lenient sentences in Western Europe and rarely (if ever) get deported afterwards.
The EU's position on privacy seems pretty consistent to me - they're against your data being monetized by private entities but not against building governmental tools to monitor private entities.
In good faith this could be summarized as "Personal data should be used for public safety but not for profit" - but that philosophy is definitely a strong contrast with the basic American philosophy towards civil liberties.
> basic American philosophy towards civil liberties.
Errrr, america does not look like country that cares about that. It does care about liberties of rich companies tho.
Exactly, that is the American philosophy being referenced.
Not "access to ALL of your data". Also, as confusing as it might be, it is in the nature of EU (at least IMHO) to not have a clear position over multiple legislatures.
This is a wedge.
The one that passed doesn't give them access to anything. It is different from the scary one.
Maybe big tech weren't good a lobbying bureaucrats against GDPR but got better at lobbying in the EU for this. There's also been a slight shift towards authoritarianism in the last decade, which naturally love the possibilities of stricter communication control.
Children protection and russian propaganda are the tried and tested covers at enforcing age verification, message scanning, and probably any future pan-european surveillance network.
It seems fairly consistent, doesn't it? CC 2.0 is that the government must be able to access things, and GDPR has a legal basis exemption that is defacto used every time by government entities. The general idea is that private parties cannot consent to things to each other but that residents of a place consent to being governed by the government. e.g. you can't consent to having someone jail you; but you also can't opt out of jail by the government.
Personally, the politics of Europe is really not for me, but I can see why others might find it attractive. In the end, history will show us which path is adaptive.
There's no position on privacy. They make whatever laws the corporate laws and elites like, and that furthers their own bureucratic reach. GDPR is a good way to create a "compliance moat" against smaller players, and to give the EU bureucrats more power.
It is simple. GDPR is aimed at private entities misusing your data. Keyword private.
Not even that. The government outsources a lot of their functions, so a LOT of organizations have access to extremely private data, where necessary.
For example, Palantir gets access to "large and diverse (government) databases with Dutch citizens’ data for analysis" (including mental health treatment data) under the GPDR to help police in the Netherlands do terror investigations (from 2012 to 2019). I'm sure you can appreciate the wisdom and privacy-enhancement in that just as much as me!
There are large lists of private organizations that get access to government data about citizens ... every country has multiple (public and secret ones).
Oh, they also "failed to mention" this to parliament, and this was only discovered after a journalist got a tipoff and requested financial data about the deal ... for about 5 years. Of course, there was never even the slightest investigation into this.
https://nltimes.nl/2025/08/22/dutch-police-also-use-controve...
(paywalled) https://www.volkskrant.nl/tech/ook-nederlandse-politie-gebru...
The thing is that according to the Universal Declaration of Human Rights privacy and the right to private communication is a basic human right. And GDPR was literally enacted to enforce this human right.
Now one basic principle of democracy is that supreme courts are superior to the people in power. Someone needs to watch the lawmakers so to say. Because it could actually be that the European commission enacts laws that are illegal. And Chat Control 2.0 could actually be illegal because it violates the Universal Declaration of Human Rights. However, somebody has to take them to The Court of Justice of the European Union to test it.
I think the position can best be approximated as "companies should not be able to do this, but you should trust your government to do this to you". (That's a bad position that needs to be defeated every time it arises, but it's a consistent position.)
Given the choice of trust between, lets say Amazon/Meta/Google and the EU (or some European government), 9 times out of 10, the EU is the lesser evil.
You don't have to use Amazon/Meta/Google. You have to use the government.
Let's not forget that these are the people and laws that are supposed to represent and help you, not the other way around. While private companies have no such obligation.
Amazon/Meta/Google is sometimes required, nobody in the real world can get away from that.
> supposed to represent and help you, not the other way around. While private companies have no such obligation.
Exactly my point.
I've moved countries 5 times in my life. I still haven't been able to fully degoogle.
For now none of Amazon, Meta, or Google can jail you or legally do violence on you, separate you from your family, etc. Your sense of threat is extremely miscalibrated.
Not really. I know what you are playing at. The probability of the government being vindictive towards a single family, whilst not truly zero, is for almost all practical purposes zero.
The probability of a (my or your) child enduring harmful content, perpetuated and enabled by Meta/Google (in particular) is almost a certainty.
We are not required to pick amongst evils. We could, in fact, say private chats are private and end to end encryption is sacrosanct.
If you are purist and you don't live in the real world with real evils. I don't want pedophiles to have privacy.
>I don't want pedophiles to have privacy.
that is why police already have access to mechanisms to remove privacy from people suspected of being a pedophile.
The existing mechanisms are inadequate or not fit for 2026. Hence this discussion.
You are agreeing with me :)
>You are agreeing with me :)
i am absolutely not :)
you want to provide unfettered warrantless access to all of your communications. ive been fighting against that sort of thing for approaching 40 years now.
> have access to mechanisms to remove privacy from people suspected of being a pedophile
I don't understand that part then. You can't break open E2EE by willing it open.
Right now, if I wanted a new account, I walk into any supermarket, spend a quid, and I've got a burner, with WhatsApp.
>I don't understand that part then. You can't break open E2EE by willing it open.
the mechanism to remove privacy from suspects is typically called a warrant.
(end-to-end encryption does not matter if you possess one of the ends)
After Epstein, Hollywood and decades earlier Dutroux, you'd think people like you would have wizened.
For fuck's sake, my country's entire media/intellectual class protected an avowed and even boasting pedophile during his entire life! https://en.wikipedia.org/wiki/Gabriel_Matzneff
what a crazy turning of the tides to see this comment in the gray.
i suppose the times have changed from when most people on the internet were cypherphunk. now it's common to see people say "i have nothing to hide, please scan all of my communications", unironically invoking "please think of the children".
Slaves also have no right to privacy. This EU variant is doomed to failure.
Each passing day we are moving closer to a dystopian state and nobody is doing anything.
People are doing something (e.g. [0][1][2]). That’s why Chat Control 2.0 hasn’t passed and is unlikely to pass in the foreseeable future.
[0] https://www.patrick-breyer.de/en/posts/chat-control/
[1] https://edri.org/our-work/european-commission-must-uphold-pr...
[2] https://freiheitsrechte.org/en/themen/freiheit-im-digitalen-...
lol, say someone publishes an E2E distributed extension to an existing chat protocol.
Are you going to arrest someone for writing code? Are you going to arrest people who use private communications? Sounds like a legislator carve out hot and ready to happen.
I get the point, ban E2E, OK sure, but what if some software is designed in such a way that the company doesn't provide it, but it just happens to be compatible with the protocol extension? Are you going to arrest the authors if they don't explicitly ban it?
Yeah, right.
It's all coming together: Even if an open protocol was developed and published, and everyone would just use AI to create their own app in order to be private, Google is shutting down that path by preventing "unsanctioned" apps from being installed (not to mention Apple, which already does it).
People wouldn't be arrested for writing code, but as it happened in Spain, people with Pixels and GrapheneOS are already treated as drug dealers
The government's worse nightmare: People who own Pixels talking to their family members.
[dupe] https://news.ycombinator.com/item?id=48819008
I feel like this one should not be removed because people want to continue discussing and that's easier on a newer thread.
Easier? You mean easier to duplicate? No need to split up the discussion. There's the link, welcome to continue discussing over there, instead of pushing the news back in front of the rest of those who may not have missed it.
Stop trying to shut down discussions that you don't like.
Different news source. But same topic.
Welcome to share the url over there. Duplicate discussion.