• 🦄🦄🦄@feddit.de
    link
    fedilink
    English
    arrow-up
    127
    arrow-down
    1
    ·
    1 year ago

    Its really really great that in a time where fascists gain more and more influence in several EU states, we also make it possible to massively spy on citizens :)

      • Random_German_Name@feddit.de
        link
        fedilink
        English
        arrow-up
        53
        ·
        1 year ago

        Europol already said it would use it to fight „illegal migration“ and „human traffickers“ and drug dealers

        A french politian demanded to use it against „Drag Queens“ and museums

        An italian politian proposed to use chat control against „human traficking“ (in this case a dogwhistle for people, that rescue migrants), organ traffickers, illegal trading of weapons and drug dealers.

        Some important german polititians want to expand it against antisemitism, far right extremism and child pornography

        A lobbyist and another german politian want to also use it against illegally downloaded movies and music.

        https://netzpolitik.org/2023/ueberwachung-politiker-fordern-ausweitung-der-chatkontrolle-auf-andere-inhalte/ (article in german)

    • SlopppyEngineer@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      38
      ·
      1 year ago

      And they’ll screech like banshees when you mention the same or higher standards of transparency should apply to the rich and politicians themselves.

      • taladar@feddit.de
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        Well, not the same people. The surveillance people are authoritarian fascists that have been in government parties a lot longer than the newer parties with similar views.

        • KraftPunk@feddit.de
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          Facism is not the same thing as wanting mass surveillance. Or is your definition fascist = bad?

          • taladar@feddit.de
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            Well, mostly I was thinking of the extreme nationalist views that most of these kinds of politicians showed in the past when they e.g. created intelligence agencies that completely ignored any international agreements, basic rights,… to ensure the supremacy of their own nation and their influence within it.

  • OsrsNeedsF2P@lemmy.ml
    link
    fedilink
    English
    arrow-up
    120
    ·
    1 year ago

    Fourthly, scanning for known, thus old material does not help identify and rescue victims, or prevent child sexual abuse. It will actually make safeguarding victims more difficult by pushing criminals to secure, decentralised communication channels which are impossible to intercept even with a warrant.

    This point is huge, and on its own explains why half baked compromises are worthless.

    The criminals will use banned chat apps, while innocent people get their messages read.

    • taladar@feddit.de
      link
      fedilink
      English
      arrow-up
      99
      arrow-down
      1
      ·
      1 year ago

      The reason they don’t care about that is that the whole thing isn’t about protecting children at all but about surveillance of the vast majority of people.

      • MentalEdge@ani.social
        link
        fedilink
        English
        arrow-up
        38
        ·
        1 year ago

        This. There are already plans on expanding what the surveillance is used for, as soon as it is possible to begin with.

        “Think of the children” is just the trick they’re using to get their foot in the door. It being utterly ineffective in doing what they claim it’ll do, is irrelevant.

    • BestBouclettes@jlai.lu
      link
      fedilink
      English
      arrow-up
      39
      arrow-down
      1
      ·
      1 year ago

      Well that’s the point, catching CSAM is just a very convenient excuse. Once that’s through, it will just be a matter of extending it to terrorism. Then you can declare anyone a terrorist and bam you have free reign to monitor anyone you want.

      • taladar@feddit.de
        link
        fedilink
        English
        arrow-up
        15
        ·
        1 year ago

        Or you could just accuse them of the really dangerous crimes, like copyright violations or insulting politicians.

        • BestBouclettes@jlai.lu
          link
          fedilink
          English
          arrow-up
          8
          ·
          edit-2
          1 year ago

          That requires some kind of proof or bureaucratic fuckery. If you take any ecologist group for instance, you just have to pin a terrorist label on them, and bam, now you can spy on them legally. They’re trying to do it in France right now.

          • taladar@feddit.de
            link
            fedilink
            English
            arrow-up
            11
            ·
            1 year ago

            Germany too. They are trying to label the climate change protests by the “Letzte Generation” (Last generation) group as organized crime and terrorism.

  • germanatlas@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    66
    arrow-down
    1
    ·
    edit-2
    1 year ago

    I want cameras and microphones in every politicians house, in every room. These record 24/7 and will be live-streamed on twitch. Any politician against this proposal is obviously a child-abusing terrorist, or do they have something even worse to hide?

    • tal@lemmy.today
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      1 year ago

      The law restricts providing a commercial service in the EU that provides end-to-end encryption without monitoring of the content of communications, not using end-to-end encryption. Unless you’re planning to run some kind of underground messaging service, you probably won’t be the one violating the law.

      • RedPandaRaider@feddit.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        What is to stop a company from offering their services in the EU though? As long as they don’t legally cooperate with the EU it should be fine. Like Telegram operating from Russia (if they weren’t collaborators already).

        • tal@lemmy.today
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          1 year ago

          Well, depends on the jurisdiction where they are operating from.

          In the US, if you’re intentionally offering commercial services in the EU (and while the US and EU definition of that may differ, I don’t think that the difference is broad enough to matter much from the standpoint of services that are being affected), my understanding is that the US will honor EU jurisdiction, and will enforce rulings against companies. Now, you have to actually be doing business under the US standard of doing business in the EU for this to apply – like, this can’t just be some random non-commercial server that you set up and then let anyone on the Internet use, as the US doesn’t consider that doing business in the EU. A US-based lemmy/kbin server isn’t going to be considered by the US to be doing business in the EU, but if its operator, for example, says “hey Europeans, donate money here and avoid restrictions”, then that’s targeted advertising to the area and the US will consider that to be doing business in Europe. Someone like Whatsapp definitely can’t just say “oh, my servers are in the US, ergo EU law doesn’t count, and I’m going to go right on selling ads and services and such in the EU and whatever else I do”.

          For somewhere like, oh, Russia, Russia may not care about enforcing EU law. However, that isn’t a blank check.

          First, it may be a pain for the EU to act against Telegram itself, but if money is involved, so are payments. It’s not hard for the EU to act against payment processors – banks, Visa, stuff like that. If a service is getting payment either directly from people in the EU or from advertisers in the EU, the EU can tell the payment processor to cut them off. The payment processor isn’t going to fight the EU on that; this sort of thing happens regularly.

          Second, if you’re using an illegal service, the EU might wind up having EU ISPs block it. Russia has been running around requiring ISPs to ban certain sites. The EU hasn’t done that yet, but it could. I am not at all convinced that in the long term, it won’t be the norm for countries to have a list of “banned” services that they require their ISPs to block. I am pretty sure that there are a number of parties who would like piracy sites to be blacklisted, for example.

          https://en.wikipedia.org/wiki/List_of_websites_blocked_in_Russia

          Third, from an individual standpoint, that means that someone in the EU is not going to be getting any EU legal protection, in the privacy sphere or elsewhere. Now, maybe the technical benefits of having end-to-end encryption outweigh that for the user, but stuff like traffic analysis on messages and the security of the client may be up for question.

          Specifically for Telegram, I haven’t used Telegram, so I don’t know how it handles key distribution, which you need to do for end-to-end encryption – OTR, for example, needs some pre-existing shared secret or secure sideband channel to bootstrap trust between two users. It looks like Telegram provides source, but for that to be useful, one needs to believe that someone trustworthy has validated the source, that the binary for the client is a legitimate build from that source, and that you have properly distributed keys with the other user using that client. Those can all be done with a lack of legality, but my guess is that a lack of legality likely makes it harder.

    • tal@lemmy.today
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      Most people don’t use PGP/GPG, despite it being generally available.

      If the vast majority of people don’t use something, it doesn’t matter much whether it exists.

      A service that makes end-to-end encryption easy for the vast bulk of the public is another story.

      • notepass@feddit.de
        link
        fedilink
        English
        arrow-up
        6
        ·
        1 year ago

        Most people also do not care about privacy or understand anything about encryption.
        If this shit was to happen, it would hit the news for a cycle, some people would get slightly upset and then it would go on with the next thing.

        Most people here care a lot about these things and are technically inclined. But we are a minority.

      • dukk@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        But you know who does use PGP/GPG to manually encrypt their messages?

        Child traffickers.

  • gravitas_deficiency@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    37
    arrow-down
    1
    ·
    1 year ago

    Lol guess we can kiss post-quantum TLS goodbye.

    This is going to have catastrophically negative effects for the internet in general. And, as others have said, actual bad actors will just keep using the most advanced encryption available anyways. This only makes the vast majority of internet users less secure and easier targets for exploitation.

  • Koof_on_the_Roof@lemmy.world
    link
    fedilink
    English
    arrow-up
    37
    arrow-down
    1
    ·
    1 year ago

    “If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.” - Richelieu (disputed)

  • Dyskolos@lemmy.zip
    link
    fedilink
    English
    arrow-up
    28
    arrow-down
    3
    ·
    1 year ago

    Great. That would probably mean a ban for Telegram would also be needed, as they’re known to not bow to local surveillance-laws.

    I’m all for doing everything to find effing pedos, but I’ll doubt it will help catch one. Who would be so dumb to do illegal things on the surface-web?

    • Vincent@kbin.social
      link
      fedilink
      arrow-up
      31
      arrow-down
      3
      ·
      edit-2
      1 year ago

      Telegram is already not encrypted end-to-end encrypted by default. Signal is the interesting app - they don’t even have the data to bow to data requests.

        • Vincent@kbin.social
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          That would be nice, but most likely that would also mean that getting every service to make changes at around the same time pretty much impossible - which would be essential when e.g. the protocol needs to be updated to deal with new threats.

          But who knows; I believe the Digital Markets Act intended to achieve something like this?

            • taladar@feddit.de
              link
              fedilink
              English
              arrow-up
              4
              ·
              1 year ago

              Emails have had major problems with federation too, despite the fact that most email standards have been unchanged or only had minor changes since the early 1980s. You just usually don’t notice so much since most of those are only a headache for mail server administrators, not so much for end users.

      • Yamayo@lemm.ee
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        4
        ·
        edit-2
        1 year ago

        Of course it is encrypted by default, just not on device, but in the server side. Just like Gmail, office 365, and so many online services that are perfectly secure and that no one mentions as being a problem.

        If you need End to End encryption, you have the option to use it, but being server encrypted it’s more convenient for syncing on devices and for uploading files, which I use a lot.

        • Vincent@kbin.social
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          1 year ago

          Sorry you’re right, I meant end-to-end encryption of course. (Gmail, Office 365, and most HTTPS websites are only encrypted in-transit though, not on the server side.)

          Which is, of course, the kind of encryption that matters for this proposal. (And which I believe you don’t have the option of using in group chats on Telegram, but don’t quote me on that.) Non-end-to-end encrypted messages can already be obtained by law enforcement by coercing the service provider.

      • Zacryon@feddit.de
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        2
        ·
        edit-2
        1 year ago

        Doesn’t Signal have backdoors for government agencies or am I mistaken? (Has been a while since I read something like that.)

        • Natanael@slrpnk.net
          link
          fedilink
          English
          arrow-up
          8
          ·
          1 year ago

          No

          Every time somebody comes to them with warrants they got nothing but timestamps for account creation and last login

          Closest thing you might be thinking of is when Signal added a warning third party keyboards might spy on you, which was promptly followed by China banning Signal (the most popular Chinese keyboard app is developed within China).

      • Dyskolos@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        2
        ·
        1 year ago

        Signal or tgram. Whatever floats your boat and isn’t whatapp and co. It’s not always about encryption alone. It’s also about trust. I trust tgram and Pavel Durov. If one doesn’t, go signal & co. Perfectly valid alternative.

    • vrighter@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      18
      arrow-down
      1
      ·
      1 year ago

      not really, cos telegram is not end to end encrypted unless you do not use group chats, and deep dive into the menu to enable secret chat for every individual contact.

      I have no idea why telegram got this secure reputation. it is literally the absolute worst of the bunch, security wise

      • Dyskolos@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        5
        ·
        1 year ago

        Encryption wasn’t relevant in the context of the surveillance-law, as having ways to decrypt it will be required then and hence make it useless.

        Telegram does not bow. They won’t bend their knee to a government wanting them to plant a bot. They then will just be banned.

        Besides, there is end2end-encryption if you want, where is the problen? Noone forces you to use the cloud. And it’s also not “hidden deep”.

        • vrighter@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          1 year ago

          you have to open chat, click profile picture of contact, and then click the three dot menu from there, where you will find the option. It is buried deep down.

          • Dyskolos@lemmy.zip
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            3
            ·
            1 year ago

            If that’s “buried deep” to you, then maybe that technology isn’t your thing. Beside that was totally irrelevant to the topic at all. If you don’t like tgram, use something else. It’s not a pro/contra encryption discussion, it’s anti-observation.

            If a messenger is still alive after this law gets real, then you have your answer regarding security and privacy.

            • vrighter@discuss.tchncs.de
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              1
              ·
              1 year ago

              the title of the post has secure encryption and chat in the title. but irrelevant, yeah.

              Also it’s at least 4 taps (and you get reduced functionality too) than most other apps, which require 0

              • Dyskolos@lemmy.zip
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                1
                ·
                1 year ago

                I think, you didn’t get the real impact of the meaning of this post if you fight about encryption-capabilities of some clients.

                Wow. 4 taps. This is really above the horizon of most boomers 😁 (of which you surely aren’t of)

                Seriously, who cares. If you don’t like it, use another client. Telegram rocks and has a lot of features i would never want to miss. It’s not all about privacy and privacy. Smart people know when to use which tool at what occasion at their disposal. It’s about having even the option to do so at all, which the law mentioned in the OP is going to fuck away from us. But sure, go ahead and fight your peasant client-wars. Omg tgram is not the most secure client, i gotta fight it until the last secure messengers are gone at all. Happy whatsapping then.

  • bbbhltz@beehaw.org
    link
    fedilink
    English
    arrow-up
    21
    ·
    1 year ago

    So this is how liberty dies…

    I can’t see Signal operating in Europe if this is the case. Telegram has already handed over information, so they will likely adapt and continue doing their thing. Meta/WhatsApp will want to keep that money, so they will find a way to operate as well.

    I suppose Signal could have a European server, but that might cut them off from the rest of the world.

    Might end up using Briar or XMPP.

    I haven’t given the proposition more than a once-over, but I assume this will cover emails too?

    • germanatlas@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      Crazy how we had protests by right wing maniacs suspecting an evil dictatorship conspiracy behind everything, but when an actual aspect of dictatorship comes, nothing happens.

      I don’t want to live on this planet anymore

    • Gamey@feddit.de
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      I will probably end up using Matrix but they really have to leave the UK before those facist shits force them to implement a backdoor!

  • 0x815@feddit.de
    link
    fedilink
    English
    arrow-up
    19
    ·
    1 year ago

    Germany suggests splitting up child sexual abuse material regulation

    Germany has suggested splitting the file into two parts, namely “generally acceptable provisions”, which should remain in the compromise text, and “controversial provisions”, which should be removed. The removed parts should be included in a new draft regulation.

    Controversial provisions could be “discussed without time pressure”, to come up with solutions that protect children and also respect data privacy.

  • Spzi@lemm.ee
    link
    fedilink
    English
    arrow-up
    12
    ·
    1 year ago

    How to contact your MEP.

    Thanks for the link, but I’m still not sure who to contact. Apparently I’m supposed to know who is “my MEP”, but I don’t. How to?

    • Xoronil@feddit.de
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      Might depend on your country, but for Germany there are no direct candidates that we votes for. Everybody hat one vote one could give to a party, which had presented a list of people for the election. At the end the party then send the first x people of that list, according to how many of the German representatives were to be send by that party.

      So, effectively all MEP which are German are “my” MEP. Or just the party I voted for if I want to be exclusive.

  • jsdz@lemmy.ml
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    1
    ·
    1 year ago

    the proposed text would mandate the implementation of surveillance bugs

    And they call it 2.0? I’ve never seen such a blatant example of version number inflation. It should be called 0.2a, as it’s nowhere near ready for release and full of bugs.

  • caesaravgvstvs@feddit.de
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    Are they proposing opening every letter that goes in the mail too? And checking every memory card that gets sent?