The new law would have required breaking end-to-end encryption (E2EE) as the companies would be required to scan messages. CSAM is just the pretext they use to compromise all communication. Same as “think of the children” is used to steal other rights.
That is true, but can’t they (a company that wants to, not the goverment) do that already if they want to, under ChatControl 1.0? And I wouldn’t say that whether a service is E2EE or not makes any difference here - scanning private user messages shouldn’t be allowed, whether they are encrypted or not. IMO if ChatControl 2.0 passed and was made mantadory for everyone, the fact that it is mostly noticable on E2EE apps is only a side-effect of blanket surveilance, and not the main issue with the proposition.
What’s the point of them agreeing that they will let the 1% of users of E2EE services keep their privacy, while they already scan 90% of communication (I mean, just GMail + FB/IG + iCloud, that is already being scanned, makes for most of the worlds communication) for the past year or so?
Now I’m curious whether Facebook/Instagram, who does offer encrypted chats and also scans all your content under ChatControl 1.0 voluntarily, also scans the encrypted chats or not. I’d vager they do, but that’s just a speculation.
But they did briefly mention that they will begin “phasing out” chatcontrol 1.0. I wonder what does that means, and how long will it take.
That’s the goal of end-to-end encryption. To make it impossible to scan. With E2EE company doesn’t have the decryption key, so there is no legible content to scan.
P.S. It’s still possible to collect metadata like when or who the message was sent, which is why services like WhatsApp which have E2EE are not recommended, but the content is safe.
the fact that it is mostly noticable on E2EE apps is only a side-effect of blanket surveilance, and not the main issue with the proposition.
Isn’t it though? We moved past the non encryption communication being safe a long time ago. And just because they will phase the old law, it doesn’t remove the ability of companies to still scan the messages or cops to request that data from those companies. Those companies still have access to the server and your encryption key where your messages are stored. E2EE on the other hand makes it technically impossible even if they want to do that or court orders them to do that.
The new law would have required breaking end-to-end encryption (E2EE) as the companies would be required to scan messages. CSAM is just the pretext they use to compromise all communication. Same as “think of the children” is used to steal other rights.
That is true, but can’t they (a company that wants to, not the goverment) do that already if they want to, under ChatControl 1.0? And I wouldn’t say that whether a service is E2EE or not makes any difference here - scanning private user messages shouldn’t be allowed, whether they are encrypted or not. IMO if ChatControl 2.0 passed and was made mantadory for everyone, the fact that it is mostly noticable on E2EE apps is only a side-effect of blanket surveilance, and not the main issue with the proposition.
What’s the point of them agreeing that they will let the 1% of users of E2EE services keep their privacy, while they already scan 90% of communication (I mean, just GMail + FB/IG + iCloud, that is already being scanned, makes for most of the worlds communication) for the past year or so?
Now I’m curious whether Facebook/Instagram, who does offer encrypted chats and also scans all your content under ChatControl 1.0 voluntarily, also scans the encrypted chats or not. I’d vager they do, but that’s just a speculation.
But they did briefly mention that they will begin “phasing out” chatcontrol 1.0. I wonder what does that means, and how long will it take.
That’s the goal of end-to-end encryption. To make it impossible to scan. With E2EE company doesn’t have the decryption key, so there is no legible content to scan.
P.S. It’s still possible to collect metadata like when or who the message was sent, which is why services like WhatsApp which have E2EE are not recommended, but the content is safe.
Isn’t it though? We moved past the non encryption communication being safe a long time ago. And just because they will phase the old law, it doesn’t remove the ability of companies to still scan the messages or cops to request that data from those companies. Those companies still have access to the server and your encryption key where your messages are stored. E2EE on the other hand makes it technically impossible even if they want to do that or court orders them to do that.
Facebook says they plan to roll out full E2EE by 2024.