Roberta Metsola's actions this week jeopardise the legitimacy of the EU project as a whole.
It's clear that member countries use the EU as a blame-laundering mechanism to pass domestically unpopular laws, but the forcing of this vote under the urgency procedure that requires absolute majority to reject, on the last EP session before summer break is so blatant that it might awaken people that might've overlooked the structural failures of the EU and finally radicalise them
To understand whether/to what extent this is brazen, I'd be interested to learn the reasoning why urgency procedures are possible, and in particular, why the apparent majority against shouldn't have been enough, and what is needed to classify something as urgent.
The regulation was rejected today with 314 votes against, 276 in favor, and 17 abstentions, but because of Metsola's lawfare that classified this regulation as under an "urgent procedure", an absolute majority was required to reject.
Sure, then just let the normal legislative process run its course, no need to bleed political capital and get an already polarised electorate to hate the EU even more by shoving this legislation through in this way.
What changes with the return of Chat Control 1.0—and what stays the same:
*What is coming back:*
US tech companies are once again allowed to scan private messages without a warrant or prior suspicion. This affects direct messages on platforms like Instagram, Discord, Snapchat, Skype, and Xbox, as well as emails via Google’s Gmail and Apple’s iCloud.
*What remains unchanged:*
Public social media posts and files hosted in cloud storage could already be scanned without this law. Furthermore, private messages can always be reported by users, or monitored by authorities using targeted, court-ordered wiretapping.
*What is still NOT being scanned:*
End-to-end encrypted chats, such as those on WhatsApp, have always been exempt from these scans. Additionally, European providers of messaging and email services have never implemented chat control measures.
The Internet Watch Foundation, the group, funded almost entirely by big tech, who pushed for this vote to be held under emergency procedure, is already at work lobbying for the end of E2EE [1].
In a couple years time, Chat Control 2.0 will come about, and the same tyrants will use the EU admission [2] that there is no evidence that suspicionless scanning of private communications has led to an increase in criminal convictions or in rescued children to argue that we need to go further, and break E2EE.
Then I'm not very moved about this. I always assumed that anything unencrypted is scanned one way or another. What I care is not having a backdoor for E2E, i.e. like client-side scanning telling me what I am allowed to talk about like with the LLMs. CSAM excuse is a great excuse to turn every conversation to what we have with AI today.
But now you have governmental overreach and legalized spying on European Citizens by (mostly) US Companies, so i would say that Law is truly binary bad.
Also how the Law was forced is extremely bad.
But hey it's once more proof that they EU is not a democratically spirited institution.
I am not sure if the absurdity of that statement is intentional, or a result of just how far the Overton window has drifted.
First of all, private companies shouldn't be given that responsibility to begin with. Meta in particular, has a long history of unethical and immoral usage of personal data. I won't use the term "illegal", as the question of legality becomes moot when punishment can be factored in as a cost of doing business.
Secondly, for this to carry any plausibility for being motivated by "protect the children" arguments, it requires a minimal effort be enacted on more effective measures, and a measured balance with the cost this comes at. There are very good arguments for why this law would actively harm children. Throw in some Bayesian understanding, and you better have a state of the art system that somehow pretty much never has false positives, nor false negatives, where this was also the only way to detect and avoid said abuse. I don't know the numbers here, but I highly doubt this is a good idea, even with infinite generosity as to good intentions. We've all been children, we've all done stupid things. Now throw in the brilliant and surely-not-to-scar-a-child-for-life situations where parents and strangers looking at something they thought was private, and have a "grown up discussion" about. I shiver at the thought.
Thirdly, and aside from directly harming children in situations where they selves use technology and naively, and unwisely share pictures, consider how many take pictures of their own kids without clothes, because they are normal human beings, who do not consider there to be anything sexual about said depiction. You want to throw law enforcement in the mix here? Child protective services?
Fourthly, consider the possible negative for this abuse. If normal behavior (e.g. children being children, and e.g. normal parents otherwise sharing normal pictures if you are a normal person) can be selectively chosen as being a heinous crime, this should scare anyone, especially consider the political shifting trends towards fascism.
They're strong protections relative to most other jurisdictions, where there is no need to pass laws exceptionally allowing certain uses of private data, since such uses were never forbidden and sometimes are mandatory beyond what Chat Control 2.0 would mandate.
From Google: "The law seeks to require digital platforms and messaging services (like WhatsApp and Gmail) to automatically scan users' private messages, emails, and photos to detect and report illegal content"
-- EU policy makers are really honest people, hats off to them. There's no way politicians in my country allow their chats to be scanned, because they're very corrupt.
"a measure it had rejected twice in March. Although a majority of voting Members of the European Parliament (MEPs) actually opposed the regulation (314 against, 276 in favor, 17 abstentions), the motion to reject it failed to secure the required absolute majority of 361 votes. As a result, mass scanning is now permitted again until 2028."
"Oh no we can't get a majority to pass the law!"
"Have you tried getting a majority to not pass the law?"
"Worth a shot!"
"It worked, should we also do this multiple times?"
This article seems to make good points about how useless and invasive Chat Control 1.0 is, but then posits Chat Control 2.0 as the answer. Is the latter not also terrible for privacy, demanding backdoors in all encrypted chat tech?
How do we design such apps? Let's rule out age attestation (to allow only some age ranges) or scan of content because they are orthogonal to apps. What are the design patterns that prevent adults to meet kids? No messaging?
Once you realise the age group that are in that bracket of european law making you realise it's gen X AKA the helicopter parent generation and it all becomes less shocking.
Or you can just host your own server like IRC. This is beyond idiotic, if they think that pedophiles will begin to suddenly use WhatsApp then I very much doubt about their basic literacy.
Such a weak reasoning and method which they used to push this is ridiculous agenda lead me to strongly suspect there must be something else behind it.
Here's a quote from the article itself, which works for both pro and con arguments:
"What is still NOT being scanned: End-to-end encrypted chats, such as those on WhatsApp, have always been exempt from these scans. Additionally, European providers of messaging and email services have never implemented chat control measures."
As I'm not trained in law, I have no strong opinions on if this proposal is a net positive or negative, almost any big name LLM will do a better job than I can manage by looking at the legal text, stroking my goatee and saying "I recon…". But what I can say that I've just seen a headline about a class action lawsuit in the USA due to grok making CSAM and the company failing to assist the police in their investigations, and another about Meta facing a lawsuit in India for delivering advertising for CSAM on Instagram.
My steelman in favour of the legislation:
The regulation closes a legal gap that would otherwise force platforms to stop using existing CSAM detection systems; it's a temporary framework that doesn't require universal mandatory scanning or ban E2EE, just keeps the legal basis for companies which choose to use detection/scanners while lawmakers continue negotiating a more comprehensive longterm solution.
My steelman against the legislation:
Scanning private communications, even allowing companies to "voluntary" do this, sets the precedent that the confidentiality of private correspondence is conditional rather than fundamental. Also, automated scanning inevitably has false positives. Also, has chilling effect on free speech, undermines trust in encrypted messaging.
Also, situationally, that it's "voluntary" means offenders can migrate to platforms which don't "voluntarily" do this.
I'm curious where I can go to see real regularpeople who support this, is there like a different side of reddit, comments section? I don't know anyone who is blatantly anti-privacy and I want to hear their reasoning. Otherwise this just seems to be the EU rolling into a weird distributed autocracy without anyone blinking an eye.
It's not so much "support" as "not caring." Most "regular" people, when they hear about measures like this, say "oh no, the government can see my boring text messages to grandma, who cares", much they same way they shrug off the dangers of having a robot vacuum live-streaming the inside of their house to China ("there's nothing interesting in my house, who cares").
> In these talks, the EU Parliament is pushing for a paradigm shift in how we approach online child safety, demanding: [..] Strict security standards for messaging apps (“Security by Design”) to prevent cyber grooming.
It's dispiriting to see a supposedly pro-privacy politician launder backdoors as "strict security standards".
I think they mean local scanning for CSAM - which feels like a reasonable solution that preserves privacy, but still addresses the real problem of, y'know, child abuse?
> What changes with the return of Chat Control 1.0—and what stays the same:
> What is coming back: US tech companies are once again allowed to scan private messages without a warrant or prior suspicion. This affects direct messages on platforms like Instagram, Discord, Snapchat, Skype, and Xbox, as well as emails via Google’s Gmail and Apple’s iCloud.
> What remains unchanged: Public social media posts and files hosted in cloud storage could already be scanned without this law. Furthermore, private messages can always be reported by users, or monitored by authorities using targeted, court-ordered wiretapping.
> What is still NOT being scanned: End-to-end encrypted chats, such as those on WhatsApp, have always been exempt from these scans. Additionally, European providers of messaging and email services have never implemented chat control measures.
Man, the EU is supposed to be the beacon of liberal democracy (after the light of Reagan's shining city on the hill is now truly extinguishing), but with shit like this, it's really making enemies left and right (metaphorically and spectrally).
Exactly. I consider myself euro federalist but bullshit like this creating a very strong antipathy.
If this is not some shady maneuver to scan user messages for security reason, because of, for example, possible incoming war then it's beyond absurd.
I would doubt that politicians pushing this are not understanding that pedophiles simply do not need to use these apps they are scanning. But I saw questioning of tech CEOs by older US officials and the lack of even basic knowledgeable about current technologies was ridiculously astounding.
How would this have worked in practice though? How could things like trade standards been harmonised or a common currency adopted without the trade union being able to do legislation?
And once you get there, you're no longer a trade union. Or a trading block, which is probably the better word since a trade union already means something else.
It's clear that member countries use the EU as a blame-laundering mechanism to pass domestically unpopular laws, but the forcing of this vote under the urgency procedure that requires absolute majority to reject, on the last EP session before summer break is so blatant that it might awaken people that might've overlooked the structural failures of the EU and finally radicalise them
Haha, no. As long as there is bread and circus, nothing wil happen.
If it's not a dictatorship, a regime, a shithole, a kleptocracy, or whatever name they use for a government they don't like, I don't know what it is.
What changes with the return of Chat Control 1.0—and what stays the same:
*What is coming back:* US tech companies are once again allowed to scan private messages without a warrant or prior suspicion. This affects direct messages on platforms like Instagram, Discord, Snapchat, Skype, and Xbox, as well as emails via Google’s Gmail and Apple’s iCloud.
*What remains unchanged:* Public social media posts and files hosted in cloud storage could already be scanned without this law. Furthermore, private messages can always be reported by users, or monitored by authorities using targeted, court-ordered wiretapping.
*What is still NOT being scanned:* End-to-end encrypted chats, such as those on WhatsApp, have always been exempt from these scans. Additionally, European providers of messaging and email services have never implemented chat control measures.
So, E2E is unaffected?
In a couple years time, Chat Control 2.0 will come about, and the same tyrants will use the EU admission [2] that there is no evidence that suspicionless scanning of private communications has led to an increase in criminal convictions or in rescued children to argue that we need to go further, and break E2EE.
[1]: https://www.iwf.org.uk/resources/end-to-end-encryption-and-k... [2]: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELE...
Chat Control 2.0 was the big one in those regards.
(Also, LOL @ Skype mention.)
There can exist strong consumer protections against misuse of their personal data by various entities.
And there can simultaneously also exist governmental overreach against citizens private data.
The world is complex, few things are truly binary.
Also how the Law was forced is extremely bad.
But hey it's once more proof that they EU is not a democratically spirited institution.
First of all, private companies shouldn't be given that responsibility to begin with. Meta in particular, has a long history of unethical and immoral usage of personal data. I won't use the term "illegal", as the question of legality becomes moot when punishment can be factored in as a cost of doing business.
Secondly, for this to carry any plausibility for being motivated by "protect the children" arguments, it requires a minimal effort be enacted on more effective measures, and a measured balance with the cost this comes at. There are very good arguments for why this law would actively harm children. Throw in some Bayesian understanding, and you better have a state of the art system that somehow pretty much never has false positives, nor false negatives, where this was also the only way to detect and avoid said abuse. I don't know the numbers here, but I highly doubt this is a good idea, even with infinite generosity as to good intentions. We've all been children, we've all done stupid things. Now throw in the brilliant and surely-not-to-scar-a-child-for-life situations where parents and strangers looking at something they thought was private, and have a "grown up discussion" about. I shiver at the thought.
Thirdly, and aside from directly harming children in situations where they selves use technology and naively, and unwisely share pictures, consider how many take pictures of their own kids without clothes, because they are normal human beings, who do not consider there to be anything sexual about said depiction. You want to throw law enforcement in the mix here? Child protective services?
Fourthly, consider the possible negative for this abuse. If normal behavior (e.g. children being children, and e.g. normal parents otherwise sharing normal pictures if you are a normal person) can be selectively chosen as being a heinous crime, this should scare anyone, especially consider the political shifting trends towards fascism.
-- EU policy makers are really honest people, hats off to them. There's no way politicians in my country allow their chats to be scanned, because they're very corrupt.
"a measure it had rejected twice in March. Although a majority of voting Members of the European Parliament (MEPs) actually opposed the regulation (314 against, 276 in favor, 17 abstentions), the motion to reject it failed to secure the required absolute majority of 361 votes. As a result, mass scanning is now permitted again until 2028."
"Oh no we can't get a majority to pass the law!"
"Have you tried getting a majority to not pass the law?"
"Worth a shot!"
"It worked, should we also do this multiple times?"
"Of course not! Pass the law, quickly!"
How do we design such apps? Let's rule out age attestation (to allow only some age ranges) or scan of content because they are orthogonal to apps. What are the design patterns that prevent adults to meet kids? No messaging?
Who is working on that? I suspect the main challenge is not technical, but human - persuading users to switch messenger apps is almost impossible.
True P2P implies knowing the IP addresses of the people you're talking to.
Such a weak reasoning and method which they used to push this is ridiculous agenda lead me to strongly suspect there must be something else behind it.
Here's a quote from the article itself, which works for both pro and con arguments:
As I'm not trained in law, I have no strong opinions on if this proposal is a net positive or negative, almost any big name LLM will do a better job than I can manage by looking at the legal text, stroking my goatee and saying "I recon…". But what I can say that I've just seen a headline about a class action lawsuit in the USA due to grok making CSAM and the company failing to assist the police in their investigations, and another about Meta facing a lawsuit in India for delivering advertising for CSAM on Instagram.My steelman in favour of the legislation:
The regulation closes a legal gap that would otherwise force platforms to stop using existing CSAM detection systems; it's a temporary framework that doesn't require universal mandatory scanning or ban E2EE, just keeps the legal basis for companies which choose to use detection/scanners while lawmakers continue negotiating a more comprehensive longterm solution.
My steelman against the legislation:
Scanning private communications, even allowing companies to "voluntary" do this, sets the precedent that the confidentiality of private correspondence is conditional rather than fundamental. Also, automated scanning inevitably has false positives. Also, has chilling effect on free speech, undermines trust in encrypted messaging.
Also, situationally, that it's "voluntary" means offenders can migrate to platforms which don't "voluntarily" do this.
It's dispiriting to see a supposedly pro-privacy politician launder backdoors as "strict security standards".
> What changes with the return of Chat Control 1.0—and what stays the same:
> What is coming back: US tech companies are once again allowed to scan private messages without a warrant or prior suspicion. This affects direct messages on platforms like Instagram, Discord, Snapchat, Skype, and Xbox, as well as emails via Google’s Gmail and Apple’s iCloud.
> What remains unchanged: Public social media posts and files hosted in cloud storage could already be scanned without this law. Furthermore, private messages can always be reported by users, or monitored by authorities using targeted, court-ordered wiretapping.
> What is still NOT being scanned: End-to-end encrypted chats, such as those on WhatsApp, have always been exempt from these scans. Additionally, European providers of messaging and email services have never implemented chat control measures.
Welcome to the Brave New 1984 We World. Big Brother loves us.
We are living through the time best described by Zamyatin, Orwell, and Huxley.
If this is not some shady maneuver to scan user messages for security reason, because of, for example, possible incoming war then it's beyond absurd.
I would doubt that politicians pushing this are not understanding that pedophiles simply do not need to use these apps they are scanning. But I saw questioning of tech CEOs by older US officials and the lack of even basic knowledgeable about current technologies was ridiculously astounding.
Europe would be a much better place if the EU stayed what it was, a trade union of sovereign nations without any political power over the people.
And once you get there, you're no longer a trade union. Or a trading block, which is probably the better word since a trade union already means something else.