The planned chat control makes the world less secure and more authoritarian, as it is directed against private and encrypted communication. Proponents are using disinformation, lies, and sleight of hand to push through the project. But chat control can still be stopped. A commentary.
For years, legions of IT experts and security researchers, lawyers, data protection experts, digital organizations, tech companies, messengers, UN representatives, child protection experts, guardians of internet standards, scientists, and anyone else with expertise have been raising alarms around the world: chat control is dangerous. It is a new form of mass surveillance. It will weaken the IT security of us all. It would introduce a surveillance infrastructure on apps and end devices beyond the EU that authoritarian states will use to their advantage.
Ultimately, chat control is a frontal attack on end-to-end encryption. Put simply, this form of encryption ensures that the sender puts their message in an envelope that can only be opened by the recipient. With the planned chat control, the envelope is not forcibly opened on the way to the recipient; instead, the contents of the envelope are analysed before being inserted into the envelope. So when you write a letter, your private data is looked at directly over your shoulder. Nothing Is Private Anymore When Chat Control Arrives
Those in favour of chat control now claim that the envelope – in this case, end-to-end encryption – would not be opened and that communication would therefore be secure and encrypted. It’s a shabby and transparent sleight of hand: after all, what is the protective envelope worth if what we send to other people is screened by default before it is sent? And where is the good old privacy of correspondence for our digital letters on WhatsApp, Signal, or Threema? What right do you have to monitor what I do and what I send on my mobile phone, tablet, and computer? How dare you!
The fact is that it is not technically possible to monitor all content at the same time and still guarantee private and secure communication. It simply isn’t possible. But the EU Commissioner for Home Affairs, Ylva Johansson, and all the other proponents of chat control claim exactly the opposite. They openly lie to our faces, place misleading ads, and pretend that chat control is somehow harmless and compatible with fundamental rights and data protection. They spread the disinformation that private communication and the screening of all content can coexist. This is nothing less than an insult to common sense.
It’s Not About the Children
The surveillance proponents pretend that they want to better protect children and tell horror stories based on dubious figures. But it was clear from the outset that chat control is about attacking end-to-end encryption – and therefore the secure and private communication of billions of people. Because if the EU, with its 450 million inhabitants, introduces chat control, it will have a global impact.
From the very beginning, a lobby network intertwined with the security apparatus has been pushing chat control. It was never really about the children; otherwise, the root causes of abuse and violence would be addressed instead of monitoring innocent people without any initial suspicion. The point is that encrypted communication is a thorn in the side of the security apparatus. That is why it has been trying to combat our private and encrypted communication in various ways for years.
This is the surveillance state at its best and a reversal of the principles of the rule of law. Everyone is guilty until proven otherwise. This chat control is a spawn of authoritarian fantasies – and as such, the EU member states must reject it in the Council on Thursday if they still have a shred of democratic values.
Imagine there’s one phone type with one security level. And now they introduce a second phone. It has less security. Now everyone has to switch to the weaker phone.
Soooo, now who gets the stronger phones? Government employees? The military? Politicians? Agencies?
The less the strong phones you give out, the more authoritarian the measure. But the more the strong phones you give out, the higher the chance of misuse or mishandling. You will now have a black market for secure phones, giving them out to criminals. You will now have people with strong phones having a higher right of privacy, giving them more protection against the state itself.
Now let’s add more factors. Someone loses their stronger phone. We now have a potentially untraceable strong phone. The government is losing control over those. Now you have 5 different tiers of secure phones. But people are people and the more complicated, the more things can go wrong. Now let’s add in slightly more authoritarian states like Hungary. There’s a good chance they will instantly start spying on journalists. Or give opposition parties the weaker phones by accident.
Now add in foreign agencies. China’s digital government agencies are very efficient. Imagine they get the keys to the weaker phones. Great, now China can effectively monitor 99% of the EU. And now even if an EU member has a strong phone, they just listen in his wife’s phone, and they get the information anyway. Now what about if a spy from North Korea gets the keys and starts finding bank information on the stronger phones? They now have new super annoying ways of stealing billions of dollars from the EU and covertly as well if they do it right.
As you can see, making some people’s security weaker on purpose is a lose lose game. It never works. There’s way too many cooks in the kitchen in the EU for this kind of stuff to stay in line, and there WILL be misuse, one way or the other.
1984 was a warning, not a goal.
For us(plebs) it was a warning, for those in control an aspiration
How are they even going to enforce this? What prevents me from just using an E2EE message service that doesn’t do chat scanning?
The law… But seriously, it’s not meant to spy on you or me. It’s meant for 90% of the population who can’t install an .apk and don’t know the difference between a web browser and a search engine. They’ll just download facebook messenger from the play store if it doesn’t come already pre-installed with their phone and won’t even know that this law is a thing until they get arrested for sharing pictures of their sick kid with the family doctor or
political dissentterrorism once it gets inevitably expanded to other things than csam.Ooo man, this is a super underrated take. Too often people get caught up in what the law is trying to do, how people could get around it, and what the incentives/disincentives are, while not really taking into consideration how the law would actually operate. Sometimes people get all conspiratorial about it trying to point to ulterior motives, but man, most of the time it’s more that bad-faith actors are taking advantage of what’s already out there rather than actively creating the problems they want to create.
Yes guys who let Catholic clergy fuck kids are here to save us from pedos!!!
Doing that, or operating such a service, will become a crime.
Yes but how will they enforce it? How can they possibly discover such a thing? It seems impossible.
Well they’ll go for the service providers, of course.
Signal would effectively have to leave the EU market and block any EU users to stay out of hot water.
The list of privacy-respecting chat apps would become real short real fast, and good luck getting everyone in your life to use one.
Yeah, I have my own matrix instance, but unless I want to cut off 90% of the people I want to have in my life, I can’t not bridge it to at least telegram and whatsapp.
It doesn’t matter that this is unenforceable, or that alternatives exists. That simply means that those of us who care will still be able to keep some of our communications secure. But this legal change will still make it impossible to keep all of our communications private. That’s already the case, and this will make it orders of magnitude worse.
Unenforceable? On an individual level, yes. On a societal level? No. This absolutely can and will enable the monitoring of 99.99% of actual chat activity.
How do they enforce the GDPR?
The GDPR is actually unfortunately widely unenforced, aside from the very biggest tech companies perhaps.
For now, nothing.
For phone manufacturers wanting to sell into the EU market in the future? It’s will end up being a hardware level requirement baked right into the processor and OS. Like what they’ve already done for drm.
EU making its citizens lose faith in the project. I don’t care if I have to give my votes to the far right (ID is against, I guess) not one of those useful idiots voting for this gets a vote from me for as long as live.
You: “The EU is getting too authoritarian, let’s vote for more and more vile authoritarianism!”
Thank you for molding my point into something that’s easier for everyone to understand.
Although I suspect you trying to be sarcastic: You’re welcome.
With politics, there’s always more than a single topic. And while the chat-control topic and its persistence sucks, keeping democratic structures in place, this can be rolled back at some point. If democratic structures are no longer in place, this is just going to prove a useful tool to whatever authoritarian is in charge.
There are many motivations why people organize in right-wing movements, but protecting civil liberties, democracy, or human rights are not any of them. At least not in any honest way. They may use these topics as part of scare tactics and to paint scapegoats.
Lol, so
a) the far right are opposing this, and you’re dumb enough to believe their lies.
or
b) the far right are silent or supporting this, and you don’t care.
Sounds like we got ourselves a big brained fascist!
The far right won’t help you here. Vote for the pirate party, they care about privacy.
Vote pirate or walk the plank
Aren’t social democrats also against it?
Multiple parties are against it, yes. But the pirate party has a prominent focus on privacy topics and net neutrality, more than any other party.
The person who proposed it to begin with, Ylva Johansson is (to my great shame) a Swedish social democrat. Social democrats in Sweden unfortunately have their heads up their own asses a lot of the time.
Gladly, they are certainly most aligned with my beliefs, but we don’t have one of those.
In which country are you that doesn’t have a pirate party?
Croatia
Mm it seems to have existed until around 2020 in Croatia… kind of sad that it just vanished.
Yes, I know, I voted for them as hard as I could at the time, apparently there were dozens of us.
- Far left / Pirates: Always vote for privacy.
- Greens: Almost always vote for privacy.
- Center Left: Often vote for privacy.
- Center Right/Right: Always vote against privacy.
- Far Right: Vote against privacy or usually just abstain from voting on important decisions.
Just as always with the right: Nothing but lies.
“I am a russian propaganda bot.”
Or a person expressing what you consider an unpalatable opinion, we’ll never know.
Oh, we know.
What a garbage! This comment doesn’t make sense for a lot of reasons, but the most obvious one at first sight is the ‘useful idiots’ argument. These ‘useful idiots’ are exactly the far right-wing officials who get repoortedly bribed by China and Russia, and are criticized by their own party members for their incompetence.
You’re arguing with a trollbot. Don’t bother.
*bot-er
Downvoters didn’t appreciate your pun. I did!
Thanks
What’s your definition of a trollbot? I don’t often express political opinions of any kind, but I feel really strong about private communication and even though I only mentioned a legitimate party that’s in the EU parliament I am denied personhood. I am usually on the same side as the people proclaiming me a bot. Try to see how your devaluing of others’ positions by denying they’re human or thinking for themselves comes across. It’s thought-terminating cliches and snarky soundbites all the way down.
“I hate this option, so instead of voting for a more sensible option, I’ll directly mention that I’ll vote for the worst option ever. In a subtle way so that I’m not too obvious. But hopefully people reading me will be influenced, even by a tiny bit, to vote for the worst option ever. Because I’m being paid for the people who supports the worst option ever.”
It might interest you to know how ID MEPs voted on chat control last time it was proposed.
It might interest you to know how ID MEPs voted on chat control last time it was proposed.
Yeah, fair, they’re not a great option for anything. I suppose, if it passes, I’ll see then who voted it in and make a shitlist.
These ‘useful idiots’ are exactly the far right-wing officials who get repoortedly bribed by China and Russia, and are criticized by their own party members for their incompetence.
Why not all of them, in different domains? What would you call MPs who vote for this without understanding how it works and why it’s untenable? I’d sooner call them useful idiots and those getting bribes something else, they’re at least getting paid.
are you a bot or just a moron?
I am both, thank you.