"a measure it had rejected twice in March. Although a majority of voting Members of the European Parliament (MEPs) actually opposed the regulation (314 against, 276 in favor, 17 abstentions), the motion to reject it failed to secure the required absolute majority of 361 votes. As a result, mass scanning is now permitted again until 2028."
"Oh no we can't get a majority to pass the law!"
"Have you tried getting a majority to not pass the law?"
"Worth a shot!"
"It worked, should we also do this multiple times?"
Not only was Chat Control 1.0 already rejected twice by the European Parliament but:
- This vote took place on last day of the session when many MEPs had already left for Summer vacation - 112 MEPs of 719 didn't vote.
- The vote was called only two days before as an "Rule 170 - Urgent procedure" - 73 MEPs missed the vote making it "urgent". Normally it takes months of procedure to come up for a final vote.
I think that means those MEPs are not doing their jobs. They are the representatives of their people, but somehow they left for vacation before the last day of the session. They failed in the most important part of their duty.
Honest question: when Europeans give so much power to EU and usually favor regulations by the government, isn't it natural that the government will try to implement more control? And it looks EU officials do not have to accountable for anything. They will not suffer personally even when their policies wreck havoc. I don't quite understand why Europeans can trust EU at all. Case in point, EU HQs shut down its air conditioning on floors 1 through 7 to prevent electrical overloads, leaving the upper levels used by top officials unaffected. Yet did anyone like Leyen get punished? Note I'm not naive enough to believe politicians don't have special treatment in other countries. But at least in some countries, politicians will not be so shameless that they'd do it in broad day light.
> Europeans give so much power to EU and usually favor regulations by the government
This antecedent is far too broad; what regulations, benefiting whom? It's pretty obvious in this case that the majority of their representatives do not favor at least this type of regulation. In other cases, the majority of representatives favor regulation which prevents private corporations from selling their PII to the highest bidder. So you're going to have to reckon with the nuance of the real world if you don't want to make obviously leading statements like this.
Any time now even the most pro-european EU defender will realise that what was once a trade union has slowly transformed itself into an undemocratic, bureaucratic monster.
What I don't understand, based on this: https://howtheyvote.eu/votes/195775 the votes are the other way around, with the majority being for. I'm guessing that site has it reversed then or I don't fully understand the proposal? Looking at which politicians from my country voted "no" on this site it seems to be mostly the ones that I'd expect to vote "yes", so that would support this site just having the options reversed.
On 7 July, MEPs voted 331–303 to fast-track the return of Chat Control 1.0 mass scanning. A binding vote follows Thursday, 9 July, where an absolute majority of 361 MEPs is needed to stop it. Take action now to demand they defend your private messages.
"Yes" means stop control, because it's a "proposition de rejet" we're looking at. rejet = reject.
Parties in favor of chat control were:
- European People’s Party and
- Progressive Alliance of Socialists and Democrats.
If you look at the initial vote from July 7, there are a few countries who actually wanted to make it an "urgent decision" (other than the countries above):
Adding the reminder that these votes and majority rejecting are of unelected bureaucrats, so the way that it was framed was approved from above while making practically impossible to reject but still theoretically possible so people are forced to swallow it.
Democracy is when you just try and try again and again until it passes with 51/49. Then its democratic and legitimized and only evil terrorists would oppose those laws we have all democratically agreed upon.
Also, see the case of https://en.wikipedia.org/wiki/H%C3%BCseyin_Do%C4%9Fru - if you aren't liked by the EU courts, they just accuse you of "collusion with Russia" and ban your bank account via "sanction policies". The ECJ doesn't have to provide any evidence of crime, you have to provide counter-evidence of the absence of crime (and good luck defending yourself without money). The ECJ judges, who interpret and impose these laws, are also not democratically really elected or anything, yet they hold power over your bank account. Makes ya think.
EU cant claim the moral high ground anymore with the way this was done. They've joined the rest of the world now. This was a win for foreign companies and makes me wonder if the EU has been infiltrated by outside interests.
Wow does it become law if the majority of those present opposed it? The American Congress might be utterly dysfunctional, but we’ve never had a law pass despite the majority of members voting against it. What am I missing?
Some will disagree with this, but this is neither new or surprising behaviour from the EU. In the EU if the political class want something, it doesn't really matter what the public want or vote for.
In the US a lot of your dysfunction is from the fact that your political system actually "works". You maniacs actually can vote for someone like Trump (twice), and he can do stuff regardless of how unpopular he is among the political class.
Here in Europe things like democracy and freedom of speech are only permitted if our political class approves. We can decide things like tax rates, but some things we're not allowed to express opinions on, and some things we have no power to vote for or against.
With some exceptions most European democracies work like this and EU is really the gold standard of this system. They have lots of ways to do what they want regardless of how popular it is, and regardless of what the opinions of our elected representatives are.
What changes with the return of Chat Control 1.0—and what stays the same:
*What is coming back:*
US tech companies are once again allowed to scan private messages without a warrant or prior suspicion. This affects direct messages on platforms like Instagram, Discord, Snapchat, Skype, and Xbox, as well as emails via Google’s Gmail and Apple’s iCloud.
*What remains unchanged:*
Public social media posts and files hosted in cloud storage could already be scanned without this law. Furthermore, private messages can always be reported by users, or monitored by authorities using targeted, court-ordered wiretapping.
*What is still NOT being scanned:*
End-to-end encrypted chats, such as those on WhatsApp, have always been exempt from these scans. Additionally, European providers of messaging and email services have never implemented chat control measures.
The Internet Watch Foundation, the group, funded almost entirely by big tech, who pushed for this vote to be held under emergency procedure, is already at work lobbying for the end of E2EE [1].
In a couple years time, Chat Control 2.0 will come about, and the same tyrants will use the EU admission [2] that there is no evidence that suspicionless scanning of private communications has led to an increase in criminal convictions or in rescued children to argue that we need to go further, and break E2EE.
Why would big tech be in favor of having to scan message content? It puts more regulatory requirements in place on their activities. Would they not be in favor of _less_ regulation so they can provide services to their users with fewer legal considerations?
If big tech _wanted_ to they could already backdoor their encryption and scan the message content, they don't need regulation to do that. The only thing that changes with regulation is that they now _have_ to, which cannot possibly be in their favor.
Then I'm not very moved about this. I always assumed that anything unencrypted is scanned one way or another. What I care is not having a backdoor for E2E, i.e. like client-side scanning telling me what I am allowed to talk about like with the LLMs. CSAM excuse is a great excuse to turn every conversation to what we have with AI today.
> What is coming back: US tech companies are once again allowed to scan private messages without a warrant or prior suspicion. This affects direct messages on platforms like Instagram, Discord, Snapchat, Skype, and Xbox, as well as emails via Google’s Gmail and Apple’s iCloud.
They are already allowed to do this, and already are doing this. When you provide data to the service provider in a non-e2ee fashion, it's their data as much as it is yours. They can scan it, data mine it, analyze it, whatever.
This is the whole point though. They are allowed to do this because of the original chat control from 2021 which was temporary and expired in march. Without chat control it is very debatable what companies can legally thanks to eprivacy directive.
They aren’t allowed to do whatever they want with your data, there’s strict restrictions on requiring consent for things you want to do with user data.
Stupid parliamentary trick: Hold the vote on the day before the summer break - ensuring that many people have already returned to their home countries. Then use a sort of "reverse" parliamentary trick: the default is that this legislation is accepted. They needed an absolute majority - not of voting members, but of all members - to reject it.
Result: 314 against, 276 in favor, 17 abstentions, 113 absent
The EU is well on the way to becoming a totalitarian government.
ETA: It is shocking that 276 members of parliament would vote to support this. Are so many so naive? Or being paid off?
> Then use a sort of "reverse" parliamentary trick: the default is that this legislation is accepted. They needed an absolute majority - not of voting members, but of all members - to reject it.
No pun intended, but how is this legal? I mean, if you don’t have a quorum, then shouldn’t you just wait for an Autumn session? It feels like having a democratic parliament with backdoors like this kinda undermines the whole idea
Sounds like they did have quorum (84% present). I'm assuming the "trick" is related to the fact that it was an expired law up for renewal instead of a brand new law, which sounds pretty dumb to me. Maybe I'm mistaken about the details tho. I'm just some guy
It's "not on the way", really. It is explicitly designed not to be democratic in any meaningful sense from the very beginning. It is not even a secret: the council work is intentionally opaque so that the actual people responsible for all this horrible stuff cannot be held accountable by the public. This is explicitly stated to be a feature, justified that it helps it all be more technocratic and less populist.
Seriously, the only reason why it takes place IMO is just that nobody ever cares to think for a moment how decisions are made in the EU, so everyone is somewhat indifferent and there's no mass attention to the fact, that the general public ability to affect EU decision is near zero, far, far less than USA or Russia and probably even China.
The EU and corrupt politicians (that's most of them), will do what they want, regardless of your opinions. I have completely given up on participating in democracy. My country is going to hell, and I don't believe anyone is able to stop it.
Yeah, there are two scummy things happening here. This would not be possible if they did their job. What sort of weird example does it set, when they don't ever care enough to stay for all the voting?
The internet is pretty stupid now and needs to be reigned in so our sons and daughters aren’t wide eyed zombies. Most of you won’t agree with me but it’s true and something needs to be done so I laud this.
"give me a boy until he is seven and I will tell you the man he becomes"
there will be at least 1 entire generation of western kids that spectated short form content on screens since the moment of birth. based on aristotle, this entire generation is going to be retarded. the EU legislature in question enables legal spectation of content exchanged by a generation of the retarded. the optimal path forward seems to be ensuring that the next generation is not retarded, otherwise human extinction will be rapidly accelerated. I don't see how corporate destruction of individual privacy is going to help ensure that the next generation is not retarded.
Roberta Metsola's actions this week jeopardise the legitimacy of the EU project as a whole.
It's clear that member countries use the EU as a blame-laundering mechanism to pass domestically unpopular laws, but the forcing of this vote under the urgency procedure that requires absolute majority to reject, on the last EP session before summer break is so blatant that it might awaken people that might've overlooked the structural failures of the EU and finally radicalise them
EDIT: bad wording, it's not that the urgency procedure causes the voting to require absolute majority, it's that an absolute majority second-reading is forced through an emergency procedure which is designed for first readings of legislation that's the implied meaning above
I'm really surprised at the hurry. The EU, and many EU governments, have been ramming through deeply unpopular legislation at a breakneck pace for no apparent reason, lately.
It feels like the last turn in a board game where everyone is busy taking points with no regard for the impact of the decisions on the theoretical next turn - because there is no next turn. Its really weird.
Multiple active wars on the global stage, huge changes in tariff and job impacts, large scale shipping and oil impacts.
I’m not saying this legislation impacts any of this positively or negatively, but we can’t pretend the prior world order isn’t making some drastic changes lately. Governments are slow to change laws but I would expect much of the current push has actual ties to the larger global shifts.
At least in some member states, that's a well used pattern when the soccer world cup is on (as in: people are focused on something else).
Which at least has been going on in the last weeks.
So long freedom, it’s been nice living in STASI free society for a while. Too bad power attracts the people who will make sure they keep it in their hands.
Whenever you see people complaining that the EU is "too slow", more often than not it's because they benefit directly from EU rushing things without thinking.
Every time HN posts another one of these privacy-invading EU regulations, a bunch of pro-bureaucracy people are in here cheering on regulations and knocking down anyone who suggests that maybe this time they've gone too far.
Well, once you realise that the so-called "EU parliament" is nothing
but a lobbyist group (see https://en.wikipedia.org/wiki/Qatar_corruption_scandal_at_th...) it is no longer surprising. To me nothing here is surprising, neither the
hurry nor any slowness.
for some godforsaken reason left-lib parties in europe think accepting infinity migrants forever is the most important thing to do
this is becoming more and more unpopular with the voters, leading to right wing parties surging across europe (Denmark, which has an immigration restrictionist left wing government doesnt seem to have an issue here, true mystery)
obviously the solution here is total control of the internet, so that you can suppress dissent
My guess is that with non-left political movements on the rise better surveillance tools were needed to prevent them from winning the elections around europe.
I really don’t but any other reason, as other tools (legal and technological) are already in place.
It's a US data pump, and the EU is a bunch of vassal states. That's the hurry, shutting down the data flow because the permissive legislation runs out is not allowed.
This comment does not add any value to the discussion.
PS: Sorry, but "haha nothing matters" cynicism does NOT add anything to the discussion. In fact it straightforwardly breaks a whole bunch of HN guidelines: "Be curious", "Don't be generically negative", "Don't be snarky", "Don't post shallow dismissals", etc. This forum is supposed to be better than the R-site.
To understand whether/to what extent this is brazen, I'd be interested to learn the reasoning why urgency procedures are possible, and in particular, why the apparent majority against shouldn't have been enough, and what is needed to classify something as urgent.
Afaik, EU rules provide for urgent procedure only for proposals at first reading, while here it was used to compress a second reading vote and skip committee, just perfectly timed for the last sitting before recess.
The absolute majority seems to be an anti-paralysis instrument, where the onus is on the Parliament to reject something put in motion by the Council. I think the the asymmetry is that a vote to trigger the urgency procedure only requires a simple majority, whereas a rejection of that same legislation requires absolute majority.
To my reading, this reinforces the idea that Parliament is designed to be more of a rubber stamp for the Council.
The urgency procedure is not the issue here, the problem is that this was Parliament's second reading, and the treaties (article 294 TFEU) say:
> Second reading
> 7. If, within three months of such communication, the European Parliament:
> (a) approves the Council's position at first reading or has not taken a decision, the act concerned shall be deemed to have been adopted in the wording which corresponds to the position of the Council;
> (b) rejects, by a majority of its component members, the Council's position at first reading, the proposed act shall be deemed not to have been adopted;
> (c) proposes, by a majority of its component members, amendments to the Council's position at first reading, the text thus amended shall be forwarded to the Council and to the Commission, which shall deliver an opinion on those amendments.
I think I'm one of those to whom you refer (except that I'm already "awake", or at least I like to think so). I'm normally pro-EU but this chat control is anathema to me. I'll be voting anti-EU in future I think.
Yeah, this is also a step too far for me. The EU has also done good things, like GDPR, right to repair, fining big tech again and again ... but it rarely follows up as much as it needs to.
The problem is though, that countries in the EU by themselves are economically not powerful enough, to hold up any ethical values against the giants US and China. So we need some alternative to the EU, some other union, that at least contains the economically most powerful EU countries, so that we have enough economical weight, that the other big players cannot simply push us around. Currently, the EU seems to be hellbent on losing its support. But how to prevent that other union to go down the same road?
Anyway, it seems clear, that we can no longer allow EU decision makers to make rules for us. They are not to be trusted.
The urgency procedure has nothing to do with the absolute majority requirement. It's necessary because, in the second reading, the Parliament should have an absolute majority to reject or amend the Council (i.e. the governments of the member states) position but only a simple majority to approve it
The regulation was rejected today with 314 votes against, 276 in favor, and 17 abstentions, but because of Metsola's lawfare that classified this regulation as under an "urgent procedure", an absolute majority was required to reject.
It's absolutely legitimate to be upset. However, identifying a lawfare trick in a close vote to a dictatorship is serious hyperbole. I'm afraid that's counterproductive.
What should worry everybody is the big picture (trying to abstract from politics, ideologies and specific situation). In recent years we had:
- Europe is now at war with Russia (neighbor)
- Its relationship with the US is rapidly deteriorating (main partner, de facto protector)
- Its relationship with China is also rapidly deteriorating
- It is getting very antagonistic with it own citizen and some individual member countries (such as Hungaria or Romania recently)
So there are a lot of justifications in each case but the overall picture is worrisome. You can't be antagonistic with everyone.
There is a reason why the North Korean regime is still around, they never forgot they need to keep a good relationship with at least one powerful ally.
Isn't it interesting that if you remove the US from that list, it all aligns with US foreign policy? How fortuitous that EU interests just happen to coincide so well with our American friends.
EU is doing some concerning moves but, looking at your points, Russia attacked Ukraine. EU is not at war with Russia, only supporting Ukraine.
Second, the relationship with US is deteriorating due to Trump. As a matter of fact all US relationships are deteriorating for the same reason. Where have you been the past years? Im not going to bother to respond to the following points because you mix some reality with propaganda and seem to live in a paralel reality.
Its honestly a bit sad that this in particular got people up in arms on social media, nobody gave a single shit when they sacrifice millions of people and entire nations on the periphery to their death cult of market orthodoxy.
The media is barely covering it at all, the sheep are well asleep, online some just lucid dream about the democracy they never had.
But now you have governmental overreach and legalized spying on European Citizens by (mostly) US Companies, so i would say that Law is truly binary bad.
Also how the Law was forced is extremely bad.
But hey it's once more proof that the EU is not a democratically spirited institution.
In this case, the phrase “consumer protections” is almost insulting when the things it’s supposedly protecting us from are a triviality compared to the horror show being introduced.
There will surely be some people who applaud your post for pointing this out. But the vast majority of people don't see "government spies on me" vs "private industry spies on me" as a meaningful distinction and there are MANY MANY recent examples of this: the discourse around Flock, the discourse around ICE using personal information to trace dissenters, the discourse around DOGE and Palantir.
But I suppose the OP said all that needs to be said, and so this spot was left empty for whatever nonsense comment dared to fill the void, and you won.
This, and other similar legislation, serve as a constant reminder of why the American founding fathers had to revolt against tyranny, and why constitution amendments like the 1st and 4th exist. The 4th in particular was written as a response to a British law similar to Chat Control (writs of assistance).
It's hard to compare US and EU internet freedom because a person usually spends most of their life in one place and is clueless about the life in other.
I've never lived in US, were there any cases of ISPs blocking websites in USA? Even DNS-level blocking counts
Here's a quote from the article itself, which works for both pro and con arguments:
"What is still NOT being scanned: End-to-end encrypted chats, such as those on WhatsApp, have always been exempt from these scans. Additionally, European providers of messaging and email services have never implemented chat control measures."
As I'm not trained in law, I have no strong opinions on if this proposal is a net positive or negative, almost any big name LLM will do a better job than I can manage by looking at the legal text, stroking my goatee and saying "I recon…". But what I can say that I've just seen a headline about a class action lawsuit in the USA due to grok making CSAM and the company failing to assist the police in their investigations, and another about Meta facing a lawsuit in India for delivering advertising for CSAM on Instagram.
My steelman in favour of the legislation:
The regulation closes a legal gap that would otherwise force platforms to stop using existing CSAM detection systems; it's a temporary framework that doesn't require universal mandatory scanning or ban E2EE, just keeps the legal basis for companies which choose to use detection/scanners while lawmakers continue negotiating a more comprehensive longterm solution.
My steelman against the legislation:
Scanning private communications, even allowing companies to "voluntary" do this, sets the precedent that the confidentiality of private correspondence is conditional rather than fundamental. Also, automated scanning inevitably has false positives. Also, has chilling effect on free speech, undermines trust in encrypted messaging.
Also, situationally, that it's "voluntary" means offenders can migrate to platforms which don't "voluntarily" do this.
Real time notifications here would solve a lot of issues...
Imagine Alice, an 18, 19yo girl, having a boyfriend, Bob, and since Bob is on a student exchange, she decides to send him a boob photo. Since alice is skinny, her boobs are on the smaller side.
Now imagine Alice hitting 'Send', and getting an automated message from whatever CSAM AI bot:
"Your message has not been sent, the system detected the breasts in the photo to be probably underage, the photo was forwarded to <your local police station> for manual review"
And half an hour later
"Detectives Rob Johnson, John Robson and Bob Bobson from police department XY, have done an extensive manual review of the photo of the breasts and have 2:1 decided that they're probably not underage, so the photo was sent to the intended destination. Than you, your friendly CSAM AI bot!"
I think you're probably wildly overoptimistic about the ratio of police officers to private nudes.
No government really wants to be fully enforcing all their own laws, just because it's way too expensive to hire that many cops. I think the closest anyone got was the Stasi, and they had a lot of "volunteers": https://en.wikipedia.org/wiki/Unofficial_collaborator#Other_...
This article seems to make good points about how useless and invasive Chat Control 1.0 is, but then posits Chat Control 2.0 as the answer. Is the latter not also terrible for privacy, demanding backdoors in all encrypted chat tech?
> the laws and regulations imposed upon citizens are hostile.
Let's not forget that these laws are supported and pushed for by national governments in the EU Council, there's no shadowy cabal that materializes these laws out of thin air, the EU is a blame-laundromat for domestically unpopular laws passed through backroom deals
Apart from this law-trickery used here: The EU could be a thing that helps fixing the problems that the single nations cannot overcome, even if it becomes unpopular.
Fixing climate change involves completely restricting fossil fuel AND harvesting existing greenhouse gases (which costs additional energy) until the atmosphere is back to 1800. No government of this world spoke this truth to its people, because after the next election that government would be no more.
One thing that should be noted is that, since the Parliament has been able to approve an amendment by absolute majority (which explicitly excludes E2E chats), the procedure is not over and the law is still not enacted, a third reading is still needed, after negotiations with the Council and the Commission, and in this case the Parliament will be able to reject the act by a simple majority
The new reading will happen if the Council rejects the amendment approved by the Parliament. When it does they have 6 weeks to negotiate, and then 6 weeks to approve the result of negotiations, if any.
Basically, the hope is that the Council rejects that amendment in its second reading (but right, the probability of this is not really high, since it codifies what was already true). I should have explained it better in my comment
If you so much as mention that this bill was passed to censor criticism of Israel, you will yourself be censored. Our politicians don't actually represent us.
Wow, I guess governments of the whole western world just woke up one morning and decided to clamp down on the free exchange of information on the internet at the precise moment their citizenry was up in arms over Israel committing mass genocide and blackmailing their politicians. What a coincidence!
> Although a majority of voting Members of the European Parliament (MEPs) actually opposed the regulation (314 against, 276 in favor, 17 abstentions), the motion to reject it failed to secure the required absolute majority of 361 votes.
This vote was urgently scheduled for today, the last day of parliament before the summer break. 113 MEPs were not present for this vote, likely having taken vacation days to extend their break. It's hard to believe choosing to do the vote today was done accidentally.
To me as a European, this is not only about the dystopia that is becoming the tech survailance of society but it is a perfect example of what I feel the EU is. It is a disgusting dysfunctional institution that should have never been created in my opinion.
This is what we have... Unelected bureaucrats using every opportunistic tool they can to, in my opinion get rid of democracy. What are we fighting for at this point? Personally I have lost all faith in the EU and I'm embarrassed to be living here. I'm so disgusted by politicians and the obvious de-route of democracy.
From Google: "The law seeks to require digital platforms and messaging services (like WhatsApp and Gmail) to automatically scan users' private messages, emails, and photos to detect and report illegal content"
-- EU policy makers are really honest people, hats off to them. There's no way politicians in my country allow their chats to be scanned, because they're very corrupt.
I genuinely wondered the other day how long before we see some country try to regulate the new self-hosted radio mesh messaging solutions like Meshtastic etc. Eventually some crime group somewhere is going to be busted using a homebrew encrypted radio system for messaging - they are so plentiful and easy to build with dirt cheap ESP32s etc, and it's so easy to deploy repeaters to extend range.
Or you can just host your own server like IRC. This is beyond idiotic, if they think that pedophiles will begin to suddenly use WhatsApp then I very much doubt about their basic literacy.
Such a weak reasoning and method which they used to push this is ridiculous agenda lead me to strongly suspect there must be something else behind it.
If the EU just were to redirect the resources they're currently allocating to regulations like AI and Chat Control rather towards developing a genuinely competitive OpenAI or Anthropic alternative …
There are at least two options to verify age without humiliating procedure of taking a selfie with a passport like a porn actor.
First, there are USB tokens that can hold a private key and sign messages. Such tokens could be sold at places accessible only to adults and verify that they are indeed adult. Obviously every token should hold the same private key.
Second, OS could implement "parent mode" which allows installing only white-listed, government approved apps (no Telegram or Whatsapp or other dangerous apps, but school apps are ok) and opening only white-listed government-approved websites. Put in jail the parents who did not set up a parent mode. Problem solved without passports and verifications.
If, however, the government insists on selfies, it means they just want to identify users and compile lists of "untrustworthy", "rebelious" and other persons of interest.
Also, employees who do verification, sometimes create internal chats where they post pictures of clients and mock their appearance. We had such case with Alfa-Bank in Russia, where the photo of a funny client with a passport and third-grader level comments leaked to Instagram account of employee's friend. The bank paid approximately $20 as a compensation.
Maybe a dumb question, but what's to stop people from communicating e2e encrypted over totally insecure channels using steganography techniques?
You don't need a special app to do this, or maybe you just need a companion app that you type your message into and it gives you the thing you just paste into whatever messaging app / social media you use. The steganography makes it hard for the operator to determine that you're "abusing" the service by not transmitting your message in the clear so they can read it.
1) Alice uses steganography to embed her public key in an otherwise innocent or mundane looking image e.g their profile picture.
2) Bob uses the public key to encrypt a short message to send her.
3) Bob embeds the encrypted message in his own mundane looking image (could generate these from a pool of images or on the fly using stable diffusion)
4) Bob sends the image to Alice.
5) Alice recovers the encrypted message and decrypts using her private key.
(Could also use the process to do key encapsulation too, instead of using the raw key pair)
Steganography fundamentally requires you to be able to know where the data is, which requires you to have the original image to compare against. The only other strategy I'm aware of is setting known pixel positions to exact data, which is very easy for basic tools to spot and decode. Or to add the data to non-visual data blocks if the image format supports those, which is also quite easy to spot.
Well when it comes to ending encrypted traffic, I would assume if they can’t read your traffic you will be in violation and the police will show up at your door to kindly imprison you for a few years
If they can't distinguish traffic containing hidden encrypted messages from humdrum non-encrypted traffic then they'd have to ban the whole thing for everyone.
Getting the criminals is not the point here, mass control is. How many of your friends do this now? The criminals might do it, but why, when they can just meet in person and talk there, without a digital recording of what they talk?
Combine the 'age verification' (show your ID when you register) with this (we can read what you type), add some AI (to profile the people), and you have all the info you'd ever want on anyone anywhere.
How do we design such apps? Let's rule out age attestation (to allow only some age ranges) or scan of content because they are orthogonal to apps. What are the design patterns that prevent adults to meet kids? No messaging?
So much effort and emotions wasted. EU should have a mechanism that disallows repeatedly pushing for things until they are greenlit. Lack of this type of measure renders whole governance incapable of being taken seriously.
EPP is a corrupt, authoritarian regime that will hopefully not last long. It is not a coincidence the union took a massive, noticeable turn for the worse in 2019 -- the von der Leyen presidencies have done immeasurable damage it will never recover from. They have also been complicit in crime and corruption from Bulgaria, Serbia and Hungary, for years, and that is even if you exclude the Pfizer disaster nobody was held responsible for. They are giving the opposing parties ammunition they need to take them and the dream of a stronger union down, and the only way they can fight back is banning those parties outright, one of which voted completely against this utterly insane, already repeatedly rejected mass scanning. It's hard to think of the union as anything positive when this is the direction it is taking.
I mean, even the victims themselves came out and explicitly emphasized that scanning chat messages does not help.
I'm feeling these politicians was not doing it for the victims. Instead, it's almost like the victims are providing reasons to allow the politicians to expand their own power.
The Accelerationism (see note below) part of me think it's a good thing, because a heavily regulated country is often also a backward country. Doing things like this long enough, then you get out competed by everyone else, your population shrinks to zero and your land gets reused.
(Note: The word "Accelerationism" in the Chinese dissidents circle means that, if a bad future is certain and it trends to destroy itself eventually, we might as well just let it happen faster, so the pain maybe shorter. More: https://en.wikipedia.org/wiki/Accelerator-in-Chief)
Look, EU obviously have a few good regulations. But a regulation must be correctly designed and implemented, and it must not punish good people. Scanning private messages is a punishment to all.
If EU must scan something, I'd say scanning all messages/phone calls sent out by the politicians might do more good, consider how much trust people put on them (maybe they shouldn't).
Once you realise the age group that are in that bracket of european law making you realise it's gen X AKA the helicopter parent generation and it all becomes less shocking.
More interesting that that mostly childless politicians are in favor of such things. That's makes sense since those legislations are NOT about children.
innocent men cannot be ruled over. authoritarians want a population of such "criminals", because then their power becomes the choice of which law is executed on whom.
> What changes with the return of Chat Control 1.0—and what stays the same:
> What is coming back: US tech companies are once again allowed to scan private messages without a warrant or prior suspicion. This affects direct messages on platforms like Instagram, Discord, Snapchat, Skype, and Xbox, as well as emails via Google’s Gmail and Apple’s iCloud.
> What remains unchanged: Public social media posts and files hosted in cloud storage could already be scanned without this law. Furthermore, private messages can always be reported by users, or monitored by authorities using targeted, court-ordered wiretapping.
> What is still NOT being scanned: End-to-end encrypted chats, such as those on WhatsApp, have always been exempt from these scans. Additionally, European providers of messaging and email services have never implemented chat control measures.
The citizens do have a say: they vote in elections. This is a temporary law that was implemented 5 years ago so everyone had a chance to vote in the 2024 EU election and vote out those who supported this law. But most people don't care if a company like Meta is allowed to scan their messages. For those who care, they can always use an encrypted messaging service like Signal or Telegram.
Yeah, right, this is just complete bullshit. Let's just put it this way: so, given that you more aware than "most people", did you at least vote against those who support it, and did you try to persuade your friends to do that, but they just didn't listen?
I really don't feel like I can affect anything at all. First of all, even if we assume for the sake of argument that voting for MEPs is important, it's really hard to judge what you are voting for. It's not like they come with clear agendas that people carefully evaluate before they decide how to vote. It's a long running joke how USA elections are choosing between "a giant douche and a turd sandwich", and whatever you choose doesn't even matter because they won't keep their promises, but, hey, at least everyone knows their promises. This one is blue, that one is red, both will let you down in the end, but you kinda know what their general vibe is. Voting for MEPs on the other hand — they are all kinda grey and I couldn't tell you how'd they vote on this particular issue. Depends on your country, but in my case many of them simply weren't MEPs on 2023 vote. And I'm kinda surprised by some of the choices.
Second, I don't really feel that MEPs are that important. They impact almost nothing. All real work is done behind the closed doors by some unknown people, and half of them all happen to be Maltese for some reason (0.1% of EU population, by the way). Parliament in the majority of cases just votes "for all good things and against all bad things" and the actual things that will come to haunt us are usually some small details in the Appendix that were never even explicitly put on the vote.
And when MEP's vote does matter, well, we get something like in this case. The majority objected, but that doesn't matter.
By the way, a couple of years ago I was asking myself, how could it be that we choose von der Leyen to be the President of EC? Well, I don't think we ever did. I surely didn't. MEPs barely did. Never once in all of the history EP rejected a candidate proposed by Council. Whatever each member of the Council did we'll never know, this is not disclosed. And to add the cherry on top, in this particular case it was a record number of MEPs who actually voted against her. It doesn't matter. Here we all are.
I'm curious where I can go to see real regularpeople who support this, is there like a different side of reddit, comments section? I don't know anyone who is blatantly anti-privacy and I want to hear their reasoning. Otherwise this just seems to be the EU rolling into a weird distributed autocracy without anyone blinking an eye.
"We decide on something, leave it lying around and wait and see what happens. If no one kicks up a fuss, because most people don't understand what has been decided, we continue step by step until there is no turning back". -- Jean-Claude Juncker, VDL's predecessor
It's not so much "support" as "not caring." Most "regular" people, when they hear about measures like this, say "oh no, the government can see my boring text messages to grandma, who cares", much they same way they shrug off the dangers of having a robot vacuum live-streaming the inside of their house to China ("there's nothing interesting in my house, who cares").
It's not accessed on devices. This is about people using messaging applications, like Messenger. Then, as the message isn't encrypted, Meta can read the message on their servers. And with this law they are allowed to scan and sometimes report it to the government.
I do not believe solutions to these issues will be found with government regulators. I believe they can be enabled by new technology that is designed to balance interests on all sides and actually enforce the guarantees IN CODE AND PROTOCOLS.
Having said that, I don’t think the tech industry is what it once was, dominated by cypherpunks working to create a better world. It has been captured by greed and “moving fast and breaking things”, as well as infighting. Greed (both in the form of web3 numbers go up, and benefiting from the greater fool while delivering no utility) and moving fast (web2 facebook / VC / dump shares on the public / lock in / extract rents). So no wonder the government eventually steps in, when the industry spends a decade without adults steering the ship. We have giant platforms controlling everything, and the rest has devolved into zero sum games and memecoins. The tech industry hasn’t led or even organized enough to get behind technology that can liberate users. Instead it’s been captured by for-profit interests. Mozilla and Apache are rounding errors.
Here is what open source can do when it comes to mass surveillance, and this would also solve the Flock problem here in the States, too:
> new technology that is designed to balance interests on all sides and actually enforce the guarantees IN CODE AND PROTOCOLS.
They will just call your code illegal in law. And if you will run it anyway, use deep packet inspection to drop your protocol packets, like they do in Russia
> In these talks, the EU Parliament is pushing for a paradigm shift in how we approach online child safety, demanding: [..] Strict security standards for messaging apps (“Security by Design”) to prevent cyber grooming.
It's dispiriting to see a supposedly pro-privacy politician launder backdoors as "strict security standards".
I think they mean local scanning for CSAM - which feels like a reasonable solution that preserves privacy, but still addresses the real problem of, y'know, child abuse?
What is the false positive rate that you would be comfortable with such a scan having? What would be the risk of your personal photos and videos being recognized as CSAM and reported to your local police (and thus being shown to your local police) that you would be happy to accept?
Would you also be ok with not being allowed to send any mail unless you first scan the contents of everything in that envelope and include a generated signature that might tell the post office that you're sending CSAM? And then having the envelope delivered directly to police if the scan did indicate that?
If local scanning of CSAM flags a post, that post will have to be analysed by a human operator. If you send a sensitive photo of your kid's rash to your spouse, and it gets flagged, are you ok with a random cyber enforcement officer seeing your child in that way?
Weaponizing our own property against us, mandating that it spies and tattles on us, turning inanimate objects into policemen to construct the most total surveillance dystopia, is not in any way "reasonable". In no way does it "preserve privacy".
And let's not pretend there are not already many other ways in which child abuse is detected and fought. When schoolteachers or doctors or neighbors or other family members notice something is amiss, when a CSAM group is infiltrated by police, or when a predator falls for a honeypot. This triggers an investigation, and at that point no digital lock can withstand modern targeted covert surveillance. But we are supposed to pretend none of this exists, and that encryption is an unassailable castle, and play along with the "going dark" lie, despite being more surveilled than at literally any point in history, including under the Stasi.
They only don't address child abuse, if by "child abuse" is meant a photo existing in some private shared-with-nobody hard drive, and not an actual human child being abused.
And more than a hundred did not vote, if they wanted to vote no they could have. But they didn’t so they’re implicitly in favor.
The fact that governments worldwide do not force either a vote for or against is a much greater issue as it allows representatives to launder their beliefs through inaction.
You're asking too much from bureaucrats that stand to directly gain post-mandate by consulting the companies they legislate for, and also believe that the legitimacy of the EU as a whole should be driven by output (economic prosperity, etc), rather than input (democratic mandates, political participation of their constituents)
Man, the EU is supposed to be the beacon of liberal democracy (after the light of Reagan's shining city on the hill is now truly extinguishing), but with shit like this, it's really making enemies left and right (metaphorically and spectrally).
Exactly. I consider myself euro federalist but bullshit like this creating a very strong antipathy.
If this is not some shady maneuver to scan user messages for security reason, because of, for example, possible incoming war then it's beyond absurd.
I would doubt that politicians pushing this are not understanding that pedophiles simply do not need to use these apps they are scanning. But I saw questioning of tech CEOs by older US officials and the lack of even basic knowledgeable about current technologies was ridiculously astounding.
> Please don't use Hacker News for political or ideological battle. It tramples curiosity.
Don't get me wrong, I feel a desire to engage with this as well, but there is nothing I can possibly say about this that is not political, because this is purely a political choice.
This was overwhelmingly approved by "The Left in the European Parliament" (that's their actual coalition name) as well as the Greens. It was overwhelmingly rejected by the European People's Party (AKA "The Right"). And mixed among other groups (S&D and Conservatives).
Indeed. The vote, however, was about stopping Chat Control. The key term is "derogation" in the title.
A "yes" vote was a vote against Chat Control. It failed because it needed an absolute majority of 361/) votes to defeat the "urgent procedure" lawfare by Metsina, a conservative.
Really the west is currently at the wrong side of history. With the US bombing and killing hundreds of thousands of civilians in the last decade. Europe with its hypocrite stance in literally everything.
Slowly the west is becoming a much less free place to live than a Russia. And propoganda in the west makes people think they are free. It's bullshit. They are not free. You got more freedom to move around, start businesses, own stuff in China and Russia than in any western European country.
This is a nice piece of democracy right here:
"a measure it had rejected twice in March. Although a majority of voting Members of the European Parliament (MEPs) actually opposed the regulation (314 against, 276 in favor, 17 abstentions), the motion to reject it failed to secure the required absolute majority of 361 votes. As a result, mass scanning is now permitted again until 2028."
"Oh no we can't get a majority to pass the law!"
"Have you tried getting a majority to not pass the law?"
"Worth a shot!"
"It worked, should we also do this multiple times?"
"Of course not! Pass the law, quickly!"
Not only was Chat Control 1.0 already rejected twice by the European Parliament but:
- This vote took place on last day of the session when many MEPs had already left for Summer vacation - 112 MEPs of 719 didn't vote.
- The vote was called only two days before as an "Rule 170 - Urgent procedure" - 73 MEPs missed the vote making it "urgent". Normally it takes months of procedure to come up for a final vote.
I think that means those MEPs are not doing their jobs. They are the representatives of their people, but somehow they left for vacation before the last day of the session. They failed in the most important part of their duty.
That's why you have a constitution with rights that are not up for vote.
Even relying on people to vote no is not enough.
3 replies →
So 112 MEPs didn't do their job...got it.
20 replies →
Honest question: when Europeans give so much power to EU and usually favor regulations by the government, isn't it natural that the government will try to implement more control? And it looks EU officials do not have to accountable for anything. They will not suffer personally even when their policies wreck havoc. I don't quite understand why Europeans can trust EU at all. Case in point, EU HQs shut down its air conditioning on floors 1 through 7 to prevent electrical overloads, leaving the upper levels used by top officials unaffected. Yet did anyone like Leyen get punished? Note I'm not naive enough to believe politicians don't have special treatment in other countries. But at least in some countries, politicians will not be so shameless that they'd do it in broad day light.
> Europeans give so much power to EU and usually favor regulations by the government
This antecedent is far too broad; what regulations, benefiting whom? It's pretty obvious in this case that the majority of their representatives do not favor at least this type of regulation. In other cases, the majority of representatives favor regulation which prevents private corporations from selling their PII to the highest bidder. So you're going to have to reckon with the nuance of the real world if you don't want to make obviously leading statements like this.
3 replies →
>This is a nice piece of democracy right here:
this is just eu in a nutshell, the irish were made to vote on both nice and lisbon treaties twice (both were voted no in the first vote)
Any time now even the most pro-european EU defender will realise that what was once a trade union has slowly transformed itself into an undemocratic, bureaucratic monster.
7 replies →
Well, the No vote triggered some adjustments, so this is indeed relatively democratic. What would be the alternative?
2 replies →
And then politician always wonder why nobody has any trust left.
What I don't understand, based on this: https://howtheyvote.eu/votes/195775 the votes are the other way around, with the majority being for. I'm guessing that site has it reversed then or I don't fully understand the proposal? Looking at which politicians from my country voted "no" on this site it seems to be mostly the ones that I'd expect to vote "yes", so that would support this site just having the options reversed.
> What I don't understand, based on this: https://howtheyvote.eu/votes/195775 the votes are the other way around
They voted for "Proposition de rejet". It's written there, but it's in French.
Found this, source: https://fightchatcontrol.eu/
On 7 July, MEPs voted 331–303 to fast-track the return of Chat Control 1.0 mass scanning. A binding vote follows Thursday, 9 July, where an absolute majority of 361 MEPs is needed to stop it. Take action now to demand they defend your private messages.
"Yes" means stop control, because it's a "proposition de rejet" we're looking at. rejet = reject. Parties in favor of chat control were:
- European People’s Party and
- Progressive Alliance of Socialists and Democrats.
Countries in favor of chat control were:
Spain, Poland, Romania, Sweden, Hungary, Portugal, Greece, Ireland, Lithuania, Latvia, Cyprus
If you look at the initial vote from July 7, there are a few countries who actually wanted to make it an "urgent decision" (other than the countries above):
France, Czechia, Finland, Croatia, Luxembourg
8 replies →
Adding the reminder that these votes and majority rejecting are of unelected bureaucrats, so the way that it was framed was approved from above while making practically impossible to reject but still theoretically possible so people are forced to swallow it.
Soviet Union 2.0
Democracy is when you just try and try again and again until it passes with 51/49. Then its democratic and legitimized and only evil terrorists would oppose those laws we have all democratically agreed upon.
Also, see the case of https://en.wikipedia.org/wiki/H%C3%BCseyin_Do%C4%9Fru - if you aren't liked by the EU courts, they just accuse you of "collusion with Russia" and ban your bank account via "sanction policies". The ECJ doesn't have to provide any evidence of crime, you have to provide counter-evidence of the absence of crime (and good luck defending yourself without money). The ECJ judges, who interpret and impose these laws, are also not democratically really elected or anything, yet they hold power over your bank account. Makes ya think.
How did you connect the linked Wikipedia article to EU courts and ECJ?
This journalist was not sanctioned by the court.
3 replies →
> Also, see the case of https://en.wikipedia.org/wiki/H%C3%BCseyin_Do%C4%9Fru - if you aren't liked by the EU courts, ...
This was done by the Council of Europe (an organisation made up of a mix of member state foreign ministers and member state parliament members)
https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=OJ:...
No court was involved as far as I can tell...
1 reply →
Except in this case it actually passed 49/51.
EU cant claim the moral high ground anymore with the way this was done. They've joined the rest of the world now. This was a win for foreign companies and makes me wonder if the EU has been infiltrated by outside interests.
Wow does it become law if the majority of those present opposed it? The American Congress might be utterly dysfunctional, but we’ve never had a law pass despite the majority of members voting against it. What am I missing?
> What am I missing?
Nothing really.
Some will disagree with this, but this is neither new or surprising behaviour from the EU. In the EU if the political class want something, it doesn't really matter what the public want or vote for.
In the US a lot of your dysfunction is from the fact that your political system actually "works". You maniacs actually can vote for someone like Trump (twice), and he can do stuff regardless of how unpopular he is among the political class.
Here in Europe things like democracy and freedom of speech are only permitted if our political class approves. We can decide things like tax rates, but some things we're not allowed to express opinions on, and some things we have no power to vote for or against.
With some exceptions most European democracies work like this and EU is really the gold standard of this system. They have lots of ways to do what they want regardless of how popular it is, and regardless of what the opinions of our elected representatives are.
[dead]
[flagged]
True, the solution is to just start murdering politicians. Thanks for the advice America.
3 replies →
We're currently running a long-term offshore experiment to see if 2A has any measurable impact on dragnet surveillance and the NSA.
2 replies →
FTA:
What changes with the return of Chat Control 1.0—and what stays the same:
*What is coming back:* US tech companies are once again allowed to scan private messages without a warrant or prior suspicion. This affects direct messages on platforms like Instagram, Discord, Snapchat, Skype, and Xbox, as well as emails via Google’s Gmail and Apple’s iCloud.
*What remains unchanged:* Public social media posts and files hosted in cloud storage could already be scanned without this law. Furthermore, private messages can always be reported by users, or monitored by authorities using targeted, court-ordered wiretapping.
*What is still NOT being scanned:* End-to-end encrypted chats, such as those on WhatsApp, have always been exempt from these scans. Additionally, European providers of messaging and email services have never implemented chat control measures.
So, E2E is unaffected?
The Internet Watch Foundation, the group, funded almost entirely by big tech, who pushed for this vote to be held under emergency procedure, is already at work lobbying for the end of E2EE [1].
In a couple years time, Chat Control 2.0 will come about, and the same tyrants will use the EU admission [2] that there is no evidence that suspicionless scanning of private communications has led to an increase in criminal convictions or in rescued children to argue that we need to go further, and break E2EE.
[1]: https://www.iwf.org.uk/resources/end-to-end-encryption-and-k... [2]: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELE...
Why would big tech be in favor of having to scan message content? It puts more regulatory requirements in place on their activities. Would they not be in favor of _less_ regulation so they can provide services to their users with fewer legal considerations?
If big tech _wanted_ to they could already backdoor their encryption and scan the message content, they don't need regulation to do that. The only thing that changes with regulation is that they now _have_ to, which cannot possibly be in their favor.
12 replies →
Do you have source for IWF funding being by big tech?
Haven’t found anything that breaks their funding down by source and the majority on the UK govt site is from “charitable activities” (https://register-of-charities.charitycommission.gov.uk/en/ch...)
1 reply →
Yes.
Chat Control 2.0 was the big one in those regards.
(Also, LOL @ Skype mention.)
Then I'm not very moved about this. I always assumed that anything unencrypted is scanned one way or another. What I care is not having a backdoor for E2E, i.e. like client-side scanning telling me what I am allowed to talk about like with the LLMs. CSAM excuse is a great excuse to turn every conversation to what we have with AI today.
13 replies →
Don't downplay Skype, as Teams is still just rebranded Skype for Business (LYNC).
Are my AIM chats safe?! /s
3 replies →
Does this apply only to new messages or also to history?
> What is coming back: US tech companies are once again allowed to scan private messages without a warrant or prior suspicion. This affects direct messages on platforms like Instagram, Discord, Snapchat, Skype, and Xbox, as well as emails via Google’s Gmail and Apple’s iCloud.
They are already allowed to do this, and already are doing this. When you provide data to the service provider in a non-e2ee fashion, it's their data as much as it is yours. They can scan it, data mine it, analyze it, whatever.
This is the whole point though. They are allowed to do this because of the original chat control from 2021 which was temporary and expired in march. Without chat control it is very debatable what companies can legally thanks to eprivacy directive.
They aren’t allowed to do whatever they want with your data, there’s strict restrictions on requiring consent for things you want to do with user data.
1 reply →
Skype?
Are the messages to LLMs scanned (beyond normal collection for future training purposes) or is that just for human-to-human messenging?
Yes. I see no reason to think otherwise.
1 reply →
[dead]
Stupid parliamentary trick: Hold the vote on the day before the summer break - ensuring that many people have already returned to their home countries. Then use a sort of "reverse" parliamentary trick: the default is that this legislation is accepted. They needed an absolute majority - not of voting members, but of all members - to reject it.
Result: 314 against, 276 in favor, 17 abstentions, 113 absent
The EU is well on the way to becoming a totalitarian government.
ETA: It is shocking that 276 members of parliament would vote to support this. Are so many so naive? Or being paid off?
> Then use a sort of "reverse" parliamentary trick: the default is that this legislation is accepted. They needed an absolute majority - not of voting members, but of all members - to reject it.
No pun intended, but how is this legal? I mean, if you don’t have a quorum, then shouldn’t you just wait for an Autumn session? It feels like having a democratic parliament with backdoors like this kinda undermines the whole idea
Sounds like they did have quorum (84% present). I'm assuming the "trick" is related to the fact that it was an expired law up for renewal instead of a brand new law, which sounds pretty dumb to me. Maybe I'm mistaken about the details tho. I'm just some guy
It's "not on the way", really. It is explicitly designed not to be democratic in any meaningful sense from the very beginning. It is not even a secret: the council work is intentionally opaque so that the actual people responsible for all this horrible stuff cannot be held accountable by the public. This is explicitly stated to be a feature, justified that it helps it all be more technocratic and less populist.
Seriously, the only reason why it takes place IMO is just that nobody ever cares to think for a moment how decisions are made in the EU, so everyone is somewhat indifferent and there's no mass attention to the fact, that the general public ability to affect EU decision is near zero, far, far less than USA or Russia and probably even China.
> It is shocking that 276 members of parliament would vote to support this. Are so many so naive? Or being paid off?
There are a lot of countries in the EU that aren't shining beacons of democracy.
The EU makes sense as an economic block but some of the countries in it are politically unaligned with what people think of when they think of the EU.
You really should check out the list of voters, you will be surprised who exactly voted "yes". The list can be found here: https://www.thatprivacyguy.com/blog/chat-control-the-415-who...
1 reply →
Yea, like France or Germany or Belgium
You know Im right
> Are so many so naive?
No, it's the clueless general public that is criminally naive and fails to recognize the revival of fascism in real time under their own noses.
It's something straight out of that 2015 German movie, "Er ist wieder da" ("Look Who's Back").
Same giggles, same reactions, same gaslighting of those who see where it's heading, same final effect.
The EU and corrupt politicians (that's most of them), will do what they want, regardless of your opinions. I have completely given up on participating in democracy. My country is going to hell, and I don't believe anyone is able to stop it.
>ensuring that many people have already returned to their home countries...
Aren't they fucking paid to be there 'on the last day'?
Yeah, there are two scummy things happening here. This would not be possible if they did their job. What sort of weird example does it set, when they don't ever care enough to stay for all the voting?
The internet is pretty stupid now and needs to be reigned in so our sons and daughters aren’t wide eyed zombies. Most of you won’t agree with me but it’s true and something needs to be done so I laud this.
I heard about it 30 years ago
Our parents are the zombies who keep voting for the destruction of their civilization just to keep their housing prices propped up.
"give me a boy until he is seven and I will tell you the man he becomes"
there will be at least 1 entire generation of western kids that spectated short form content on screens since the moment of birth. based on aristotle, this entire generation is going to be retarded. the EU legislature in question enables legal spectation of content exchanged by a generation of the retarded. the optimal path forward seems to be ensuring that the next generation is not retarded, otherwise human extinction will be rapidly accelerated. I don't see how corporate destruction of individual privacy is going to help ensure that the next generation is not retarded.
Roberta Metsola's actions this week jeopardise the legitimacy of the EU project as a whole.
It's clear that member countries use the EU as a blame-laundering mechanism to pass domestically unpopular laws, but the forcing of this vote under the urgency procedure that requires absolute majority to reject, on the last EP session before summer break is so blatant that it might awaken people that might've overlooked the structural failures of the EU and finally radicalise them
EDIT: bad wording, it's not that the urgency procedure causes the voting to require absolute majority, it's that an absolute majority second-reading is forced through an emergency procedure which is designed for first readings of legislation that's the implied meaning above
I'm really surprised at the hurry. The EU, and many EU governments, have been ramming through deeply unpopular legislation at a breakneck pace for no apparent reason, lately.
It feels like the last turn in a board game where everyone is busy taking points with no regard for the impact of the decisions on the theoretical next turn - because there is no next turn. Its really weird.
> blame-laundering mechanism
Also, I'm stealing this.
> at a breakneck pace for no apparent reason, lately.
This isn't surprising to me at all.
The World Cup is on, and it draws attention away from politics. This has been a pretty common observable pattern for as long as I can remember.
Multiple active wars on the global stage, huge changes in tariff and job impacts, large scale shipping and oil impacts.
I’m not saying this legislation impacts any of this positively or negatively, but we can’t pretend the prior world order isn’t making some drastic changes lately. Governments are slow to change laws but I would expect much of the current push has actual ties to the larger global shifts.
At least in some member states, that's a well used pattern when the soccer world cup is on (as in: people are focused on something else). Which at least has been going on in the last weeks.
The reason is more than apparent.
So long freedom, it’s been nice living in STASI free society for a while. Too bad power attracts the people who will make sure they keep it in their hands.
4 replies →
Whenever you see people complaining that the EU is "too slow", more often than not it's because they benefit directly from EU rushing things without thinking.
for no apparent rason? the way they are preparing to bring the population into a war hardly can be any more apparent...
36 replies →
>with no regard for the impact of the decisions on the theoretical next turn
They know the impact of the decisions: more power for them as bodies.
unpopular with whom?
Every time HN posts another one of these privacy-invading EU regulations, a bunch of pro-bureaucracy people are in here cheering on regulations and knocking down anyone who suggests that maybe this time they've gone too far.
> I'm really surprised at the hurry.
Well, once you realise that the so-called "EU parliament" is nothing but a lobbyist group (see https://en.wikipedia.org/wiki/Qatar_corruption_scandal_at_th...) it is no longer surprising. To me nothing here is surprising, neither the hurry nor any slowness.
Lobbyists are winning the war.
Didn't Steve Bannon do a tour in Europe recently to dispense some of his strategy?
This smells like him, honestly.
>for no apparent reason, lately.
for some godforsaken reason left-lib parties in europe think accepting infinity migrants forever is the most important thing to do
this is becoming more and more unpopular with the voters, leading to right wing parties surging across europe (Denmark, which has an immigration restrictionist left wing government doesnt seem to have an issue here, true mystery)
obviously the solution here is total control of the internet, so that you can suppress dissent
27 replies →
My guess is that with non-left political movements on the rise better surveillance tools were needed to prevent them from winning the elections around europe.
I really don’t but any other reason, as other tools (legal and technological) are already in place.
2 replies →
It's a US data pump, and the EU is a bunch of vassal states. That's the hurry, shutting down the data flow because the permissive legislation runs out is not allowed.
4 replies →
> at a breakneck pace for no apparent reason
So many reasons: unpopular wars in the Middle East, repeated embarrassments in international arena, domestic unrest, decadent elites…
[dead]
> it might awaken people that might've overlooked the structural failures of the EU and finally radicalise them
Haha, no. As long as there is bread and circus, nothing wil happen.
well, bread is running our at beakneck speed...
that's the reason they are busy igniting a war by the time the defaulting begins, so that there's some external boogieman to blame instead of them...
This removes circus from the children.
1 reply →
This comment does not add any value to the discussion.
PS: Sorry, but "haha nothing matters" cynicism does NOT add anything to the discussion. In fact it straightforwardly breaks a whole bunch of HN guidelines: "Be curious", "Don't be generically negative", "Don't be snarky", "Don't post shallow dismissals", etc. This forum is supposed to be better than the R-site.
5 replies →
To understand whether/to what extent this is brazen, I'd be interested to learn the reasoning why urgency procedures are possible, and in particular, why the apparent majority against shouldn't have been enough, and what is needed to classify something as urgent.
Afaik, EU rules provide for urgent procedure only for proposals at first reading, while here it was used to compress a second reading vote and skip committee, just perfectly timed for the last sitting before recess.
The absolute majority seems to be an anti-paralysis instrument, where the onus is on the Parliament to reject something put in motion by the Council. I think the the asymmetry is that a vote to trigger the urgency procedure only requires a simple majority, whereas a rejection of that same legislation requires absolute majority.
To my reading, this reinforces the idea that Parliament is designed to be more of a rubber stamp for the Council.
2 replies →
The urgency procedure is not the issue here, the problem is that this was Parliament's second reading, and the treaties (article 294 TFEU) say:
> Second reading
> 7. If, within three months of such communication, the European Parliament:
> (a) approves the Council's position at first reading or has not taken a decision, the act concerned shall be deemed to have been adopted in the wording which corresponds to the position of the Council;
> (b) rejects, by a majority of its component members, the Council's position at first reading, the proposed act shall be deemed not to have been adopted;
> (c) proposes, by a majority of its component members, amendments to the Council's position at first reading, the text thus amended shall be forwarded to the Council and to the Commission, which shall deliver an opinion on those amendments.
I think I'm one of those to whom you refer (except that I'm already "awake", or at least I like to think so). I'm normally pro-EU but this chat control is anathema to me. I'll be voting anti-EU in future I think.
Yeah, this is also a step too far for me. The EU has also done good things, like GDPR, right to repair, fining big tech again and again ... but it rarely follows up as much as it needs to.
The problem is though, that countries in the EU by themselves are economically not powerful enough, to hold up any ethical values against the giants US and China. So we need some alternative to the EU, some other union, that at least contains the economically most powerful EU countries, so that we have enough economical weight, that the other big players cannot simply push us around. Currently, the EU seems to be hellbent on losing its support. But how to prevent that other union to go down the same road?
Anyway, it seems clear, that we can no longer allow EU decision makers to make rules for us. They are not to be trusted.
The urgency procedure has nothing to do with the absolute majority requirement. It's necessary because, in the second reading, the Parliament should have an absolute majority to reject or amend the Council (i.e. the governments of the member states) position but only a simple majority to approve it
Yes, this basically means the EU pushed a new censorship regulation using lawfare tricks without ever having a majority vote for the proposal.
If it's not a dictatorship, a regime, a shithole, a kleptocracy, or whatever name they use for a government they don't like, I don't know what it is.
The regulation was rejected today with 314 votes against, 276 in favor, and 17 abstentions, but because of Metsola's lawfare that classified this regulation as under an "urgent procedure", an absolute majority was required to reject.
4 replies →
Chat Control 2.0 is the censorship regulation. Chat Control 1.0 just legalized what Facebook was doing anyway.
9 replies →
It's absolutely legitimate to be upset. However, identifying a lawfare trick in a close vote to a dictatorship is serious hyperbole. I'm afraid that's counterproductive.
2 replies →
What should worry everybody is the big picture (trying to abstract from politics, ideologies and specific situation). In recent years we had:
- Europe is now at war with Russia (neighbor)
- Its relationship with the US is rapidly deteriorating (main partner, de facto protector)
- Its relationship with China is also rapidly deteriorating
- It is getting very antagonistic with it own citizen and some individual member countries (such as Hungaria or Romania recently)
So there are a lot of justifications in each case but the overall picture is worrisome. You can't be antagonistic with everyone.
There is a reason why the North Korean regime is still around, they never forgot they need to keep a good relationship with at least one powerful ally.
> There is a reason why the North Korean regime is still around
Nukes
> - Its relationship with China is also rapidly deteriorating
For which there is no good reason and which is extremely stupid
There has been zero aggression from China towards Europe and zero chance of military confrontation.
Most of the sanctions that were implemented under pressure from Us have backfired on Europe (but not so much on US)
European politicians are going around the world and telling India not to trade with Russia while Israel trades with Russia, etc.
Isn't it interesting that if you remove the US from that list, it all aligns with US foreign policy? How fortuitous that EU interests just happen to coincide so well with our American friends.
2 replies →
EU is doing some concerning moves but, looking at your points, Russia attacked Ukraine. EU is not at war with Russia, only supporting Ukraine.
Second, the relationship with US is deteriorating due to Trump. As a matter of fact all US relationships are deteriorating for the same reason. Where have you been the past years? Im not going to bother to respond to the following points because you mix some reality with propaganda and seem to live in a paralel reality.
12 replies →
They've been doing this with unpopular votes since the inception of the EU, nothing new and people definitely haven't woken up, unfortunately.
Its honestly a bit sad that this in particular got people up in arms on social media, nobody gave a single shit when they sacrifice millions of people and entire nations on the periphery to their death cult of market orthodoxy.
The media is barely covering it at all, the sheep are well asleep, online some just lucid dream about the democracy they never had.
[flagged]
[dead]
Instead of solving real problems, the EU Parliament supports the globalists' agenda for privacy and human rights violations — our fundamental rights
It's the EU, where regulation, not innovation, is what makes the world a better place.
To be fair, lack of regulation didn't stop us in America from passing the Patriot Act.
>EU Parliament supports the globalists' agenda
word. thats the entire point of the existence of the EU
The US built mass surveillance by bypassing congress, at least in the EU we do it democratically /s
I don't want to hear about the EU's "strong digital privacy" laws and protections ever again.
Multiple things can be true at the same time.
There can exist strong consumer protections against misuse of their personal data by various entities.
And there can simultaneously also exist governmental overreach against citizens private data.
The world is complex, few things are truly binary.
But now you have governmental overreach and legalized spying on European Citizens by (mostly) US Companies, so i would say that Law is truly binary bad.
Also how the Law was forced is extremely bad.
But hey it's once more proof that the EU is not a democratically spirited institution.
6 replies →
There can be, but this isn't it. In the EU, a company can't send you an email, but it can read your email.
In this case, the phrase “consumer protections” is almost insulting when the things it’s supposedly protecting us from are a triviality compared to the horror show being introduced.
There will surely be some people who applaud your post for pointing this out. But the vast majority of people don't see "government spies on me" vs "private industry spies on me" as a meaningful distinction and there are MANY MANY recent examples of this: the discourse around Flock, the discourse around ICE using personal information to trace dissenters, the discourse around DOGE and Palantir.
But I suppose the OP said all that needs to be said, and so this spot was left empty for whatever nonsense comment dared to fill the void, and you won.
1 reply →
No, "strong digital privacy" and "governmental overreach against citizens private data" is mutually exclusive.
1 reply →
Already was done hearing that day 0, before the cookie banners started showing up.
This, and other similar legislation, serve as a constant reminder of why the American founding fathers had to revolt against tyranny, and why constitution amendments like the 1st and 4th exist. The 4th in particular was written as a response to a British law similar to Chat Control (writs of assistance).
And then you got the patriot act.
That was terrible. But then the NSA just started surveilling everything illegally anyway, laws be damned.
Sadly doesn't seem to make much difference, though. If anything the UK is less authoritarian than the US now.
It's hard to compare US and EU internet freedom because a person usually spends most of their life in one place and is clueless about the life in other.
I've never lived in US, were there any cases of ISPs blocking websites in USA? Even DNS-level blocking counts
How many people are arrested for social media posts and other speech in each country?
3 replies →
At least I have still have a 2nd amendment - and, at least for now, still post on social media without getting a knock on my door.
8 replies →
(Based on https://www.euronews.com/my-europe/2026/07/07/eu-to-extend-t... and https://www.euractiv.com/news/how-the-epp-pushed-the-chat-sc... as well as the stuff in the link).
Here's a quote from the article itself, which works for both pro and con arguments:
As I'm not trained in law, I have no strong opinions on if this proposal is a net positive or negative, almost any big name LLM will do a better job than I can manage by looking at the legal text, stroking my goatee and saying "I recon…". But what I can say that I've just seen a headline about a class action lawsuit in the USA due to grok making CSAM and the company failing to assist the police in their investigations, and another about Meta facing a lawsuit in India for delivering advertising for CSAM on Instagram.
My steelman in favour of the legislation:
The regulation closes a legal gap that would otherwise force platforms to stop using existing CSAM detection systems; it's a temporary framework that doesn't require universal mandatory scanning or ban E2EE, just keeps the legal basis for companies which choose to use detection/scanners while lawmakers continue negotiating a more comprehensive longterm solution.
My steelman against the legislation:
Scanning private communications, even allowing companies to "voluntary" do this, sets the precedent that the confidentiality of private correspondence is conditional rather than fundamental. Also, automated scanning inevitably has false positives. Also, has chilling effect on free speech, undermines trust in encrypted messaging.
Also, situationally, that it's "voluntary" means offenders can migrate to platforms which don't "voluntarily" do this.
>CSAM detection systems
Blackboxes which scan your messages and photos for anything 3rd party want with undisclosed criteria.
Yes, indeed.
In principle "for anything 3rd party want" would be illegal in the EU. However, Big Tech clearly doesn't care what's illegal in the EU.
Pertinent to this case: https://stateofsurveillance.org/news/big-tech-defies-eu-law-...
Previously: https://www.edpb.europa.eu/news/french-sa-cookies-and-advert...
Even earlier, when they cared about the law: https://www.trtworld.com/article/13092354
Real time notifications here would solve a lot of issues...
Imagine Alice, an 18, 19yo girl, having a boyfriend, Bob, and since Bob is on a student exchange, she decides to send him a boob photo. Since alice is skinny, her boobs are on the smaller side.
Now imagine Alice hitting 'Send', and getting an automated message from whatever CSAM AI bot:
"Your message has not been sent, the system detected the breasts in the photo to be probably underage, the photo was forwarded to <your local police station> for manual review"
And half an hour later
"Detectives Rob Johnson, John Robson and Bob Bobson from police department XY, have done an extensive manual review of the photo of the breasts and have 2:1 decided that they're probably not underage, so the photo was sent to the intended destination. Than you, your friendly CSAM AI bot!"
I think a more realistic system would be hashing images and comparing them to known CSAM in some database.
I think Apple was going to implement something like this a few years ago before scrapping it.
1 reply →
I think you're probably wildly overoptimistic about the ratio of police officers to private nudes.
No government really wants to be fully enforcing all their own laws, just because it's way too expensive to hire that many cops. I think the closest anyone got was the Stasi, and they had a lot of "volunteers": https://en.wikipedia.org/wiki/Unofficial_collaborator#Other_...
This article seems to make good points about how useless and invasive Chat Control 1.0 is, but then posits Chat Control 2.0 as the answer. Is the latter not also terrible for privacy, demanding backdoors in all encrypted chat tech?
The proponents argue that those backdoors are a good thing because then the government can keep you safe from people saying nasty things.
You're asking a community that couldn't decide if Client Side Scanning was safe and private at the time: https://news.ycombinator.com/item?id=28068741
Surveillance is a branding issue. If you wrap a shit in crepe paper and Corinthian leather, most people will admire what an artist you are.
Every day I grow less enamoured with the EU project. More and more, the laws and regulations imposed upon citizens are hostile.
> the laws and regulations imposed upon citizens are hostile.
Let's not forget that these laws are supported and pushed for by national governments in the EU Council, there's no shadowy cabal that materializes these laws out of thin air, the EU is a blame-laundromat for domestically unpopular laws passed through backroom deals
Apart from this law-trickery used here: The EU could be a thing that helps fixing the problems that the single nations cannot overcome, even if it becomes unpopular. Fixing climate change involves completely restricting fossil fuel AND harvesting existing greenhouse gases (which costs additional energy) until the atmosphere is back to 1800. No government of this world spoke this truth to its people, because after the next election that government would be no more.
> there's no shadowy cabal that materializes these laws out of thin air
that's really cute
One thing that should be noted is that, since the Parliament has been able to approve an amendment by absolute majority (which explicitly excludes E2E chats), the procedure is not over and the law is still not enacted, a third reading is still needed, after negotiations with the Council and the Commission, and in this case the Parliament will be able to reject the act by a simple majority
I was looking for information about this. So this new reading and vote would happen after summer?
The new reading will happen if the Council rejects the amendment approved by the Parliament. When it does they have 6 weeks to negotiate, and then 6 weeks to approve the result of negotiations, if any.
Basically, the hope is that the Council rejects that amendment in its second reading (but right, the probability of this is not really high, since it codifies what was already true). I should have explained it better in my comment
If you so much as mention that this bill was passed to censor criticism of Israel, you will yourself be censored. Our politicians don't actually represent us.
Unhinged rant, this has nothing to do with Israel.
Wow, I guess governments of the whole western world just woke up one morning and decided to clamp down on the free exchange of information on the internet at the precise moment their citizenry was up in arms over Israel committing mass genocide and blackmailing their politicians. What a coincidence!
1 reply →
> Although a majority of voting Members of the European Parliament (MEPs) actually opposed the regulation (314 against, 276 in favor, 17 abstentions), the motion to reject it failed to secure the required absolute majority of 361 votes.
This vote was urgently scheduled for today, the last day of parliament before the summer break. 113 MEPs were not present for this vote, likely having taken vacation days to extend their break. It's hard to believe choosing to do the vote today was done accidentally.
To me as a European, this is not only about the dystopia that is becoming the tech survailance of society but it is a perfect example of what I feel the EU is. It is a disgusting dysfunctional institution that should have never been created in my opinion.
This is what we have... Unelected bureaucrats using every opportunistic tool they can to, in my opinion get rid of democracy. What are we fighting for at this point? Personally I have lost all faith in the EU and I'm embarrassed to be living here. I'm so disgusted by politicians and the obvious de-route of democracy.
What the ** are we doing...
As a European shouldn't you know this is just a renewal and nothing new. The weird voting system applies too.
From Google: "The law seeks to require digital platforms and messaging services (like WhatsApp and Gmail) to automatically scan users' private messages, emails, and photos to detect and report illegal content"
-- EU policy makers are really honest people, hats off to them. There's no way politicians in my country allow their chats to be scanned, because they're very corrupt.
EU politicians are exempt from this measure. They thought it all the way through.
(Edit: seems that the statement above applies to ChatControl 2.0, not the approved text. Apologies.)
What are the criteria to be covered by this "secrecy" exemption?
basically admitting they are pedos
Can you cite the text where it says this?
1 reply →
Great, so even if something is repeatedly voted down and doesn't get enough votes it can still pass.
It's a joke. The system is hacked.
Man, and right on the heels of enforcing driver-facing cameras in all newly purchased vehicles: https://news.ycombinator.com/item?id=48823557
Are there any civilians left in the EU, or is it all bureaucrats and bankers?
The defence against this is widespread truly peer to peer messaging services, where there is no company at the middle to tell you add backdoors.
Who is working on that? I suspect the main challenge is not technical, but human - persuading users to switch messenger apps is almost impossible.
I genuinely wondered the other day how long before we see some country try to regulate the new self-hosted radio mesh messaging solutions like Meshtastic etc. Eventually some crime group somewhere is going to be busted using a homebrew encrypted radio system for messaging - they are so plentiful and easy to build with dirt cheap ESP32s etc, and it's so easy to deploy repeaters to extend range.
> https://meshtastic.org/
> The defence against this is widespread truly peer to peer messaging services
Spain would label you criminal for merely using alternative Android builds: https://www.androidauthority.com/google-pixel-organized-crim...
Simplex
https://simplex.chat/
Session was recently shut down due to lack of funding.
True P2P implies knowing the IP addresses of the people you're talking to.
Or it can be many-server, with tens of thousands of server operators and one selected at random.
Only the server operators then know your IP, and they don't know who you are or what you're saying.
Session was supposed to be shut down at start of July but looks like they got enough funding from donations to keep going for now.
Not P2P but Delta Chat
Or you can just host your own server like IRC. This is beyond idiotic, if they think that pedophiles will begin to suddenly use WhatsApp then I very much doubt about their basic literacy.
Such a weak reasoning and method which they used to push this is ridiculous agenda lead me to strongly suspect there must be something else behind it.
How is it that a most MEPs vote it down and it still passes? Can someone explain to me how the EU Parliament can do this?
If the EU just were to redirect the resources they're currently allocating to regulations like AI and Chat Control rather towards developing a genuinely competitive OpenAI or Anthropic alternative …
No, it's easier to put a tax on American AI companies.
There are at least two options to verify age without humiliating procedure of taking a selfie with a passport like a porn actor.
First, there are USB tokens that can hold a private key and sign messages. Such tokens could be sold at places accessible only to adults and verify that they are indeed adult. Obviously every token should hold the same private key.
Second, OS could implement "parent mode" which allows installing only white-listed, government approved apps (no Telegram or Whatsapp or other dangerous apps, but school apps are ok) and opening only white-listed government-approved websites. Put in jail the parents who did not set up a parent mode. Problem solved without passports and verifications.
If, however, the government insists on selfies, it means they just want to identify users and compile lists of "untrustworthy", "rebelious" and other persons of interest.
Also, employees who do verification, sometimes create internal chats where they post pictures of clients and mock their appearance. We had such case with Alfa-Bank in Russia, where the photo of a funny client with a passport and third-grader level comments leaked to Instagram account of employee's friend. The bank paid approximately $20 as a compensation.
Maybe a dumb question, but what's to stop people from communicating e2e encrypted over totally insecure channels using steganography techniques?
You don't need a special app to do this, or maybe you just need a companion app that you type your message into and it gives you the thing you just paste into whatever messaging app / social media you use. The steganography makes it hard for the operator to determine that you're "abusing" the service by not transmitting your message in the clear so they can read it.
1) Alice uses steganography to embed her public key in an otherwise innocent or mundane looking image e.g their profile picture.
2) Bob uses the public key to encrypt a short message to send her.
3) Bob embeds the encrypted message in his own mundane looking image (could generate these from a pool of images or on the fly using stable diffusion)
4) Bob sends the image to Alice.
5) Alice recovers the encrypted message and decrypts using her private key.
(Could also use the process to do key encapsulation too, instead of using the raw key pair)
> or on the fly using stable diffusion
Steganography fundamentally requires you to be able to know where the data is, which requires you to have the original image to compare against. The only other strategy I'm aware of is setting known pixel positions to exact data, which is very easy for basic tools to spot and decode. Or to add the data to non-visual data blocks if the image format supports those, which is also quite easy to spot.
Well when it comes to ending encrypted traffic, I would assume if they can’t read your traffic you will be in violation and the police will show up at your door to kindly imprison you for a few years
If they can't distinguish traffic containing hidden encrypted messages from humdrum non-encrypted traffic then they'd have to ban the whole thing for everyone.
Mass adoption. Two IT guys can communicate completely secure with udp packets via SSH tunnel, but it doesn't scale to family and non-techy friends.
Getting the criminals is not the point here, mass control is. How many of your friends do this now? The criminals might do it, but why, when they can just meet in person and talk there, without a digital recording of what they talk?
Combine the 'age verification' (show your ID when you register) with this (we can read what you type), add some AI (to profile the people), and you have all the info you'd ever want on anyone anywhere.
The effort required to do it
EU's strong digital privacy branding is becoming satire
> apps that are safe by design for children
How do we design such apps? Let's rule out age attestation (to allow only some age ranges) or scan of content because they are orthogonal to apps. What are the design patterns that prevent adults to meet kids? No messaging?
Depending on the app, you could also get away with limited messaging such as a wheel of predefined callouts in a team game.
So much effort and emotions wasted. EU should have a mechanism that disallows repeatedly pushing for things until they are greenlit. Lack of this type of measure renders whole governance incapable of being taken seriously.
> What is still NOT being scanned: End-to-end encrypted chats, such as those on WhatsApp, [...]
I thought WhatsApp is removing e2e encryption. The article should replace the wrong example with something like Signal
EPP is a corrupt, authoritarian regime that will hopefully not last long. It is not a coincidence the union took a massive, noticeable turn for the worse in 2019 -- the von der Leyen presidencies have done immeasurable damage it will never recover from. They have also been complicit in crime and corruption from Bulgaria, Serbia and Hungary, for years, and that is even if you exclude the Pfizer disaster nobody was held responsible for. They are giving the opposing parties ammunition they need to take them and the dream of a stronger union down, and the only way they can fight back is banning those parties outright, one of which voted completely against this utterly insane, already repeatedly rejected mass scanning. It's hard to think of the union as anything positive when this is the direction it is taking.
Well anything with people's in its name is basicaly authoritarian, just like the DPRK or PRC.
The EPP also gave us migrant quotas, chat control and punished Greece for its debt.
List of votes per MEP: https://howtheyvote.eu/votes/195775
Is there an EICAR file equivalent for CSAM? it seems like I'm going to busy preparing a mass messaging/mailing campaign to EU law makers
Move to Jabber or Matrix. Maybe Signal.
I want to like the EU. In many ways I do. They're making it really easy to not like them.
All for a safe and secure society.
except it's hardly safe or secure anymore...
Something something essential liberty, something something temporary safety.
I mean, even the victims themselves came out and explicitly emphasized that scanning chat messages does not help.
I'm feeling these politicians was not doing it for the victims. Instead, it's almost like the victims are providing reasons to allow the politicians to expand their own power.
The Accelerationism (see note below) part of me think it's a good thing, because a heavily regulated country is often also a backward country. Doing things like this long enough, then you get out competed by everyone else, your population shrinks to zero and your land gets reused.
(Note: The word "Accelerationism" in the Chinese dissidents circle means that, if a bad future is certain and it trends to destroy itself eventually, we might as well just let it happen faster, so the pain maybe shorter. More: https://en.wikipedia.org/wiki/Accelerator-in-Chief)
Look, EU obviously have a few good regulations. But a regulation must be correctly designed and implemented, and it must not punish good people. Scanning private messages is a punishment to all.
If EU must scan something, I'd say scanning all messages/phone calls sent out by the politicians might do more good, consider how much trust people put on them (maybe they shouldn't).
That's cool and all but looks like we are running out of good countries
And if they all have censorship, they are not failing (when comparing them to each other)
Wouldn't it be fun if those who are in favour of such measures were the first to behave their messages scanned?
If no one actually stands up against this and puts an end to it, then it wasn’t that important to begin with.
Wack
Anyone that thinks that this is a good Idea either didn't understand the internet or is just borderline stupid
Once you realise the age group that are in that bracket of european law making you realise it's gen X AKA the helicopter parent generation and it all becomes less shocking.
More interesting that that mostly childless politicians are in favor of such things. That's makes sense since those legislations are NOT about children.
It's so tiring. Fellow Europeans, you know what to do =)
Are you kidding? No, I have absolutely no fucking idea what to do.
Can people sue EU about this? This is ridiculous
If they didn't for five years why would they start now?
What a democracy we live in.
Rest assured, someone is already working on circumventing this. Necessity is the mother on invention.
You don't need to do any work to circumvent this. This law is just continuing the status queue that's existed in the EU for 5 years.
To avoid being affected by this law, you can just download Signal, or use any other encrypted messaging service.
Sure. The criminals and political enemies of the EU will just use illegal chat apps and hardened phones. What about the others though?
They don't need to use "illegal chat apps". They can just use Signal or Telegram, or any of the other ways that exist to send encrypted messages.
the rest? they comply, or get labeled a criminal.
innocent men cannot be ruled over. authoritarians want a population of such "criminals", because then their power becomes the choice of which law is executed on whom.
> End-to-end encrypted chats, such as those on WhatsApp
What a bad example to bring for e2ee.
I love how they framed it like this: "Temporary derogation from certain provisions of the ePrivacy Directive to combat online child sexual abuse".
Just--OF COURSE, think of the children.
I'm not a lawyer, and I don't live in the EU. Sorry for the silly question.
Is there any EU law that prohibits minors from encrypting their messages or using, for example, PGP keys?
How can they protect children if the children deliberately encrypt their messages?
No, there is no law preventing anyone from encrypting their messages. The thought is that children won't use encrypted services.
what are the actual consequences of that? they can read any Whatsapp encrypted chat? What changes?
FTA:
> What changes with the return of Chat Control 1.0—and what stays the same:
> What is coming back: US tech companies are once again allowed to scan private messages without a warrant or prior suspicion. This affects direct messages on platforms like Instagram, Discord, Snapchat, Skype, and Xbox, as well as emails via Google’s Gmail and Apple’s iCloud.
> What remains unchanged: Public social media posts and files hosted in cloud storage could already be scanned without this law. Furthermore, private messages can always be reported by users, or monitored by authorities using targeted, court-ordered wiretapping.
> What is still NOT being scanned: End-to-end encrypted chats, such as those on WhatsApp, have always been exempt from these scans. Additionally, European providers of messaging and email services have never implemented chat control measures.
Discord recently had an AI malfunction that resulted in square grids getting detected as CSAM and reported to cops.
Literally nothing changes. This is the continuation of a temporary law that already existed.
As far as I understand this. It basically gives the company providing chat services the possibility to scan your messages.
This is so bad, honestly, I'm so let down
To hell with children. Create a separate internet for them, no ICANN access unless they are parent-supervised until they hit 13 or so.
God..why.. Do the citizens have no say in this??
The citizens do have a say: they vote in elections. This is a temporary law that was implemented 5 years ago so everyone had a chance to vote in the 2024 EU election and vote out those who supported this law. But most people don't care if a company like Meta is allowed to scan their messages. For those who care, they can always use an encrypted messaging service like Signal or Telegram.
Yeah, right, this is just complete bullshit. Let's just put it this way: so, given that you more aware than "most people", did you at least vote against those who support it, and did you try to persuade your friends to do that, but they just didn't listen?
I really don't feel like I can affect anything at all. First of all, even if we assume for the sake of argument that voting for MEPs is important, it's really hard to judge what you are voting for. It's not like they come with clear agendas that people carefully evaluate before they decide how to vote. It's a long running joke how USA elections are choosing between "a giant douche and a turd sandwich", and whatever you choose doesn't even matter because they won't keep their promises, but, hey, at least everyone knows their promises. This one is blue, that one is red, both will let you down in the end, but you kinda know what their general vibe is. Voting for MEPs on the other hand — they are all kinda grey and I couldn't tell you how'd they vote on this particular issue. Depends on your country, but in my case many of them simply weren't MEPs on 2023 vote. And I'm kinda surprised by some of the choices.
Second, I don't really feel that MEPs are that important. They impact almost nothing. All real work is done behind the closed doors by some unknown people, and half of them all happen to be Maltese for some reason (0.1% of EU population, by the way). Parliament in the majority of cases just votes "for all good things and against all bad things" and the actual things that will come to haunt us are usually some small details in the Appendix that were never even explicitly put on the vote.
And when MEP's vote does matter, well, we get something like in this case. The majority objected, but that doesn't matter.
By the way, a couple of years ago I was asking myself, how could it be that we choose von der Leyen to be the President of EC? Well, I don't think we ever did. I surely didn't. MEPs barely did. Never once in all of the history EP rejected a candidate proposed by Council. Whatever each member of the Council did we'll never know, this is not disclosed. And to add the cherry on top, in this particular case it was a record number of MEPs who actually voted against her. It doesn't matter. Here we all are.
[dead]
Just so blatant that this was paid or bargained into existence, EU is a compromised system.
I'm curious where I can go to see real regularpeople who support this, is there like a different side of reddit, comments section? I don't know anyone who is blatantly anti-privacy and I want to hear their reasoning. Otherwise this just seems to be the EU rolling into a weird distributed autocracy without anyone blinking an eye.
"We decide on something, leave it lying around and wait and see what happens. If no one kicks up a fuss, because most people don't understand what has been decided, we continue step by step until there is no turning back". -- Jean-Claude Juncker, VDL's predecessor
It's not so much "support" as "not caring." Most "regular" people, when they hear about measures like this, say "oh no, the government can see my boring text messages to grandma, who cares", much they same way they shrug off the dangers of having a robot vacuum live-streaming the inside of their house to China ("there's nothing interesting in my house, who cares").
The thing is... It's not even reported on the news here (Lithuania).
Just now I scrolled through our most popular news sites. 0 mentions. Wasn't on TV either.
The vast majority of the population didn't even have a clue that the vote was happening.
I checked the top 5 most popular local news sites. There was one article about chat control in April and then 2 more from 2025. That's it.
Imagine an issue as big as this and it's not even reported. Yeah I don't feel confident about the future at all.
1 reply →
The lobbyists won this round.
free healthcare o algo
So, private companies can't track you, but the people with the state's monopoly on violence (which very much exists in the EU member nations) can?
Is there any sort of warrant needed for accessing this sort of information on devices?
It's not accessed on devices. This is about people using messaging applications, like Messenger. Then, as the message isn't encrypted, Meta can read the message on their servers. And with this law they are allowed to scan and sometimes report it to the government.
What can we do to try and stop this?
I do not believe solutions to these issues will be found with government regulators. I believe they can be enabled by new technology that is designed to balance interests on all sides and actually enforce the guarantees IN CODE AND PROTOCOLS.
Having said that, I don’t think the tech industry is what it once was, dominated by cypherpunks working to create a better world. It has been captured by greed and “moving fast and breaking things”, as well as infighting. Greed (both in the form of web3 numbers go up, and benefiting from the greater fool while delivering no utility) and moving fast (web2 facebook / VC / dump shares on the public / lock in / extract rents). So no wonder the government eventually steps in, when the industry spends a decade without adults steering the ship. We have giant platforms controlling everything, and the rest has devolved into zero sum games and memecoins. The tech industry hasn’t led or even organized enough to get behind technology that can liberate users. Instead it’s been captured by for-profit interests. Mozilla and Apache are rounding errors.
Here is what open source can do when it comes to mass surveillance, and this would also solve the Flock problem here in the States, too:
https://community.qbix.com/t/balancing-privacy-and-accountab...
More broadly, here is what needs to be done across the board:
https://www.laweekly.com/restoring-healthy-communities/
> new technology that is designed to balance interests on all sides and actually enforce the guarantees IN CODE AND PROTOCOLS.
They will just call your code illegal in law. And if you will run it anyway, use deep packet inspection to drop your protocol packets, like they do in Russia
Unless they have backdoors to absolutely every form of encryption, including https certificates, etc. you can always use that to tunnel through.
https://www.reddit.com/r/privacytoolsIO/comments/cukcaf/goog...
1 reply →
> In these talks, the EU Parliament is pushing for a paradigm shift in how we approach online child safety, demanding: [..] Strict security standards for messaging apps (“Security by Design”) to prevent cyber grooming.
It's dispiriting to see a supposedly pro-privacy politician launder backdoors as "strict security standards".
I think they mean local scanning for CSAM - which feels like a reasonable solution that preserves privacy, but still addresses the real problem of, y'know, child abuse?
What is the false positive rate that you would be comfortable with such a scan having? What would be the risk of your personal photos and videos being recognized as CSAM and reported to your local police (and thus being shown to your local police) that you would be happy to accept?
Would you also be ok with not being allowed to send any mail unless you first scan the contents of everything in that envelope and include a generated signature that might tell the post office that you're sending CSAM? And then having the envelope delivered directly to police if the scan did indicate that?
If local scanning of CSAM flags a post, that post will have to be analysed by a human operator. If you send a sensitive photo of your kid's rash to your spouse, and it gets flagged, are you ok with a random cyber enforcement officer seeing your child in that way?
1 reply →
Okay, since it is already working system - how could I verify it scans for CSAM, not my dissident books and saved eps*ein files?
I have a question: who trains the CSAM model?
Weaponizing our own property against us, mandating that it spies and tattles on us, turning inanimate objects into policemen to construct the most total surveillance dystopia, is not in any way "reasonable". In no way does it "preserve privacy".
And let's not pretend there are not already many other ways in which child abuse is detected and fought. When schoolteachers or doctors or neighbors or other family members notice something is amiss, when a CSAM group is infiltrated by police, or when a predator falls for a honeypot. This triggers an investigation, and at that point no digital lock can withstand modern targeted covert surveillance. But we are supposed to pretend none of this exists, and that encryption is an unassailable castle, and play along with the "going dark" lie, despite being more surveilled than at literally any point in history, including under the Stasi.
They only don't address child abuse, if by "child abuse" is meant a photo existing in some private shared-with-nobody hard drive, and not an actual human child being abused.
The italian constitution clearly states that citizens have a right to private correspondence. Good to know our crooked politicians don't care.
The sad thing is how we keep saying how bad China is, while doing exactly the same things.
Majority AGAINST, passes anyway:
314 against, 276 in favor, 17 abstentions
In case anyone wants to know: stopping it would have required 361 against.
And more than a hundred did not vote, if they wanted to vote no they could have. But they didn’t so they’re implicitly in favor.
The fact that governments worldwide do not force either a vote for or against is a much greater issue as it allows representatives to launder their beliefs through inaction.
Related:
Chat Control 1.0 and 2.0 Explained
https://news.ycombinator.com/item?id=48819008
This might get this control out, but people's anti-EU stance will just be increased by this and long-term this is a terrible move.
Just fueling material for right wingers who will take advantage of this and push for secessionist stuff.
EU is in dire need to have VERY POPULAR measures among people, not idiotic stuff like this which is a step in a wrong direction.
You're asking too much from bureaucrats that stand to directly gain post-mandate by consulting the companies they legislate for, and also believe that the legitimacy of the EU as a whole should be driven by output (economic prosperity, etc), rather than input (democratic mandates, political participation of their constituents)
This is a very disappointing news. It weakens democracy and makes the EU hypocrite.
Why should one care about GDPR or some privacy shield thingy when this is going through ?
And so, step by step, in the name of child protection and similar excuses, we lose liberties and rights one by one.
Welcome to the Brave New 1984 We World. Big Brother loves us.
We are living through the time best described by Zamyatin, Orwell, and Huxley.
Man, the EU is supposed to be the beacon of liberal democracy (after the light of Reagan's shining city on the hill is now truly extinguishing), but with shit like this, it's really making enemies left and right (metaphorically and spectrally).
The EU exists mostly to promote economic liberalism and free trade.
It started out as a purely trade arrangement, then evolved to become a broader union.
Exactly. I consider myself euro federalist but bullshit like this creating a very strong antipathy.
If this is not some shady maneuver to scan user messages for security reason, because of, for example, possible incoming war then it's beyond absurd.
I would doubt that politicians pushing this are not understanding that pedophiles simply do not need to use these apps they are scanning. But I saw questioning of tech CEOs by older US officials and the lack of even basic knowledgeable about current technologies was ridiculously astounding.
Here's a thought: maybe liberal democracy was never very free.
1 reply →
Chat Control 2.0 is in the name of child protection. This one, 1.0, is just in the name of pleasing big tech.
Slippery slope is fine and all but do you have any constructive argument?
Slippery slope is not a "fallacy" by default. It can be occasionally but its a perfectly reasonably argument in plenty of cases.
3 replies →
Constructive argument? Just disband the EU as a whole, including all laws, treaties, contracts ...
Europe would be a much better place if the EU stayed what it was, a trade union of sovereign nations without any political power over the people.
4 replies →
"Slippery slope" does not by itself invalidate an argument, because slippery slopes do exist.
What "constructive" argument is anyone supposed to give about authorities having warrantless access to all private conversations?
I'm honestly confused about why this is on topic for HN.
https://news.ycombinator.com/newsguidelines.html
> Please don't use Hacker News for political or ideological battle. It tramples curiosity.
Don't get me wrong, I feel a desire to engage with this as well, but there is nothing I can possibly say about this that is not political, because this is purely a political choice.
Conversely, declaring a space "politics-free" tramples a hell of a lot more than curiosity.
Incidentally, the comment immediately below this one begins with the words "I'm curious". So I think we're good.
Brought to you - as always - by the Conservatives. Conservatism is just fascism with a slightly nicer image.
This was overwhelmingly approved by "The Left in the European Parliament" (that's their actual coalition name) as well as the Greens. It was overwhelmingly rejected by the European People's Party (AKA "The Right"). And mixed among other groups (S&D and Conservatives).
https://howtheyvote.eu/votes/195775
No, it's the other way around. Quoting another comment:
>"Yes" means stop control, because it's a "proposition de rejet" we're looking at. rejet = reject
Indeed. The vote, however, was about stopping Chat Control. The key term is "derogation" in the title.
A "yes" vote was a vote against Chat Control. It failed because it needed an absolute majority of 361/) votes to defeat the "urgent procedure" lawfare by Metsina, a conservative.
EU conservatives are just moderate leftists, who cares.
What are you even saying? As a leftist, I want nothing to do with those fascists.
5 replies →
Eh, the commies are pretty good at this too. Best analogy for Chat Control is really a digital Stasi.
I mean sure, but there's no meaningful commie contingent in the EU.
The war on privacy at the EU level always comes from conservatives.
1 reply →
[flagged]
[dead]
[dead]
[dead]
Really the west is currently at the wrong side of history. With the US bombing and killing hundreds of thousands of civilians in the last decade. Europe with its hypocrite stance in literally everything. Slowly the west is becoming a much less free place to live than a Russia. And propoganda in the west makes people think they are free. It's bullshit. They are not free. You got more freedom to move around, start businesses, own stuff in China and Russia than in any western European country.