> I wonder why there has been such silence on this

Yes, I would think that if there were any real journalism left, they would be all over this. For the sake of their profession, and the protection of their sources.

Big tech would be for this -- it would create a huge moat in terms of costly and complicated compliance overhead that would keep small challengers and startups out.

Complicated or costly regulation is a regressive tax -- it affects smaller companies a lot more than larger ones and tends to prevent new entrants to a market.

Fatigue? We are fighting this with different names since 2002. I guess normal people just can't hear about it anymore and that's probably on purpose.

Having the service provider handle the encryption is very convenient for the users. And, it turns out, the government.

Its obviously not broadly announced, they're silently trying to push it through. But its also fatigue, Chat Control or the same thing under a different name is a thing the EU has been trying to push for a couple years. Every time the internet complains, somtimes on a larger scale, sometimes just the privacy niche and until now it luckily has always failed because not enough member states agreed on it. They will try until it goes through.

I agree with most reasons others have pointed out (fatigue, lack of good journalism, deplatforming, alienation…).

Another one: it's holiday season, a clever time to get things through.

Another one: most EU parties stand for it, even my usual go-tos, namely Greens, S&D, and The Left.

We've been mostly deplatformed for any kind of organized action against it, there's just writing an email to your MEP or... a change.org petition. Yes really. Nothing official one could sign their name under.

But even so, the commission does whatever it wants anyway, they are complete autocrats when it comes to law proposal, it's up to the parliament and the courts to something about it afterwards. And they should given that it's unconstitutional in many EU countries and incompatible with GDPR as it currently exists.

> why there has been such silence on this

Government trying to break your privacy is routine at this point.

Among many other reasons: because the proponents are using the usual "think of the children" tactics to impugn and libel the opposition.

Anybody who thinks they have online privacy is deluded. Regardless of Chat Control.

>I wonder why there has been such silence on this

Some combination of cowardice, conflict of interest, and fear of ICE.

This is coming from WEF and major operators are members of that organisation.

In the end, these organisations want to slice and dice private conversations. It will be a goldmine for AI training and hence the push and silence.

This is all corrupt.

"including end-to-end encrypted ones"

How? If they're end-to-end encrypted, they really can't be monitored unless there's a flaw in the encryption system. Don't trust messages to systems that aren't auditable.

I dont think it should be taken as a given that it'll happen. While this may be something the public is generally in favour of or ambivalent towards, there's a LOT of EU countries and MEPs that are not at all in favour of this, and already a few EU countries whose courts have ruled that this would violate their constitutions.

While its certainly possible it'll happen, it's far from certain. It can be stopped. Of all the currently 'undecided' countries, if just Germany came out against it, that'd be enough to sink it. Germans are pretty pro-privacy people, and the government would win no popularity by supporting it. Even if the German government supported it though, the German MEPs would likely still end up mostly voting no

> Chat control is going to happen sooner or later.

Even if that is true—which you don’t know, because you cannot predict the future—later is definitely better than sooner. Later is worth fighting for.

Your defeatist attitude is exactly what these bad actors want, you’re playing right into their hands. Thankfully not everyone thinks like you, or Chat Control would have passed first time and no positive change would have been enacted ever about anything.

Of course the elephant in the room is all of this content and bad behavior predates the internet entirely. The internet is used because it is more convenient than mailing polaroids to a dead drop address. Not because it enables anything that wasn't happening previously. Makes it a little easier perhaps, but even that is arguable given the oversight today.

Why be so hopeless? Especially when the people that push these things are so brazen

> that's the general public. They want it; they'll get it.

Citation needed?

https://www.patrick-breyer.de/en/poll-72-of-citizens-oppose-...

That's only one survey, but I'd say it still beats anecdotal evidence.

I don't really understand this attitude because clearly if this passes, it will create a (black) market of new communication tools to bypass this and so on and will end up locking down every connected device so we can't run anything that is not government approved. It does not matter there will be ways around this - what matters is they will be illegal. So no, this can't be allowed to happen.

In other words, the people in power get to dictate which thoughts you're allowed to have/express? Even in the privacy of your own house? And if the people in power decide acts of kindness or expressing love for your children are illegal…?

> Some thoughts if you have them, are illegal to express, even in private, for your own consumption.

fuck this attitude with a rake

> Do they think they're above it? Are they stupid and don't know what they vote for?

They're somewhat out of touch with tech, and caught up in police narratives around encrypted apps blocking their attempts to find pedos. Tech firm lobbyists sell them some lies about the capabilities of these systems.

Ultimately these are politicians stuck in the notion of "but the police can open your [physical] letters, this isn't any different" completely unaware of how times have moved on.

Matters like how people are already being harassed by CSAM being sent to their DMs, how people raid discord servers and try to have them taking down by spamming CSAM, etc, are completely lost on these politicians.

On top of that it's just cowardice. Not daring to be seen as "aiding pedos".

From Patrick Brewer's analysis [0] it seems like written into the proposal is to enable members of the government to have access to excepted systems, if applied for things like law enforcement or "national security." If I had to guess, at least a few MEPs expect they will be able to use such an exemption for their personal communications.

[0] https://www.patrick-breyer.de/en/posts/chat-control/

> Do they think they're above it?

Yes, the lawmakers literally exempt themselves from this law in this law.

I do.

Are you going to the the "pedo" that is against protecting the children and catching predators?

I know it's diseingenuous but these laws are crafted with that in mind.

People that might take a real chance in challenging this are weeded out long before they get to these positions.

> ... The 'Unofficial' boss of European Union is Germany. ...

I disagree with this sentence. The unofficial bosses are both Germany and France. Which is also the reason why the people in the richer EU countries will suffer economically when the upcoming bailout for France /will/ happen.

The new German government has not spoken out or acted against this (despite similar efforts having been ruled unconstitutional by its highest court)

Germany isn't the boss of anything. When it comes to yielding power, France always gets the upper hand. Always

europeans should still use the opportunity to organize against it and future attempts

Would this have been UK/Germany back in the day?

Funniest part is, current EU politicians are setting these systems up just as nationalist and authoritarian politicians (their adversaries) start to dominate the scene. Introducing this now seems like self-sabotage.

WW2 was the immense shock that gave us that golden age of the 1960s-1990s. But WW2 is now a distant memory for most.

While I agree with you about rising authoritarianism, I'm confused what this has to do with nationalism. Chat Control is being created by the EU, a supranational organization. If anything, this sort of transnational authoritarianism is a bigger threat, and likely to promote nationalist backlash.

You're right. I've been comparing it to 1984 all this time, when in fact it literally is 1984 just with modern technology. It's interesting how the story 1984 strikes a chord in many people, but something like Chat Control just seems normal. I guess having a camera in your house feels more invasive on a visceral level, despite the fact that we're now putting our whole lives on our phones and online services.

You're not thinking about it the right way.

Of course there are mechanisms to defeat privacy-invading software (and hardware), but the point is that most ordinary people don't want to. Most ordinary people actually want to hang out on the same social networks that all their friends and family are on, they want to watch the same TV shows, they want to be able to easily make payments at their local restaurants and the grocery store, they want to be able to use public transport etc etc.

When forced to choose, it turns out that convenience beats privacy for almost everyone.

As someone who's only visited, a foreign phone with foreign SIM will get you out. But I think using VPN on a Chinese SIM is somewhere on the range of very difficult to completely impossible these days.

The Chinese SIM is the key. If you are a foreigner and want to use a phone, either use a burner phone with a Chinese SIM or use international roaming with a non-Chinese SIM. You should not use a Chinese SIM.

Other restrictions are tied to the account which are based on the region of the Apple account, so any phone with a Chinese account will have various restrictions.

> How hard is it to disable the state spyware on a phone you buy there?

Are you referring to something specific? Or you are just guessing?

Even the title of that Wikipedia page is misleading and choosen in a way that almost forces your opinion on this (you can't be against a regulation made for such a noble intent, can you?)

Why not just call the page Chat Control 2.0?

If you follow the link for "Chat Control" in the first sentence, and then scroll down for a while, you will find a subsection titled "What Is Chat Control". Probably they assume that if you do not know what it is, you should not care about it.

From that section:

> "In 2021, the EU approved a derogation to the ePrivacy Directive to allow communication service providers to scan all exchanged messages to detect child sexual abuse material (CSAM). Although this first derogation was not mandatory, some policymakers kept pushing with new propositions.

> A year later, a new regulation (CSAR) was proposed by the European Commissioner for Home Affairs to make scanning messages for CSAM mandatory for all EU countries, and also allow them to break end-to-end encryption. In 2023, the UK passed a similar legislation called the Online Safety Act. These types of messaging mass scanning regulations have been called by critics Chat Control."

A bit of a scroll past the probably justified but still alarmism is the actually bad proposal.

> The most recent proposal for Chat Control comes from the EU Council Danish presidency pushing for the regulation misleadingly called the Child Sexual Abuse Regulation (CSAR). Despite its seemingly caring name, this regulation will not help fight child abuse, and will even likely worsen it, impacting negatively what is already being done to fight child abuse (more on this in the next section).

>The CSAR proposal (Chat Control) could be implemented as early as next month, if we do not stop it. Chat Control would make it mandatory for all service providers (text messaging, email, social media, cloud storage, hosting services, etc.) to scan all communications and all files (including end-to-end encrypted ones), in order to supposedly detect whatever the government deems "abusive material."

> They start outlawing encryption altogether?

This is the direction places like the UK have gone in, yes. Can't decrypt something? Then we assume it is illegal content.

https://en.m.wikipedia.org/wiki/Illegal_number

I'm sure many core proponents of Chat Control would like to also make it illegal to "hide" from scanning by applying your own encryption (and, even if not caught directly, it would add to the list of crimes someone might be charged with) but that large of a change probably puts it too far outside the Overton Window of today in a single push.

People have been selectively "banning math" for decades -

https://en.wikipedia.org/wiki/Export_of_cryptography_from_th...

They don't even need to spin up their own channels, they can just continue to use existing channels and encrypt their messages.

I mean, if youre in the business of CSAM surely you don't mind encrypting a zip and emailing it or putting it on Google drive or whatever. Its trivial, requires next to zero technology knowledge.

Its inconvenient, sure, which is why we don't currently do that. But I'm sure the CSAM distributors don't care. Why would they?

You will eventually get a canned AI made reply (just like all the canned AI mails they have received these days due to websites creating templates for them).

Enlightening, I'm already looking forward to the next ten years of civilisation!

This was my thought as well. Back to dumb devices and call it a day.

I fear we're long past the point of no return. We are exactly one 'policy update' away from not being able to install non-compliant messengers on our phones. Sure, there are still some devices that will let you unlock the bootloader and you can still sideload unverified apps, but let's be honest, most people today barely manage to install an app from the store. If installing a decentralized messenger is more involved than that, 99% of people aren't going to do it.

those platforms will be banned. this will doom Signal, the fediverse, and countless smaller platforms. anything that isn't compatible will become illegal.

I'd personally like to have a FOSS, privacy-aware CSAM (or even generic gore/porn) detector I could plug into Matrix/Lemmy/Mastodon servers. something self-hostable, so I could run those services without worrying about pedos and trolls ruining my platform.

I'm not sure if something like it exists. I'm not sure if it could exist. PhotoDNA (the old CSAM detector) ended up being somewhat reversible, so that you could actually turn signatures back into obscene material. because of this, the signature databases were shared under strict NDA, only to large players.

probably the most realistic solution is a generic porn classifier convnet. if it blocks adult porn, it should block CSAM too (hopefully?)

they are not reliant on image hashes, and reversibility concerns apply less because the dataset used to train it was presumably legal (if distasteful.)

individuals mostly have a few things they care about, but most people don't understand shit

especially technology

especially information technology

politicians are selected for being people-oriented therefore most are hopelessly underinformed

and it's very very very easy to get caught up in ideologies

and then means to an end seems like business as usual

Even if a system doesn't look authoritarian, corruption happens all the time. Those involved in corruption naturally want more power for themselves. Additionally some people actively thirst for more power for whatever reasons, and most people don't want to be constrained in their jobs, and they are all aligned in expanding governmental power. You need some discipline to commit to the idea that "I don't want the ability to see encrypted chats, even if that makes my job 90% easier to do", and I don't trust most people to have it.

Why?

Democracy is being served. People want this stuff. HN people maybe not, but let's not pretend we represent anything but a noisy minority. It's entirely democratic AFAICT, "think of the children" and "think of the terrorists" won the argument some time ago.

Free speech is not held as an absolute in many countries as it is in the US, and never has been. It is in a bad state in some places (the UK seems to be performing poorly on this measure) but a lot of places feel the right to spew whatever toxic lies spring to mind without consequences might not be entirely healthy either.

Justice? I think justice is performed better in many European nations than most of the rest of the world.

And freedom... lots of people like to claim the US is the most free place on earth, but it's really not clear that's true. There are freedoms in other countries not enjoyed in the US. Here in Australia for example, I am free to collect the rainwater and filter it for my drinking-water supply, something that's not true in every state.

Self-host may be the new Samizdat.

so you encrypt your image, send it to the government, the government runs its CSAM detector on the encrypted image and gets... an encrypted result.

then what? you decrypt the answer and send it back to them? promise that you totally didn't change the answer?

FHE is the wrong tool for the job. you'd want verifiable computation (e.g. ni-ZKP) instead. both are too complex and faaar too computationally expensive for actual use.

It would be useless because predators won't run the homomorphic encryption.

>Apple, for instance, already solved this with NeuraHash

"Solved"

I think you're being hyperbolic. It wasn't terrible, but I do agree, I had to dig for "What is Chat Control". It read to me like a panicked person, repeatedly saying, "You've gotta hear this..." over and over, before getting to the point.

I think the issue is that the EU believes to do these things above corruption. In a sense, if you think you are upholding human rights, free speech, and personal privacy, you don't think it is required to offer people ways to hide from the government.

The government thinks the rule of law itself is good enough. Even if they are aware of your speech and it criticizes or shock or whatever the currently elected, they believe nothing could be done against you because the rule of law would protect your right to do so.

Therefore they assume if you have to be secret about it, you must be doing something illegal, otherwise they don't see why you would worry about the government being able to know you are doing it, since they could not do anything against you.

Here for example, they assume that it would only be used to catch and prevent CSAM, which is illegal. But that it would never be abused to prevent legitimate legal free speech, or that it would be done in a way that your privacy is respected because the rule of law won't allow other use of "snooping", etc.

And to be honest, I don't know if they are completely wrong or right. It's a different perspective, one that relates to "gun control" as well.

In the US, people have zero trust of government, and feel like at any point they need to be armed and have the means to hide, escape, and rebel against it. That means secure communication channels, bearing arms, etc.

In the EU, generally people assume that the systems in place will protect the institutions and upheld the rule of law, constitutions, democratic freedoms, etc. And people trust the system in place, so they don't see why individual citizens should be allowed to have weapons, places to hide, etc., and see that more in practice as something that enables crime.

Generally, the counter argument to the American stance is that the power imbalance is too big anyways, it's the system that must be protected and needs to be trusted, if the system becomes corrupt, no amount of civilian weapon and hiding places could match the power the state has, so it's a futile attempt that just ends up benefiting criminals.

Realistically the EU only cares about protecting their citizens from private companies, and especially American ones. When it comes to government overreach they know virtually no bounds.

Then the US on the other hand does decently protect its citizens from the government itself (well, this recent year/administration notwithstanding), only because the US government knows full well they can just turn around and grab all the data they want from the private American companies they don't regulate at all.

Two approaches with the same outcome, absolutely.

"People showing disregard for your privacy" is a matter of scale when going from analog to digital, it's at least not inconsistent.

e.g. If you engage in private spoken conversation, most people are not going to treat your conversation as if it's privileged, avoiding any mention of it in casual conversation, and refusing to divulge any details to law enforcement.

Even in places with generally strong protection against state search you have almost no privacy if someone drags you into civil court. Not only can state opponents attack you there including through pretextual claims, but you're also open to attack by numerous non-governmental entities.

Online/electronic privacy advocacy is in my view overly fixated on direct state invasions via law enforcement powers and corporate surveillance through ad data, while largely ignoring threats via hacking or civil litigation.

The best policy is to not record things that shouldn't be made public. The next best step is to not retain recorded things longer than needed. Modern software/operating systems largely make either of those steps quite difficult, leaking tons of data with every use, making it impossible to reliably delete material, etc. But nothing less is effective against the full spectrum of threats, not even strong encryption. (but obviously strong encryption is good and critical for what you do record and retain!)

Can you expand more on how many of the key seeming counterexamples to this in the map support this conclusion (e.g. DE should be the most red of them all, no?) or how the desire for CSAM surveillance is a proxy for the mixing rate of different religions in the regions? It feels unlikely we will agree about it, but I'm curious what you're seeing in this data that makes it seem so clearly the causal reason to you.