The bill could not be passed on Spain’s presidency. The presidency is now on Belgium and Stasi-fans are trying to get this bill passed again, hoping not to cause too much noise this time.
The text of the bill was modified a bit, and this time they added an exception, though
- Politicians and police are not subject to monitoring, only ordinal citizens messages’ should be wiretapped
This is what struck me as well. This is in the vein of, "Who watches the watchmen?" I can understand a world, albeit it sounds chaotic, where nothing is monitored. I'm worried about a world where the only unmonitored people are people with definitive authority.
Kind of funny to hear people refer to 1984 these days. We're so far past it now, and we did it to ourselves; giving up location data for maps (and mobile phone function for that matter), a Ring doorbell on every front door, participation in social media, etc.
But somehow it's all OK, because it's corporations instead of the government (a blurry line itself) on the other end.
>We're so far past it now, and we did it to ourselves
No we are not, you are not forced to have a smartphone, your are still allowed to have sex and most democracy's don't torture you for speak against it.
Don't just fixate on the surveillance aspect in 1984, there's much much more in the book.
You're effectively forced to have a smartphone. It pisses me off, because aside from the privacy aspect, it marganalises a lot of people. As with many things, how true this is depends on where you are. But many restaurants refuse to hand out menus, many places require mobile payments, gyms require apps for access, etc.
It is not only about the smartphone but social media too, to be precise.
You are less attractive, "odd" or "strange" if you are not there. There is huge social pressure.
> You are less attractive, "odd" or "strange" if you are not there. There is huge social pressure
Other people's thoughts of you are not under your control. That people feel pressured to be on these platforms says more about the company they keep than anything else.
Society moves in one direction, some people don't (can't, won't, whatever). Those people become marginalised as society fails to provide adequate alternatives. Reducing it to "the company you keep" and "feeling pressured" seems a tad simplistic.
If someone evaluates whether to socialize with you based off of this, and it's important enough to you to not have or carry a smart phone, then they're probably not super compatible as friends or a partner anyway
In most European countries, you are forced to have smart phone to access banking services, many other online services. Even some government agencies use WhatsApp for communications.
EU legislation mandates 2FA to access internet banking and confirm payments. SMS is insecure as a second factor and explicitly declared as inadequate by said legislation. I’m not sure if biometrics are required, but in practice banks don’t bother rolling out complicated solutions with tokens for the maybe two persons that at the same time don’t have a smartphone and are sufficiently tech-savvy to correctly use tokens.
Hence de facto requirement of a smartphone for banking.
That pisses me off every single time I have to interact with EU banks: no way to have a proper password as 1st factor (pwd managers hate number keypads) and no way to have TOTP 2FA manageable how the f I want.
FYI, ironically SMS 2FA is usually still available to cope with people not being able to install their official apps… so back to square one!
Yes. That was my point. We are not forced to (though life would be hard without one). As I said, we did it to ourselves.
>Don't just fixate on the surveillance aspect
I'm referring to the context of this thread, which is largely around surveillance. That, BTW, is also the context in which references to 1984 most often arise.
You have to have a smartphone these days. All 2FA use a smartphone and Authenticator apps. Companies actively deprioritize human agents in favor of automated ones. If this comes to pass, you will live with the risk of your information being leaked out by government incompetence - which they will try their best to cover up and blame you.
Edit: No power given to government rarely not become something grotesque. US social security cards were “only for benefits”, now they are some ubiquitous identity number. In recent times, Covid vaccination cards were supposed to “only a patient record” until everyone started demanding them. So if your information starts leaking out your “conformance” will follow one way or another.
So you're saying that it's no big deal that I'm losing the choice to do this stuff because while i'm loosing the choice I haven't fully lost it yet so I still have choice for a little while until I don't?
The fact is that we are shockingly close to the world of 1984. Two minutes hate, newspeak, and our smartphones are telescreens on steroids. Orwell was frighteningly prophetic.
Then the message is even more dire: the world has always been a dystopia. And even 70+ years later, with more (and better) education, higher standards of living, and a wealth of dystopias to read and learn from, nothing has changed.
To add some details, he worked for the BBC during wartime - that was the inspiration for the job in the truth ministry of the main character in 1984. Basically inventing the truth.
Most people don't know that we did it. They still happily click on "accept all" and blame it on EU to need to do that. They don't know what the heck is that, and why they should understand what's written there.
When they are asked cleanly, and simply whether they want to share their data to thousands of shady companies, about only a quarter choose yes. That's why Facebook had to force everybody in the EU to choose between paying and accepting it.
Everyone I know did, because I told them. But they did it anyway. Now we wish it was only as bad as Facebook was 15 years ago.
Divide and conquer tactics work. Microsoft, Facebook and Apple all use it to great advantage. The funny thing is it was always about free software. Not enough people listened to Stallman. None of this could have happened if people rejected non-free software.
It could, and it happened, not long time ago, everyone thought just because xz software was free software, it's 100% safe, but it was not. There are numerous examples.
Stallman lives in his own delusional world, and GPL not only solved the problem, it created more burden, that developers decided to use other less restrictive licenses.
Well, you can't bundle GPL licensed software with less restrictive one such as BSD, which is a big deal, that's why BSD and GNU/Linux are so separated in many ways. That's just one problem. It'c clear that all-or-nothing approach doesn't work in free and open source software world.
No it's not, it's dead easy. What restrictions are you referring to? GPL doesn't care what you apply it to and there's no restrictions on its use. The only restrictions that would matter are those of the original licence, BSD, which is permissive.
Many know by now, but find the trade-off worth it for convenience or whatever they're getting in return. I mean, people are willingly giving up their DNA.
But, if it was the government receiving all of this data, they'd be in a panic. This has basis in current day fear-mongering about government power, as well as warnings about authoritarian governments from Orwell and beyond.
Not to say there's no reason to be concerned, but the casual mentions of 1984 are hilariously dated and ironic in 2024.
More substantively, it also reveals the naivete of those who wish to completely disempower their democratic governments. That is, someone will still retain the power when it's taken from the government. The only question is who and whether everyday people will have a voice in their own governance.
One look at corporate power and our deference there is a pretty big hint.
For me it was more like 2014. Though it was going on long before this … I think it was the pandemonium and ultimately the widespread acceptance … that sealed the deal!
Imagine living in a Bizarro world where the law said that private citizens could not be tapped without a warrant and probable cause but politicians and police must be surveilled to mitigate corruption.
This.
We should never give power to those who are after it; the mere desire for power is a good clue that said power will be abused. Maybe not always, but it's often the case.
Now, how do we vote someone who doesn't run for a seat?
Heh, good question!
I think the hitchhiker's guide solution is not the worst, don't even tell them that they're doing the job and just take whatever they say and implement it.
The corrupted politicians by and large have the money already and have it through things like rent and capital gains, not salary. Paying more as a salary enables more average people to leave their current jobs to take part in politics.
Lower-level local politicians are probably the main issue. They're often paid so little it's effectively only a career option for the already-wealthy. And when that's the path towards the high-level, reasonably paid positions, it biases your pool a lot. (Not unlike industries with an expectation of a long period of unpaid internships in high cost-of-living areas)
Robert Kennedy Jr had to make his own political party in some states to get on the ballot. I'd assume the average person in many areas could create their own party with a stack of paperwork. Then track down local laws that define what would be considered a politician, my guess would be something like actively running for an office or being named as a party's candidate or political leader.
It's far simpler than that, it's just the reconstitution of what we call aristocracy from the past, the reversal of the American Revolution and Constitution, the pole-flip of the power relationship between the "ordinary citizens" and the powerful/government.
It is he same abusive pattern of lying used to manipulate people against the right to self-defense agains a tyrannical government through the supreme law that prohibits the government from infringing on the people's inalienable, God given right to the means of self-defense, as enshrined in the Second Amendment to the US Constitution. "Think of the children" the tyrants wail as they demand you give up your ability to defend yourself against the bombs they threaten to use against their own population that refuses to submit to the desires of the ruling class and they are also busy slaughtering children by the tens of thousands.
Not really. But any euphemism (like sheep, lemming) i could use to refer to "people who are incapable of critical thinking" would, by that use, become a pejorative, so there is no way to win that battle.
I picked NPC because it entered youth slang in the last years and understanding of that word is widespread.
> Not really. But any euphemism (like sheep, lemming) i could use to refer to "people who are incapable of critical thinking" would, by that use, become a pejorative, so there is no way to win that battle.
Any euphemism they could use to refer to people who support mass surveillance would, by that use, become a pejorative, so there is no way to win that battle. In your reasoning at least.
The real danger is criminal profiling. Read a book on criminal profiling as done by the FBI. You hear things like "the suspect appeared nervous when his eyes saw the murder weapon" or "serial killers match two of three: cruelty to animals, obsession with fire-setting, and persistent bedwetting past the age of five" (aka Macdonald triad). Impulsive killers are in their teens or early 20s, while more careful killers will be at least in their 30s.
I'm sure the motives were good - sometimes it's like finding a needle in a haystack, and it saved lives back then.
But you have mass surveillance, you can go through every hay in the haystack. Yet likely they won't. They'll settle on a middle ground with these outdated methodologies, and combine it with AI/data, to create some form of data-driven astrology. Someone will be inspired by CSI to ask AI to blow up a blurry photo, and AI might just hallucinate it. There will be experts out there who would oppose this, and these could be shut down by their bosses, the politicians who don't understand how it all works.
The Macdonald triad detects the worst criminals, sure, but it mainly detects victims of abuse. Privacy isn't important to the privileged groups; but it's a level of protection for the innocents who could be profiled wrongly.
It's worth dropping the Danish film Riders of Justice in this thread for people who haven't seen it. In the film, a facial recognition algorithm is created, and after some tinkering with the accuracy they are able to find who they are looking for - I won't spoil it, but highly suggest the movie.
lol i'm always spell checking with google, course probably a small percentage of alternative spellings will probably be hallucinated by google's chatbot but thats just the cost of doing business nowadays. my poor grammar is all me tho.
I'm reminded of "ruin my search history" which when clicked will have your browser search for not only "isis application" and "hotels syria" but things like "how to kill someone hypothetically"
There could be one-click-implication on a target person.
Really it’s internal threat security vs external threat security.
Measures to reduce personal security also reduce the security of the traditional armed forces.
1) The armed forces use most of the same networking software and hardware as civilians. They also rely on the same protocols.
2) In a total war scenario, like Ukraine, civilian communication infrastructure becomes military communication infrastructure. See soldiers relying on phones for communication and apps to aim artillery.
3) The vulnerabilities that get built into civilian communications are obvious cyber warfare targets.
The framing of privacy vs security tricks the traditional armed forces into thinking that they have the same interests as the NSA.
Famous quote by Benjamin Franklin (from 1755) : “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety”
...
"...
Franklin was thus complaining of the choice facing the legislature between being able to make funds available for frontier defense and maintaining its right of self-governance--and he was criticizing the governor for suggesting it should be willing to give up the latter to ensure the former.
..."
[0]
I think that using a secure layer on top of the insecure layer undermines this argument, similar to how HTTPS is secure while using HTTP with a twist, and using every underlying system in the same way. Or how GPS functionality is regulated for civilians.
So especially "1)" won't be true. Yes, right now they may be using same or similar things, but then after the new regulation they would be using superior stuff, problem solved.
"3)" is considerable because that's true, whatever difference there is in comms security, adversaries will have the same power over the civilian comms as their own government. Right now of course this is the case already, but especially after regulating it, will it become prevalent. I think governments are fine with this in general, though, which I deduct from the lack of countermeasures to it.
In reality, encryption is power, and the more power individuals have, the less power those have who want to control individuals. Everything else is smoke and mirrors, like the classic "think of the children" argument.
Regarding #1. Will there be performance implications when adding the secure layer?
Will there be cost implications when adding a secure layer?
Will the secure layer add risks to the project? Governments are already bad at delivering defence projects on time, will the extra complexity make it worse?
How do we know which layers are insecure? Will there be a published list of vulnerabilities that need to be mitigated by the military?
I believe decision makers really need to understand 3 basic points:
1. End-to-end encryption does exist today (and it is deployed at scale). There is no going back.
2. There is no middle ground: either it is end-to-end encrypted, or it is not. "Sniffing" encrypted messages is not a thing, period.
3. Make all the laws you want, criminals will always be able to use end-to-end encryption. Those laws will only prevent honest people from protecting their communications.
I strongly agree with 2) and 3), but sadly I think 1) is overplaying our collective hand.
I would guess that the largest deployments of end-to-end-encryption today is Whatsapp and iMessage by a quite large margin. E2EE for "real people" is provided by the grace of two massive publicly traded companies who have to follow local regulation. If Apple complies [1] with dubious requirements in China, I wouldn't bet against them doing it elsewhere either.
Sure, we have Signal, but how many normal users would start delving into side loading if the application simply was banned and not allowed on the marketplaces? We can always use PGP-over-whatever, but that's an argument for 3) - not 1).
I think politicians / police (and honestly many normal people) believe that the government have the right to do lawful interception of private communication and see E2EE as a step to far. The US has been wiretapping phones for a century already.
We as privacy arguers have a pedagogical challenge of explaining why regulation like this is bad and not equivalent to 1930's style phone wiretapping.
[1]: Chinese iOS users have their iCloud data (that for the vast majority includes the decryption keys) on Chinese servers, subject to the Chinese legal system. For the rest of the world the situation is the same, but s/China/U.S, which is arguably problematic as well.
I don't think their first point meant to say that there is no going back on deployed e2ee at scale, I believe they were just providing ground for connecting the next two points: it's so pervasive currently that, even if outlawed, criminals will always have no problem retaining access to it somehow. Even Signal, which relies on fairly centralized infrastructure, still has an open source server implementation that I suspect wouldn't be terribly difficult for a motivated criminal enterprise to deploy privately. Contrast with something like advanced weapon systems, where rarity makes it still viable to control and legislate.
Yes that was exactly what I meant! E2EE exists out there in so many different forms that it is impossible to make it disappear as a technology. You don't need a world expert to deploy it: it's just a matter of using one of the available libraries. I mentioned that it is deployed as scale because it is not a niche thing anymore: most people in the world have benefited from E2EE already! It's not something one could hide or make disappear.
The point is that policy makers need to accept this as a reality: they cannot wish E2EE did not exist, that ship has sailed long ago.
Hmm. Well yes, the crypto wars are over, and strong encryption is readily available. That will never disappear. But that's been the case for decades now. The change (and possibly what's driving these legislative initiatives) is that a huge chunk of communication is E2EE by default.
If WhatsApp/FB Messenger and iMessage added the government as a hidden group member to all our conversations tomorrow, and the day after that Signal was removed from the app marketplaces due to not complying, >99% of people would loose E2EE.
We would go back to how it was in the early 2000's, 99% of people used Yahoo/AOL/MSN "normally" and people like us would dabble with Jabber/XMPP off-the-record. In some ways it would be easier today, the cryptographic libraries and standards are better and invented. In other ways it would be much more difficult. Undoubtedly Ylva Johansson would be happy!
(I hate to bring up crypto currencies. But it's similar. It's impossible to make crypto currencies disappear, but it's fairly simple to make them marginalised and/or not effective as privacy tools by introducing stringent KYC measurements at the intersection between crypto currencies and the normal economy. Sure, you can always buy drugs on the darkweb and food at anarcho capitalist festivals, but it will never have any real privacy impact on real people in their everyday lives.)
I don't fully understand the talking about "scale" then. Scale is irrelevant to criminals. OpenPGP has been around longer than I've been alive, and OTR for soon 20 years. The fact that WhatsApp and iMessage has been per default for the last 10 does not push the needle for a motivated criminal.
The fact that it IS deployed at scale now is the "problem" and what will be "solved" by something like Chat Control. We would go back to how it was before E2EE became the norm.
What this legislation would allow is (even more) mass surveillance of normal people.
> What this legislation would allow is (even more) mass surveillance of normal people.
Totally. I feel like we agree but are talking past each other :-). Maybe you don't like my wording or the fact that I mentioned the scale of E2EE. But I think we agree on the fact that policy makers need to accept the reality of encryption: it exists, it's out there, and there is no compromise to be made, we have to live with those facts.
We've now passed the threading limit so I'll make this my last reply (maybe) :-).
I think we are in agreement that laws like this are bad and not something we want in our societies.
Where I think we might have differing views is that I consider the "it exists" argument as being really weak against a proposal like this. If someone truly believes that this will only be used for "good" purposes and that it has near-zero cost on society ("Honest people don't have anything to hide"), arguing that "criminals can still use illegal E2EE" is not fruitful.
"So what? We will probably catch many or even most criminals. They aren't known to be the sharpest tool in the toolbox, it's going to be cumbersome to use illegal Signal and criminals are lazy. And by the way, child sexual abuse material will also always exist, does that mean we can't make that illegal either??"
No law is ever 100% effective, and policy makers know that. They just have a different cost/benefit calculus, or don't see all the costs (or both).
> arguing that "criminals can still use illegal E2EE" is not fruitful.
That's why I mentioned 3 points, I would say :-). They go together. They mean that it makes no sense to say "we want to weaken E2EE for the sake of our children". Either you remove E2EE (and enable mass surveillance), or you don't (and protect the children differently).
In those discussions by politicians, there is systematically someone who comes back with an argument like "no, but imagine we could detect child pornography without actually weakening the encryption", and that argument just does not make any sense at all. Decision makers need to understand that, so that they can choose between keeping E2EE and removing E2EE improperly.
Then of course, some politicians could try to push for mass surveillance. That's a political stance. But at least they would be having the real debate, instead of hiding it behind weird technical solutions that do not and cannot exist.
> Sure, we have Signal, but how many normal users would start delving into side loading if the application simply was banned and not allowed on the marketplaces
I would assume those users were somehow highly motivated to use the app. "In this gang we only use An0m, install it if you wanna deal our drugs". I doubt any of my non-techie friends (or even my parents) would side load an app if it was required to text me.
WhatsApp has 2 billion users, Signal 40 million and An0m had 12k. Legislation like this will make E2EE communications unavailable to everyone but the most motivated techies and criminals.
I don't think you need to be "the most motivated techie/criminal" to install an app. If you go on an illegal forum to access illegal content, most likely you are ready to install such an app. Meaning that "this law targets child pornography" makes no sense.
But again, I think we all agree here. You just seem to keep repeating that legislation like this is dangerous (but we already all agree)!
If the app is not available in the regular app stores and requires side loading, (or possibly rooting) the threshold is quite high.
> You just seem to keep repeating that legislation like this is dangerous
And you keep repeating that it's a problem for the legislators that E2EE technology exists, when it's not. If a person doesn't think this is ethically problematic, even only 10 caught sex offenders every year would be consider a win. Whether there are ways to circumvent the law or not (hint: there are always ways) is irrelevant.
> Meaning that "this law targets child pornography" makes no sense
It makes total sense! I can almost guarantee that there would be more than 0 child sexual abusers who will use WhatsApp post this law, and will be caught. The aim of this law is to limit the spread of CSAM, and if more than 0 people are caught then the legislators will have succeeded (to some extent).
Then when ChatControl 3.0 comes, targeting terrorists and organised crime within the same framework, again more than 0 will probably be caught. With ChatControl 15.0 worthless discussions online about legislation will be reported to employers and I will be caught ;-).
Therefore, as I wrote in my original post, we need to explain WHY this is dangerous and not worth it. The fact that "E2EE exists and you can't catch all bad guys" is a very weak argument.
Again, I agree with all that. I just feel like you complain about the fact that I split my argument in 3 points and would rather have it stand on one point :-).
> we need to explain WHY this is dangerous and not worth it
Yes. But if you only tell them that "making E2EE illegal to everybody is dangerous", they will kindly tell you "sure, but we are not talking about that: we are talking about a miracle privacy-preserving sniffer that only the good guys can have". They need to understand that this miracle they want does not exist, too!
> They need to understand that this miracle they want does not exist, too!
> I just feel like you complain about the fact that I split my argument in 3 points and would rather have it stand on one point :-).
Which is your point 2). :-)
As succinctly as I can: I think my argument now is that 1), redefined by you (or reunderstood by me) during our conversations is not worth making.
Initially in my original post I interpreted 1) to mean that "since E2EE is used by 80+% of people today, it can't be made illegal" which I argued against (because I think this is false). Then you expanded upon it / I understood better to be "the technology exists, it can't be made to disappear", which I agree with - but think is a meaningless or naive way to look at legislation. Australia e.g famously enforced strict gun laws in the late 90's, telling legislators then "the first thing you need to understand is that guns will still exist" is true in a meaningless way that doesn't convey anything.
I think a reason why I felt the need to argue about this is that I think a lot of techies / HN people have a very black-and-white view on the legislative process, "if it's still technically possible it's not worth/possible to outlaw". Not saying you fall into this category though!
Got it, now I understand. I agree that it is trivial, but I don't think it is meaningless.
> telling legislators then "the first thing you need to understand is that guns will still exist" is true in a meaningless way that doesn't convey anything
I disagree: if the legislators vote those laws and then tell the police and the military that criminals will never have guns again, then I think it would be worth letting them know that guns will still exist. Again: trivial, but not meaningless.
> "if it's still technically possible it's not worth/possible to outlaw"
Right, I understand your point here, and that's not what I meant. I just meant that some politicians sound like they believe that people have to go to a specialized store and present an ID to get access to E2EE. And with this vision of the world, I understand that they may consider the benefits of "enforcing strict E2EE laws". But that's not how it works (and in that sense it's pretty different from guns), and they need to understand it.
> 2. There is no middle ground: either it is end-to-end encrypted, or it is not. "Sniffing" encrypted messages is not a thing, period.
Yes, but ... it's also never truly end to end encrypted as humans can't do encryption in their heads. Thus there is an analogue hole at both ends. All you need to is install a spy app at the end points to access the unencrypted version.
And lo, I present to you the Australia "Assistance and Access Bill (2019)". It demands that companies that develop the endpoint software shall "assist" them in writing spy apps that are undetectable. It also demands those same companies shall use their "auto security patch" feature to silently install those spy programs on the targets devices.
I have no idea what the EU is proposing, and yes I agree if they are proposing we all use "breakable encryption" then it won't succeed for a whole host of practical reasons. But, I suspect they are smarter than that. And if they adopt the Australian solution, then while:
> 3. Make all the laws you want, criminals will always be able to use end-to-end encryption. Those laws will only prevent honest people from protecting their communications.
is true, it's also moot.
There is a way around the Australian version because it insists the government shall not introduce a "systemic weakness", which translates to "you shall not break the security our society depends on". Because of that they are prohibited from installing their spy software on everyone's devices; all installations must be pre-authorised by a court. That in turn means the software company must be able to target the targeted individuals devices, and only those devices. That's simple for the likes of Google, Microsoft and Amazon of course because they insist you create an account.
So the ways around it are:
1. Use open open source software, because the anonymous security updates make impossible to target someone. This is very difficult to do for most people.
2. Use a Chinese phone. They have been banned from using the closed versions of software, so they base their products on something like AOSP. You will probably get spied on by the Chinese government instead, of course - but if you live in the west why would you care? This is the easy one to do, so that's what will probably happen.
I find the ironies of the directions these proposals take us in absolutely delicious.
Well the article is about efforts aiming at weakening encryption, and my comment is about that.
> is true, it's also moot.
Anything is moot if you completely ignore the context. The article talks about policy makers who want to alter encryption in such a way that they get more control over it. My point is that they need to understand that they cannot get this kind of control the way they advertise it (with "privacy-preserving sniffers").
Of course you can say that anyway the NSA can hack you, but that's off-topic here. My point is that politicians need to understand the basics of how encryption works, such that they can think properly about propositions like that.
Even for politicians, there is a big difference between "privacy-preserving sniffing" and "adding a spyware in every device". The former is impossible, the latter is possible. But many politicians wouldn't vote for the latter.
Can we extend this to client-to-server communication too, not just client-to-client? Why do we allow Cloudflare to terminate so much encrypted traffic?
Should all companies have to run their own CDN? I agree that Cloudflare having a huge market share is a problem but I don't see how you could outlaw this. Unless every company is buying property and running their own servers they will have to outsource some of the delivery to third-parties. But this is why they have contracts in place to govern how they can use the data. Unless you are huge, or don't need much performance you don't have many reasonable options. Also where would such a law stop? Are AWS and GCP illegal as they can read keys out of customer's VMs?
So I agree it would be great to reduce the number of third parties for many sites. But I don't think this is something that can be fixed just by slapping a bit of regulation on it.
New thread ;-). This is the cloudflare-is-a-big-man-in-the-middle-operation meme. When a site uses Cloudflare the traffic is encrypted between the visitor and Cloudflare, and then (possibly) re-encrypted between Cloudflare and the site.
As a large percentage of all internet traffic is going through Cloudflare, they could spy on us or let $GOV_AGENCY spy on us.
There is no evidence and Cloudflare is (or at least used to be) somewhat of a HN darling, so it's perhaps not so popular to say, but I wouldn't be hugely surprised if turned out PRISM 2.0 involved them.
Oh right. Well I think it is a separate problem from these laws against encryption.
I am not sure if we need to make laws that would prevent websites from going through Cloudflare (because the sites choose to do so, right?). It would be like making a law that would prevent Telegram from not doing proper E2EE... not encrypting traffic is a choice that has nothing to do with the law, I would think.
The article in this case is talking about politicians who want to make laws that will prevent projects from doing proper E2EE, that's the opposite.
This is my second point: there is no middle ground. Either it is useful (because it works), or is it useless. There is no "it works for the good guys but it does not work for the bad guys". There is no tradeoff. Either it works for everybody, or it does not work at all.
Are these people absolutely stupid, we could end up in a potentially catastrophic cyber war at some point and we need to be looking at better more secure systems than making even further holes in what we have!
Kinda. My guess is that they are very narrowly focused and miss th bigger picture. They worry about organized crime and the war on drugs while forgetting the bigger picture.
To be fair, death-by-voter is a fairly common way for democracies to die, so—putting aside what that may or may not justify from a policy perspective, the sentiment isn’t silly. Voters really are one of the greatest dangers to democracy, that’s just true.
>To be fair, death-by-voter is a fairly common way for democracies to die, so—putting aside what that may or may not justify from a policy perspective, the sentiment isn’t silly. Voters really are one of the greatest dangers to democracy, that’s just true.
This judgement requires assuming an external position that "knows better", which is inherently incompatible with democracy. Voters can't be a danger to democracy by definition, even if they vote to end democracy and elect a strongman, well, that was their democratic wish.
I think democracies usually die because of the incompetence of party leaders, policy advisors, and primarily elites. Often the public tries to pivot away from that incompetence by voting, but always get politicians backtracking on their promises (and have no resource, given most not-exactly-direct-democratic election systems, to punish them until the next elections, and not for the things they backtracked or failed on - they had to do it for everything).
I’m presuming that was a reference to the “trust the science” that was used to silence any dissent against the official narrative during the COVID pandemic.
Two people can keep a secret if one of them is dead. Anything involving secret backdoors, intentionally compromised crypto, not so secret master keys, etc. is doomed to leak to a hostile entities abusing this. The weakest part of the system becomes secret weaknesses staying secret.
Intentionally compromised encryption is going to be enormously appreciated by North Korea, Iran, China, and all the others one would normally want to keep from looking at secret data related to finances, personal communication, military secrets, industrial R&D, etc.
Countries need to get their priorities straight on national security. The enemy is outside of their country, not inside. And they don't play by the rules, generally.
It seems to me that you may be making a mistake in assuming these counties do no in fact have their priorities straight, only that those priorities do not align with most people's interests.
The purpose of a system is what it does, not what it consistently and persistently fails to do.
Far too long and far too much, people have assumed a good will of our governments because we have intenionlaly been conditioned to accept with blind faith that "democracy" is a universal "good", never asking oneself why the tiny psychopathic ruling class would be such vehement proponents and rabid advocates of "Our Democracy"™, a supposed rule by majority. It appears that not everyone gets as suspicious of things that contain inherent fundamental contradictions.
I'm not sure what you are on about. Plain and simple, countries like Australia are throwing away the baby with the bathwater by basically giving up on decent crypto. They are making it easier for the likes of China to spy on them who can and will abuse any informational advantage they can get. This long term puts them at a disadvantage internationally. I doubt this is in any way intentional. That would be stupid.
The type of politics that drives this is older, technically challenged politicians (aka. idiots) responding to pressure from minority groups whining about pornography and other things they don't like. The priorities seem to be appeasing groups like that in order to secure the next election cycle. By essentially sacrificing security, which they clearly have a limited understanding off.
Never attribute to malice that which can be adequately explained by stupidity. Some countries don't get their priorities straight because they are being led by idiots. It's indeed a system failure. The solution is wielding a giant clue bat and causing relevant stakeholders (military, financial sector, etc.) to wake up and push back and doing something about it.
The reason cryptography is still legal in most civilized places is that we've had a few rounds of that over the past decades.
> Stefan Hector, a representative of the Swedish Police Authority, said that “a society cannot accept that criminals today have a space to communicate safely in order to commit serious crimes.”[0] A week later, it was revealed that the Swedish police had been infiltrated and were leaking information to criminals.[1]
The only leak I can imagine impacting this would be a giant dump of politician’s personal communications and they are exempt from encryption bans in this particular bill.
Tons of data leaks all the time but surprisingly nothing seems to happen with it. Not only are companies not being held liable, but for some reason nobody is weaponizing that leaked data either. Imagine framing somebody with manipulated leak data, nobody even questions if it was ever real in the first place!
Using up to date software with all known patches applied, and encrypt all data using some approved OSS infra(I am not expert on this, so not sure what it would be) takes only from freedom of negligence.
The underlying tension here is the expectation of privacy for signals broadcast outside of one’s property and into the commons.
We don’t yet have a firm grasp on how to handle the issue of extending privacy into these shared spaces. There just seems to be two unreconcilable polar extremes at the current moment without a clear path forward.
At least in the United States it could mean needing an amendment to the constitution as the 4th doesn’t properly cover these protections.
Fundamentally, the tension is between the universal laws of mathematics on which encryption is based and the politicians and police who don't understand them.
This quote from the article brings that into stark relief: "we do not accept that there need be a binary choice between cyber security or privacy on the one hand and public safety on the other. Absolutism on either side is not helpful"
Clearly, Europol misunderstands the fundamental, mathematically binary, nature of encryption as man-made "absolutism" that could be dispelled with just enough laws and warrants and wiretaps.
The laws of math and physics have very little to do with the determinations of the laws of people.
You can’t ban the chemistry of creating alcohol from homegrown grapes but you can ban and enforce against the practice well enough to limit bootlegging. The average person buys from the state regulated dispenser regardless of the possibility of doing otherwise.
The same COULD (uh oh, about to be misread and downvoted into oblivion) be said for cryptography, where bans of consumer friendly and easily available messaging applications would be similar to curbing bootlegging.
Of course the practice would continue for those who are capable but with consequences.
These are issues that must be reconciled. Hiding behind numbers will not work, as we are seeing play out in front of us, so we need constitutional protections.
> The laws of math and physics have very little to do with the determinations of the laws of people.
This cannot be true, as we've seen time and again with cryptography. Wherever the laws of people collide with the laws of mathematics, the laws of mathematics win.
Wide surveillance that aids the government in creating portfolios of “incriminating” circumstantial ”evidence” greatly increases the risk to the innocent, especially the under privileged, if it isn’t counter balanced by an increase in stronger protections for the innocent.
Unfortunately, in the US there is no bottom line constitutional protection for the (actually or credibly) innocent.
Procedure pre-empts innocence.
This impacts everything from permanent property confiscation based on subjective declarations of “suspicion” without any criminal indictment [0], general crime [1], to execution of the likely innocent [2].
Without a fundamental right for the innocent to have convictions vacated, after they are revealed to be highly suspect, procedure pre-empts information, even when the case for innocence is widely considered credible.
Executing the (credibly) innocent can even become a strategic politically advantageous performance. [3].
Constitutional protection of the incident would compel the courts to address catch 22 problems for the credibly innocent directly, providing a mechanism for relief when the gears of formal justice otherwise create no balanced recourse.
Telling: what government is also pushing for all internal deliberations, materials and search queries, databases and algorithms leading up to prosecutions to be archived for the defense? Or to open up comprehensive surveillance systems search to the defense team?
Centralizing power and information in a way that supports convictions, but not defense, is a recipe for increased motivated, convenient, and incidental injustice.
After my incident (detailed elsewhere in these comments), we followed up with a few agencies whether there was anything that could be done to make it less likely that innocent parties are traumatised in the future by the very system that purports to do the opposite. Raised it with a local member of government as well.
There is no recourse against "procedure". The closest option was to raise it with the Police's internal affairs, but were told that's specifically for officer misconduct. And, with the exception of one inflammatory bitch, the officers were all polite and friendly (as they rifled through and took my equipment).
There's no ... anything ... that caters to the misconduct of the system.
(It's not surprising to a disinterested observer, but the feeling of powerlessness against such an injustice made it surprising to me).
What is needing is rather than "end-to-end-encryption", is user-defined encryption; i.e. you can use your own software for encryption, instead of (or in addition to) using whatever the service provides. This encrypts the messages regardless of what the communication services are doing (or are claiming to do).
HTTPS will only prevent spies observing or altering your communications; it does not prevent the service that you are communicating with (or whoever owns them now) from adding malware, etc.
Can't help but think these laws are pushed by pervs who would love to be hired as moderators for such filtering systems to watch, store and sell the content the system has fished out for them.
Sorry for off-topic, just wanted to say that the price page on mullvad.net is the best one I saw comparing to other SaaS. Everything simple and straight forward!
> But Ylva stood by her claim. She came back to the same argument over and over again. She avoided answering the questions (she obviously didn’t understand how the technology worked) but instead turned the direction of the discussion, saying, for example, that a court order would be required to carry out scanning, which in itself was deliberately misleading.
Is there currently a way for us, EU citizens, to vote those Brussels ghouls out of power? No, or at least none that I know of. Is this how a democracy is supposed to work? Certainly not.
Which is to say that events like this one should make most of the people see that the EU and the European Commission are certainly not democratic and they certainly do not represent the European electorate, because, as a matter of fact, the European electorate has no power over those people. But the propaganda still coming from those circles is too powerful, so, here we are.
Executive Summary: "They", as in, whoever will have access to all this gathered information, will not know how to use it. Therefore, it is inevitable that this gathered data will not be used intelligently or responsibly. Law enforcement bodies in any country on the planet just do not possess the smarts to handle it.
They don't know how to read, and these politicians want to give them more books.
I've mentioned the below a few times on HN because, for me, it was a traumatic incident with an outcome that was essentially an unknown for 8 months of my life: My house was raided by police for suspicion of distribution of CSAM.
Skip-to-the-end: They took about $10k worth of my homelab gear, had it for 8 months, and then I was told I could come and pick it up. No charges, no nothing.
There are pages and pages of things I've written to document this incident, these are a couple of notables:
They didn't know to expect there to be children in the house. At ~7am on a school day. That's the amount of additional investigation they do into the 'subject' prior to raiding their property. ie. Fucking None. I have two teenaged children that have impeccable school attendance and academic results that I'd assume would be easily accessible to law enforcement, had they cared to do any background research.
This was a traumatic event for MY CHILDREN caused by quote-unquote Law Enforcement.
They said the raid was based on information provided from an overseas (I'm assuming US-based, I'm in Australia) source (private company, law enforcement, intelligence, I have no idea) that identified my household's street address via an IP address, and this "evidence" was gathered over a number of years.
They asked my eldest "does your dad use your computer", he replied "no" (truthfully), and they didn't take it, didn't even look at it. I pointed out a laptop on the breakfast table that I said was was my wife's (truthfully) and they didn't take, didn't even look at it (as far as I recall). I specifically asked if this was about "me, personally" (since they showed no interest in my wife's laptop), and they repeated their (what became somewhat of a mantra) of "this specific address, not your neighbour's address, this address". And yet they had no interest in computers identified as not belonging to me.
One of the first things they asked me was "do you use a VPN?" I answered "no". Which was true then, and is sure-the-fuck not true now (split routing, the fucking works) - as a learning outcome, to protect myself from further blind police incompetence.
As part of the phone call when I received the "good news" that I could come and pick my shit up (I guess they came out of their way to pick it up from my place, I had to return the favour), the detective in charge of the investigation gave me the impression that she thought that she / the system couldn't be wrong about me. She made a point to say the following three things:
- Use of virtual machines is suspicious
- MEGA is almost exclusively used for CSAM and they found evidence that I'd downloaded things from MEGA (I think I may have used MEGA to download android ROMs)
- They found "TOR" installed on one of my computers
The last one. Where do I start? It's so incorrect an understanding that it was a 'cherry on top' data point that I didn't really need to confirm how hopelessly out of their depth law enforcement is with technology.
To repeat: They don't know how to read, and these politicians want to give them more books.
One of the ironies is (because I've got this sort of sense of humour) if I was living in an actual panopticon, I'd have easily been exonerated as I'm far too boring a person without enough spare time to engage in any of that behaviour.
In addition to the above, my better half is a teacher. Teachers in Australia have a "Mandatory Reporting" responsibility to report possible cases of child abuse based on their observations as a teacher.
The suicidally depressing thing about it is, the organisations responsible for visiting the homes and families that have been reported are so under-staffed and under-funded that they only have the time to investigate cases where the child is in immediate life-threatening danger.
Combine the two above anecdotes together and you've got a society that's gone wrong and is still applying increasing pressure to the accelerator.
Politicians calling for laws against encryption who are not also calling for massively increased budgets to child protection organisations are pushing an agenda that has nothing to do with real, actual protection of children, and they should be called out.
That is disturbing. Were you running an exit node from your home? Or maybe they were watching Tor users and some sort of traffic analysis heuristics they were using gave them a false positive?
I've dabbled in tor nodes on and off over two decades, but never seriously had one up and running. My actual usage of tor has consisted of finding the hidden wiki, following a couple of links, reading snippets of conspiracy paranoia, getting bored, and not re-visiting it for another 2-5 years.
I have also dabbled a bit with Tribler which, as it turns out, has built-in functionality similar to that of a tor node. I have a vaguely niggling suspicion that Tribler is a honeypot, but it's providence appears so wholesome, and it's been around a long time.
In Australia, they can force you to reveal the password.
>Failure to comply with an assistance order is a criminal offence. When the law was first enacted, the maximum penalty was 6 months imprisonment. However, authorities have since raised the maximum penalty to 2 years behind bars.
Factory reset, minimal setup alternate phones are a requirement for any international travel. The phone is a portable data-portal, and the credentials to open the data-portal(s) are relatively easy to remember, therefore do no need to persist.
1. Prior to entering airport for departure: factory reset with essentially-dummy account.
2. After leaving airport at destination: add necessary accounts.
Being entirely innocent of what I was suspected of was the one and only thing I can guarantee got me out of trouble (and for the 8-month period I wasn't entirely sure it would be enough).
If I'm ever raided for things that I am guilty of, I'll let you know: Being an inhumanly well balanced and mature adult that can remain socially operational under accusation of being one of the worst types of human possible? Guilty as charged, worth the five year stretch.
(yes, it was a traumatic experience that I don't think will ever be entirely wiped from my psyche, but if I can't make jokes about it then it's beaten me into submission, and I'm still too alive inside to let that happen).
If I had a wish list, compensation would be well below "fix your processes and/or do your job better to minimise the chances of this happening to another innocent family" in the priority list.
There was an extensive collection of music (I should say that fair chunk of it is legitimate in that I own the original CDs from which the electronic copies were ripped, or I actually paid for the electronic copies - hi bandcamp!) which was neither hidden nor encrypted (and quite well organised if I do say so myself), and nothing at all was mentioned about that, and it was all still present when I got my gear back.
My understanding (and I have no specific actual knowledge or authority) is that, in the case of a raid, they can only charge you for crimes that are directly related to the reasons the raid was conducted in the first place. If they find evidence of other crimes it's essentially inadmissible because otherwise they wouldn't have found it, and "probable cause" (or some other concept like that) is required for the temporary suspension of rights required of a raid.
I'm not sure what would happen if they discover a corpse in the process of conducting a raid for growing weed though.
Not an exception, but to clarify the distinction, a while back a friend of mine had cause to request the police to attend his property (drunk person refusing to leave the house, or something along those lines) and whilst in his house the police noticed a couple of illegal firearms. Since the police were invited in, and the firearms were in plain sight, he was booked for possession of illegal firearms.
I think the primary difference is the invitiation versus 'temporary suspension of rights'.
In regards to "in plain sight", if law enforcement come to your door, make sure that they can't see whatever illegal shit you may have in your house from their position (since you haven't invited them in, but they're allowed to be on your doorstep and therefore look through the open door). This is likely true from any 'public' vantage point, such as through any of your windows.
Definitely appreciate the depth of this - thorough research was definitely done. Secondly, I’m definitely quick to blame the US policies for a lot of things.
However, this article is mostly about casting shade on the US about the EU’s mass surveillance. I don’t think anyone is to blame for what the EU does other than the EU, and for sure attacking the US isn’t going to prevent the EU from doing this.
I wonder if there is a better way to go about bringing awareness and taking action?
The article explains how Ashton Kutcher backed non-profit "Thorn" was a cornerstone of the Chat Control bill that was to be passed a few years back ; it also explains how Palantir pushed for the bill behind the scenes and how at least one former FBI agent and other members of non-EU security agencies participated in meetings to kickstart that new version of the bill.
I think the EU has been better in that regard than individual European countries. The Wikileaks diplomatic cables in particular showed US coercion on a country by country basis. In Sweden, Wikileaks showed US diplomats gave a list of laws and executive actions (at the time around IP - the Pirate Bay was based there), with veiled threats about getting gray-listed as a “partner” which can affect trade etc, and they said how high. Now to be fair, at least Sweden was unofficially a NATO/US intel/security collaborator. But EU is in a different position, mostly oriented around trade, and notably lacking in security and military bodies. But the EU has absolutely stood up against US interests, especially their predatory corporations.
However, if the EU is collaborating or even aligning with the US on intel gathering, it’s pretty far outside their openly stated mandate, afaik. Especially since the UK left, who were the most hawkish on mass surveillance, it’s creepy to think there are clandestine efforts to push for aggressive monitoring and even worse aligning with the US without oversight. If Mullvad is right, it’s also an absolute failure of MSM to not properly cover such geopolitically crucial issues.
> the EU population be damned
For sure it’s a concern, but overall many/most Europeans think the EU is a net positive today. Things have changed a lot since the crises of Greece etc. And with increasing geo-political tensions (Russia in the short term and China in the medium term), there’s an argument to establish stronger security and military efforts independent of US-led NATO, which have quite different goals.
> But EU is in a different position, mostly oriented around trade, and notably lacking in security and military bodies. But the EU has absolutely stood up against US interests, especially their predatory corporations.
I think this understanding of the EU's behaviour may be insufficiently cynical. There's one pattern in politics that is very hard to not see everywhere once you have been primed to, which is "high + low against middle": the faction that is in power allies with one(s) that is so far away from power as to never become a credible threat to it, in order to put the squeeze on a third faction that is actually a serious contender for the position of the first.
A canonical example that's sufficiently historical that it hopefully won't be too incendiary was the practice of early communist states to elevate individuals of peasant/worker background into positions they were unqualified for, as in the famous case of Lysenko - here, high (party brass) supported low (peasants/workers) at the expense of the middle (bourgeois intellectuals, represented in that particular instance by academia, who could have been organised and experienced enough to orchestrate a palace coup).
Within the US, the federal government/military/foreign policy complex and tech-based New Money are widely recognised as two distinct power centres, with it at times being unclear if the former can actually fully dictate terms to the latter. Under normal circumstances one would expect the former to champion the interests of its industries on the international stage, and indeed the US is known to have very sharp elbows in this regard (from the famous oil wars in the Middle East via the slightly less famous fruit ones in Central America to the backdoor arm-twisting in copyright matters). The picture for the tech industry looks quite different - far from starting a war or even merely successfully lobbying the EU to drop its regulation, the USG is looking away and whistling. As it happens, out of the four industries mentioned (oil, fruit, media, tech), the tech industry happens to be the one that is by far the most autonomous and misaligned with federal government interests (Apple randomly grandstanding on privacy, everyone wanting to keep their Chinese supply contracts and market access, general abundance of politically engaged progressives and libertarians...). Wouldn't it make sense if what happened was that the USG (high) actually gave the EU (low) a tacit go-ahead for their anti-US-tech measures, and perhaps even indicated to everyone involved that they may let them crack down even harder if the tech industry (contender for high) keeps falling out of line?
> the faction that is in power allies with one(s) that is so far away from power as to never become a credible threat to it, in order to put the squeeze on a third faction that is actually a serious contender for the position of the first.
Makes sense. I’m sure it happens. However, it’s an advanced construct and just one out of several incentives in a complex system, so I wouldn’t necessarily blanket attribute it to explain things.
That said I also think you’re right that the USG does seem less imperialistically engaged with tech than say oil. That could have other explanations, such as less cozy relationships around subsidies and historical geopolitical interest. I mean, I think it’s entirely possible that there’s enough inertia in these systems to explain why one looks different than another. It doesn’t have to be a delicately played 4D chess by a bunch of boomers who don’t even know what encryption is. Don’t attribute to malice yadda yadda.
In either case, from my European perspective, I’m not looking so much what the end goals are for the Americans, but rather how the countries in Europe can stand up to geopolitical winds, ie protect their interests. And in my lifetime, there’s a noticeable increase in alignment and strength, at the expense of a (imo) much less harmful set of compromises between individual countries.
It all depends on what are the hot issues of the day. When it’s pollution in the Baltic Sea, or the Greeks treating the euro-wallet as a gift card, then we were all like pissy siblings. But now when the issues are war (Russia), economic hollowing (China) or having big brother deciding what’s best for you (US - although this is old), it’s better to set the differences aside, and band together.
>or the Greeks treating the euro-wallet as a gift card
You mean the Germans treating the Euro and ECB as a monetary vehicle to boost their economy and milk the periphery, side-stepping any "hard rules" imposed for others when it was convenient for them, explicitly carot-and-whiping the South to de-industrialize over decades, and then strong-arming the indebted states as a means to pad German investors by moving money from the taxpayers to their banks and investment firms, while buying state assets (from airports and roads to utility companies) for themselves (with a few bones thrown to the French)?
At the same time imposing stupid austerity policies (against the advice of expert economists) that made recovery impossible and amounted to war-level destruction for the economies involved?
All the while cheerfully reviving racist language and imagery (like "rats" in the european kitchen, and other such niceties, of which calling the southern economies PIGGS was among the most prominent).
Right. I don’t see any conflict with that and Greek corruption and mismanagement. I was always on the side of the Greeks in that battle. If you lend you take risk. If you lend to a state you can’t take their democracy as collateral. The bean counters can kindly piss off, as always.
There's nearly nonexistent political accountability in the EU. If the EU decides something, there's really no effective way for its citizens to do anything about it even if it's a fairly unpopular change. There are too many layers of indirection between the elections and the decision making to hold the responsible politicians accountable to the voters.
This in turn makes the EU extremely susceptible to lobbying from special interests inside and outside of Europe.
More so than these campaigns, big reason why these laws have been hard to push through is probably Germany and their strong influence in the EU. Since the Germans still have a living memory of the DDR and the Stasi fallout made a significant impression in the public conscience, being seen as moving back in that direction is a really tough sell. 1984 is fiction, the east germans lived that shit.
Pine Gap. Start there, draw a big circle with Pine Gap in the center, and its outer edges past China's borders. Every single human being in that circle is having their human rights violated by American war-mongers and -profiteers.
The NSA abrogates billions of human beings rights every single second of the day. Under those conditions, the military industrial complex it serves is a leading source of misanthropy in the world today.
And then, there are the 1,000+ secret black-ops torture sites, paid for and run in the name of the American people ...
The one thing that makes sick to my stomach is that all around Europe there are criminals committing actual crimes and getting a slap on the wrist from heavily politicized judges. There have been rapists freed because "in their culture it's different" (these are documented facts: it happened in several countries, more than once... For example in the UK because an 18 y/o muslim raped a teenager after his religious teacher taught him that "women are worthless" the judge relaxed him).
It's not about protecting the children. They actually love it when children and teenagers are sexually assaulted: that gives more fuel to put in place a totalitarian state, using the pretext of protecting the kids.
It's the same everywhere. In France many crimes are committed by people Macron promised to deport: illegal migrants already caught for a crime. He said, before being elected, that he'd deport 100% of the illegal migrants committing crimes. Instead of that socialist judges are constantly releasing these dangerous criminals in the street.
But the actual victims? And victims' families? Zero concern. None.
And if a victim dares to fight back and should hurt the illegal migrants: then the whole power of the state falls upon him and he'll get an incredibly harsh sentence.
The world is upside down: politicians do not get to have their communication monitored, victims are sent to jail if they dare to defend themselves.
And why do they want to wage their war on encryption? To fight me. Because I hate the EU I live in and they want to silence me. And all those like me.
The tyranny of the government is a very real thing and anyone longing for more government and more government spending should look deep down in his heart and conscience and wonder if it ever did any good for a country to have ever more government.
Meanwhile people shall hate on the libertarians, calling them names ("ladder pullers"), but I'll tell you this...
Libertarians would never ever vote complete and total surveillance of citizens, while protecting the politicians.
But do not worry: the world you deserve for hating on libertarians is coming to you soon enough.
The world is exactly there as it ever was, power structures and power struggles. Two major differences to the past is that there is more people than ever, and that we currently have near-instant global communication.
I'm with you on the "think of the children" argument. That is 100% what's happening, and I think that it boils down to how the human mind works, particularly on how putting out a fire feels much better than preventing the same fire.
"Libertarian" means a lot of things, so it's hard to criticize, I especially struggle with the closing thought. Who are these libertarians that we should support, in order to have a better world?
The bill could not be passed on Spain’s presidency. The presidency is now on Belgium and Stasi-fans are trying to get this bill passed again, hoping not to cause too much noise this time.
The text of the bill was modified a bit, and this time they added an exception, though
- Politicians and police are not subject to monitoring, only ordinal citizens messages’ should be wiretapped
https://european-pirateparty.eu/chatcontrol-eu-ministers-wan...