After Sunday‘s European elections, the EU is planning to reintroduce indiscriminate communications data retention without suspicion and force manufacturers to allow law enforcement access to digital devices such as smartphones and cars. This is the “confidential” 42-point plan compiled by a “high-le
After Sunday‘s European elections, the EU is planning to reintroduce indiscriminate communications data retention without suspicion and force manufacturers to allow law enforcement access to digital devices such as smartphones and cars.
Specifically, according to the 42-point surveillance plan, manufacturers are to be legally obliged to make digital devices such as smartphones, smart homes, IoT devices, and cars monitorable at all times (“access by design”). Messenger services that were previously securely encrypted are to be forced to allow for interception.
The secure encryption of metadata and subscriber data is to be prohibited. Where requested by the police, GPS location tracking should be activated by service providers (“tracking switch”).
The EU Commission has already contributed specific proposals to the surveillance plan, according to two presentations obtained by the Pirates.
As someone who sees these articles, who should I not vote for? Is there some ranking for 'most asshole-ish politician' regarding the EU?
I know every politician has somewhat dirt on them but I'd love to know what to avoid since apparently some of those turds are worse than others.
It depends on the country you live in. You will have to research that. As a rule of thumb, it is conservative/ right wing parties pushing for heavier surveillance of citizens.
As it stands right now, the Eu parliament (which consists of people who we vote in to office), is the government body which opposes these measures. But there are only a few member countries left in the parliament which do that, so our votes are important!
it is conservative/ right wing parties pushing for heavier surveillance of citizens.
My experience is totally different, although of course I don't know the situation in whatever country you're from.
Arguably, the main reason for surveillance (being able to read your communication) is to be able to censor you (prevent you from posting/saying things somebody else doesn't like) or even punish you for something you say.
And I don't see how can anyone argue that it is not the left that wants to censor everything and punish people for things they say :)
If somebody wants to actually try arguing it, please answer the following question (in parentheses I'll leave the suggested answer 😉, but let me know if yours are different)
Why is almost every free speech site is a right-wing site, and not a left-wing one? (because they are extremist, and we need to censor and jail them! but it is okay, because they are the bad ones and we are the good ones.)
Is it okay to criticize alphabet people (and call them alphabet people ig 🙃), post statistics of violent crimes by race, and generally speak bad about minorities? (nooo, you can't do that, we should protect minorities no matter what the reality is, you should be censored and jailed!)
Is it okay to tell people what is actually happening in Ukraine and what atrocities Zelensky's regime is committing? (nooo, you can't do that, you're a fascist and/or russian bot/propagandist, it's all a lie even if you provide us with credible/primary sources, we should censor you as soon as possible for propaganda or misinformation or something and definitely jail you!)
From some more articles I grasped that it is shady. Some lobbying groups, secret commissions and stuff like that. They try really hard to not be the ones to point fingers at.
How can people, "experts" even, work on shit like this with a good conscience? Even if they earn millions, they are still undressing all of us including their own families!
I refuse to believe they don't know, but why don't they care?
Let your MEP know their voters care about privacy. These efforts have been defeated before, it just requires vigilance. Your letter can be as simple as "I care about privacy". That's all you have to write.
How can that be legal? Many European countries have the secrecy of correspondence enshrined in their constitutions, any EU legislation on that matter would doubtlessly be challenged in court in those countries and become ineffectual.
The relevant points outlined in "Recommendations from the High-Level Group on Access to Data for Effective Law Enforcement":
Implementing lawful access by design in all relevant technologies in line with the needs expressed by law enforcement, ensuring at the same time strong security and cybersecurity and providing for the full respect of legal obligations on lawful access. According to the HLG, law enforcement authorities should contribute to the definition of requirements, but it should not be their role to impose specific solutions on companies so that they can provide lawful access to data for criminal investigative purposes without compromising security. To that end, experts recommend developing a technology roadmap that brings together technology, cybersecurity, privacy, standardisation and security experts and ensures adequate coordination e.g. potentially through a permanent structure.
Ensuring that possible new obligations, a new legal instrument and/or standards do not lead, directly or indirectly, to obligations for the providers to weaken the security of communications by generally undermining or weakening E2EE. Therefore, potential new rules on access to data in clear would need to undergo a cautious assessment based on stateof-the-art technological solutions (which should in turn consider the challenges of encryption). When ensuring the possibility of lawful access by design as provided by law, manufacturers or service providers should do so in a way that it has no negative impact on the security posture of their hardware or software architectures.
Enhancing EU coordination and support to address situations where technical solutions exist to enable lawful interception but are not implemented by providers of Electronic Communications Services. In such cases, for example when home-routing agreements or when specific implementation of Rich Communication System (RCS) do not allow lawful interception capabilities, clear guidance and a dialogue facilitated at EU level would improve the cooperation with Electronic Communications Services.
Conducting a comprehensive mapping of the current legislation in Member States to detail the legal responsibilities of digital hardware and software manufacturers to comply with data requests from law enforcement. It would also take into account specific scenarios and requirements that compel companies to access devices, in compliance also with CJEU caselaw and case law of the European Court of Human Rights. The goal should be to develop an EU-level handbook on that basis, and depending on the aforementioned mapping, to promote the approximation of legislation within this area, and to develop binding industry standards for devices brought to market in the EU, to integrate lawful access.
Establishing a research group to assess the technical feasibility of built-in lawful access obligations (including for accessing encrypted data) for digital devices, while maintaining and without compromising the security of devices and the privacy of information for all users as well as without weakening or undermining the security of communications.
So... Everything, everywhere, all at once? Establish an expert group to figure out how immovable objects are to be met with unstoppable forces. And mandate the findings.
I suppose it's written in a way to sound way worse and alarming than it actually is, due to the upcoming elections. It sounds almost unreal, i mean "EU secret plan to ban any kind of encryption or privacy" can't be reallistically happening, right?
I know about Chatcontrol, so I wouldn't be surprised, but this article sounds pretty overblown, to the point of sounding more like a wild conspiracy theory. Does anyone have more resources or info about this, that don't read like an election ad?
I'm not trying to dismiss or disrespect the author, and I trust that it was written with best intentions, but it's a really worrying topic about which I'd like to get more information about.
However, thanks for bringing it up, I contacted our local Pirate party about the topic, because they don't have anything related to crime prevention vs. privacy in their programe. I suppose that I know what the answer would be, but getting a confirmation before I vote for them would definitely be nice.
I contacted our local Pirate party about the topic, because they don’t have anything related to crime prevention vs. privacy in their programe.
The general attitude in the German PP back in the days when I kept track (it's been a while) was "stop slurping data you'll never need from people not even under investigation, hire more investigators and do actual police work instead".
A good example here is the arrest of the founder of silk road: No computers were hacked in the process. They put a team of investigators on it who found OPSEC failures which are kinda unavoidable when you're up against a state-level actor. All without mass surveillance, only thing needed was good ole police work.
Also, side note, "prevention" and "enforcement" should never be used in the same sentence. The best crime prevention is social policy, not law enforcement. Next in line, swift and fair sentences in juvenile courts, time is very crucial there to form an association in still malleable minds. Next in line, sentences that forego retribution and focus on reintegration.
OPSEC failures which are kinda unavoidable when you’re up against a state-level actor
Which is all you need to confirm that surveillance plans are intended not to help investigate crimes, but to help warn criminals and even help them commit crimes which would otherwise be prevented by technology.
Just to add -- last I remember researching this, none of the terrorists attacks in Europe in the last two decades that were coordinated (and we know how), were coordinated using secure communications. Bataclan was planned over SMS, for instance.
It mentions support from politicians who, I'm certain, would approve of Mexican cartel or Pinochet style actions against their enemies if they were unchecked (UvdL). So this doesn't seem to be more alarming that it actually is.
Also I don't want to invoke Godwin's law here, but the actual coming of original Hitler to power happened very fast. So if your argument is "EU can't undergo such a change so easily", then I suggest you find something better.
Implementing lawful access by design in all relevant technologies in line with the needs expressed by law enforcement, ensuring at the same time strong security and cybersecurity and providing for the full respect of legal obligations on lawful access. According to the HLG, law enforcement authorities should contribute to the definition of requirements, but it should not be their role to impose specific solutions on companies so that they can provide lawful access to data for criminal investigative purposes without compromising security. To that end, experts recommend developing a technology roadmap that brings together technology, cybersecurity, privacy, standardisation and security experts and ensures adequate coordination e.g. potentially through a permanent structure.
Ensuring that possible new obligations, a new legal instrument and/or standards do not lead, directly or indirectly, to obligations for the providers to weaken the security of communications by generally undermining or weakening E2EE. Therefore, potential new rules on access to data in clear would need to undergo a cautious assessment based on stateof-the-art technological solutions (which should in turn consider the challenges of encryption). When ensuring the possibility of lawful access by design as provided by law, manufacturers or service providers should do so in a way that it has no negative impact on the security posture of their hardware or software architectures.
Enhancing EU coordination and support to address situations where technical solutions exist to enable lawful interception but are not implemented by providers of Electronic Communications Services. In such cases, for example when home-routing agreements or when specific implementation of Rich Communication System (RCS) do not allow lawful interception capabilities, clear guidance and a dialogue facilitated at EU level would improve the cooperation with Electronic Communications Services.
Conducting a comprehensive mapping of the current legislation in Member States to detail the legal responsibilities of digital hardware and software manufacturers to comply with data requests from law enforcement. It would also take into account specific scenarios and requirements that compel companies to access devices, in compliance also with CJEU caselaw and case law of the European Court of Human Rights. The goal should be to develop an EU-level handbook on that basis, and depending on the aforementioned mapping, to promote the approximation of legislation within this area, and to develop binding industry standards for devices brought to market in the EU, to integrate lawful access.
Establishing a research group to assess the technical feasibility of built-in lawful access obligations (including for accessing encrypted data) for digital devices, while maintaining and without compromising the security of devices and the privacy of information for all users as well as without weakening or undermining the security of communications.
Recommendations from the High-Level Group on Access to Data for Effective Law Enforcement, Council of the European Union, 22 May 2024, pp. 23-24.
I contacted our local Pirate party about the topic, because they don't have anything related to crime prevention vs. privacy in their programe. I suppose that I know what the answer would be, but getting a confirmation before I vote for them would definitely be nice.
The Swedish pirates are happy to hear that you contacted your local pirates! And feel free to send us a DM here on lemmy if you need help to get in contact with them! Together we sail into a better tomorrow for all Citizens!
I look at it this way - people that think the government will use this to spy on them are fucking delusional. How self-important do you have to be to think that out of billions of citizens, any government would give a single shit about the crap you say online?
Tinfoil hat delusions of grandeur in a nutshell
I expect the same people would be extremely vocal if there was a terrorist attack that could've been stopped but wasn't
It's not necessarily just about the government. Built-in backdoors also give malicious actors more ways to access your own private information, whether to steal your identity, transfer money out of your bank account, use your credit for loans, or blackmail you. Also, other governments already use your online speech to arrest you for saying things they don't like - see China or Russia. Many EU countries are only one election away from having a government that goes in that direction already. This is only going to make it that much easier for them.
Yeah, sure, delusional. Until you call a local polititian "so 1 dick" on some online platform, leading to you and also your ex grilfriend getting raided by the police, all electronic devices taken by them as evidence for an undetermined time and the low key threats from the prosecutor about what would happen next.
Or until a journalist dares to link to a website, that the state recently criminalized the creators of, though the state itself links to that specific site, too.
And depending on how easy the access for the police is: You might wanna refrain from being too popular (like a famous singer or actor) or from being active against climate change or right wing extremism. Your personal data is easily leaked through the police to anyone of their friends.
You might think, that this is overly specific and won't really happen? Well, it already did. In germany. Sure, most people won't have the states crosshair on their forehead. But nontheless you might easily be one of the exceptions.
I look at it this way - people that think the government will use this to spy on them are fucking delusional. How self-important do you have to be to think that out of billions of citizens, any government would give a single shit about the crap you say online?
#1 I'm pretty important for me and a hypothetical person with some govt connections whom I'd call sheepfscker and SOAB in a heated argument, or just show that I don't respect them. These are legal, or warrant a fine possibly, but don't warrant that person using such connections to get at my private communications or something like that, which would become a real possibility.
#2 If they wouldn't give a single shit, then it's very strange they are being so swift and stealthy about introducing legislation affecting mostly that. Not targeted attacks at suspects (which are not too hard for competent people anyway), but watching everyone.
I expect the same people would be extremely vocal if there was a terrorist attack that could’ve been stopped but wasn’t
#3 Terrorists and whistleblowers and people who need help against domestic abuse or mafia or whatever else are interested in the same tooling here. A healthy society can continue to exist after a successful terrorist attack. It can't without whistleblowers and ways to have confidentiality in general.