The current draft would cover every kind of service that allows people to exchange information so that every DM you send on reddit, twitter, discord, steam, ... would be have to be scanned. Not even the most totalitarian governments on this planet have tried to implement something like this. Also it sounds extremely illusory that the people exchanging CSAM wouldn't simply switch to private services knowing their messages on public services are scanned.
"... As services which enable direct interpersonal and interactive exchange of information merely as a minor ancillary feature that is intrinsically linked to another service, such as chat and similar functions as part of gaming, image-sharing and video-hosting are equally at risk of misuse, they should also be covered by this Regulation. "
> Not even the most totalitarian governments on this planet have tried to implement something like this.
Arguably North Korea since their RedStar OS had a kernel module that scanned all files and text looking for keywords like 'torture'. And if you're being compared to one of the most brutal and isolated dictatorships on Earth, things are not good.
>Also it sounds extremely illusory that the people exchanging CSAM wouldn't simply switch to private services knowing their messages on public services are scanned.
The justification is obviously a lie anyway. If CSAM were such a huge concern, you wouldn't have member states where distributing CSAM is about as severe of a crime as theft, which is the case in Germany.
Surely the first step would be to have actual significant criminal charges for these crimes in all member states.
page 46. "... measures shall be ... targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk as well as the provider’s financial and technological
capabilities and the number of users; ..."
.
.
It's a big framework to push the industry to have more "parental controls".
Everything is covered, but there the actual requirements make sense. See page 45.
It's still bad, because it's extremely tone-deaf (and playing with fire is bad), but it's written by and for policy idiots, who live in Word documents, and (un)fortunately rarely have contact with the outside world.
That's an interesting thread ... they claim they won't be compliant, which I applaud, but what will happen is that unwitting Signal users will end up being targeted by law enforcement. There are already precedents of people with "secure" phones or encrypted messaging apps being targeted, such as the Sky ECC case.
If Signal can’t be installed or updated via the App Store anyone, that’s already enough to exclude 99.9% of all users - no need to involve law enforcement.
My point wasn't that there was a need to involve law enforcement. My point was that overzealous law enforcement will use this as yet another excuse to crack down on people who value privacy.
"Signal, unwilling to implement easy to build software to comply with EU regulations, likely due to fiscal concerns, has shown itself placing profit far above the care and concerns of our next generation, our children, and the pedophiles that prey upon them, such heinous creators of child porn." signed EU press release.
The overwhelming majority of people living in the EU won't really care or even notice this new law/directive/(?) because they don't really pay any attention to what the EU is doing but yeah for most of of the remaining ones that will probably suffice.
They are not somehow bluffing or threatening this simply to try to change the law. It's a principled stance that they simply cannot provide E2E encrypted chat under such conditions. So either they break their protocol in which case their claimed offer would be a lie, or they leave.
Seems like the only choice they have, really. Also, by "leave EU" I'm pretty sure they mean not offer their app in the EU, so yes I think they expect their EU user base to be zero in this scenario.
To my knowledge, Signal makes a grand total of €0 in profit in Europe, or anywhere else for that matter, being a not-for-profit. It is not the purpose of a not-for-profit to grow exponentially. The Signal Foundation's mission is to ensure the continued existence of a secure messenger app. The people in charge of Signal take that mission very seriously, to their great credit.
There are already anti-circumvention mechanisms built into Signal to facilitate use in places like China and Iran, so they've shown no interest in compliance where that goes directly contrary to their mission. Should they be removed from the App Store in Europe, I imagine they'll work on making use of the EU's own push to open iOS up for alternative app stores / PWAs. (It's clear that the EU is unhappy with Apple's current take on compliance, so we can expect that to open up further.)
Doesn't really matter what Signal does. If this goes through then the next push will be to implement the scanning at the OS-level for non-compliant apps. Or just to demand that Android and iOS get the ability to block apps on a government list even if installed outside the app store. Sure, a few hackers (and the criminals) will always have secure communications but you can't win the fight for widespread secure communication against the government's will with technological means.
I think this seems like a fairly extreme and unlikely worst case scenario. I'd be sceptical about the EU's ability to actually implement something like this - there are limits to both what American companies are willing to do (e.g. Google leaving China), and what some of the more historically liberal European states are actually willing to tolerate from the EU level (imagine the blow to business confidence).
That's not to say that the present proposals aren't already bad enough.
I think it would be feasible for Whatsapp, Telegram and Signal to form a coalition that pledges to withdraw from any country or market that tries to pull these shenanigans, such that the sum of them is big enough to play that game.
The hardest to convince would be Whatsapp, but I think that Zuckerberg is one of the few big tech CEOs that still has principles, at least sometimes. I think it could happen.
And I believe that is exactly what the court was demanding they do. Push an update to uncloak the users that the court determines should lose their privacy.
Thanks to hn crowd, who explained it's not super difficult (and not going to lie, summer $500 discount), a Google pixel phone, soon running GrapheneOS, is on it's way.
Can GrapheneOS prevent detection of somebody sideloading Signal?
Probably not but you still need to have someone to someone to communicate with even if you manage to install it. If you can't get it on the mainstream app stores it will just be a niche app for "privacy nerds" and drug dealers (in the EU at least..)
We learnt the value of free speech the hard way, and very slowly. Now we need to keep extending such notions to the rapidly increasing frontiers that new tech is exposing.
Hopefully with more tech-savvy generations gradually taking power, this will happen without too many painful lessons.
> We learnt the value of free speech the hard way, and very slowly
Did we though? Unfortunately outside the US and a handful of other places free speech doesn't seem to be valued that much, often it's even viewed as a threat (and I'm not talking about authoritarian regimes). It's a double-edged sword to be fair, enabling misinformation and chaos.
American freedom of speech aka "you can literally be fired and see your life ruined for having a political opinion but you won't go to jail so be thankful"
I think one of the main problems "free speech absolutist" have is that they chose such an awkward phrase to self-identify themselves. The word "absolutist" is so unambiguous that it implies that seemingly no one would qualify for it besides true loons which makes the whole idea easy to dismiss.
When you really get down to it, almost everyone supports some type of restriction on speech. This should be especially apparent when discussing legislation like this in which the goal is preventing the distribution of child porn. How can a "free speech absolutist" be okay with a government making certain images and videos illegal to share? Wouldn't a true absolutist fight for people's right to distribute child porn?
The ambiguity of "absolutist" ends up making any reasonable "free speech absolutist" debate the meaning of the word "speech". Suddenly things like child porn, defamation, threats, fraud, and/or the location of Elon Musk's private plane need to be debated as whether they qualify as "speech". The chosen phrase necessitates that the "absolutist" need to weaken the idea of "free speech" in order to seem reasonable. Which in turn makes people who are ostensibly pro-free speech start to question whether something like hate speech should even qualify for free speech protections.
So a "free speech absolutist" either needs to argue some truly extreme views like why child porn should be legal or they weaken the overall pro-free speech side of the whole debate.
see https://www.hackerneue.com/item?id=40712506 for my argument that making child porn illegal protects abusers more than abuse victims. i guess that makes me a free speech absolutist?
It remains me how I created stations of cross recently with a help of Midjourney... I was not allowed to put words ”virgin" and "jews" in prompt. Clearly, my intentions was not to harm anyone.
Without responsibility there is no free speech. Making bunch of regulations, collective guilt etc. wont learn those few abusers why their actions might harm others.
I think it is fundamentally dishonest to point to a Pulitzer Prize winning photograph as any sort of representative example of "child porn". Neither of the photos you specifically call out would meet the "I know it when I see it" standard cited by the US Supreme Court and the photos that do would never be published by reputable news sources regardless of their actual legal status. Therefore, your argument isn't even really about the law, it is about societal standards of decency.
it sounds like you didn't read very much of my comment, because you didn't understand what my argument was about, even as a vague outline
separately, you say, 'I think it is fundamentally dishonest to point to a Pulitzer Prize winning photograph as any sort of representative example of "child porn".' however, the thing you think is dishonest is something you made up, not something i said, suggested, implied, or agree with
Because frankly free speech absolutists got hijacked by people who have no intention of creating free speech (such as Musk). And frankly, many of the arguments are not meaningful to normal people or to those opposing it. You have to talk to your audience. And in this case it is recognizing that most of laws controlling speech has not been aimed at those universally hated like Nazis, but rather those who have little power, like minorities. People think there is a free lunch here, but it just doesn't exist.
So the free speech absolutist groups got infiltrated by those that wanted to dog whistle and (almost) never tailored arguments to those who were strongly opposed; and worse, those who need free speech the most.
The same often goes for encryption. And we have to deal with adversaries that are willing to straight up lie and promise things that sound nice and sound accurate (things that follow when using basic logic but don't if nuance is incorporated). There are no universal optimas, things with no downsides/costs. But most importantly we have to tailor arguments to audiences, not expect them to be just taken and understood like we do. The priors are different and their objective functions may be different as well. So often people will argue what they think is most important to fall of deaf ears because people don't consider that thing important (at least in context).
Hate speech accusations are a bit like being accused of rape. Once it happens you automatically get tainted and it is very hard to defend yourself in the public sphere, even if the accusations are totally unfounded. This is of course abused by evil people.
Moreover, what counts as hate speech can very suddenly alter depending on whoever is in charge, and even if the public don't go along with it, it can still be used to silence people.
Really because all the people I've seen who bitch about both the lack of their freedom to speak and of being accused of hate speech never shut up, in fact it's seemingly their entire career now to make public appearances at venues and complain about how silenced they are, into hot microphones, for an audience.
I am not directing this at you, or anyone here, truly. However, this XKCD always come to mind whenever I hear the topics of hate speech and free speech mentioned within proximity of each other:
OP specified “culturally”, ie people who stand up for free speech regardless of its content are painted as alt-right bigots, even if they only care about preserving the right to speak freely.
I’m also in this camp and have been down-voted into oblivion many times for just saying something like “I disagree with what you say but I will defend to the death your right to say it”.
It’s not fun to be a defender of truly free speech because you get painted into the same camp as the bad guys.
I don't believe that anyone is truly for absolute free speech, it's just some theoretical utopia which sounds great, until you actually dive into details. Would you defend my right to call your little brother or sister terrible disgusting names? Threaten you or your family's lives? Say that your entire ethnicity doesn't deserve to exist? Because that would be absolute free speech. I don't think anybody should have the right to do that. I mean they can try, but if it happened in real life, they'd find out real quick that it wasn't a good idea.
If you disagree with me on major issues, I will defend your right to state that. But if I find myself in a place full of hate, be they nazis, or tankies, or whatever, I leave and don't come back.
Free Speech Absolutism was/is connected with hate speech because sites that hold up such an ideal end up being the landing pad for the very worst people who were banned everywhere else. There aren't enough normal people who vote with their money/time/engagement to reach critical mass on those platforms.
And turns out very few people want actually free speech. We're in a forum with strong moderation and the discussion is better for it. Most communities self-enforce norms even without central moderation. There's no easy answers when you have to reckon with the real effects speech has. Germany wasn't special, they weren't even alone at the time. What folks call "fascism" naturally precipitates under the right conditions and I can't think of any time in history where it's been dealt with by the socratic method and not violence of a kind.
But once you have a word you can accuse someone of with actual repercussions folks acting in bad-faith try to fit people they don't like into the mould. We think ourselves so much better than those silly puritans accusing people of witchcraft but we just changed the words. I'm sure you could name five off the top of your head that people level without any kind of justification.
I don't usually comment on HN because I don't feel like I can bring much value to the discussion in many cases and I would agree to moderate it even stricter even if my (rare) comments would be removed.
In real life on the other hand I want to be able to say stupid things and even if I might be more sensible to others' "hate speech" I would not want that to be banned.
Wanting free speech on internet forums is different from wanting it at the government level. I'm not sure what Free Speech Absolutism is, but if it means unmoderated internet forums, yeah that usually doesn't end well even if only a small minority has bad intent.
Big online forums with any kind of global popularity already have an inherent problem despite the moderation, not because of hate speech but because of ragebait and other forms of grifting. Especially with anonymous users.
Firstly, that Germany's descent into fascism and anti-semitism were both helped by the lack of free speech. Blasphemy laws prevented the anti-semitism preached from the pulpits to be challenged, and hate speech laws actually helped the Nazis publicise their movement[1].
> Rather than deterring the Nazis and countering anti-Semitism, the many court cases served as effective public-relations machinery, affording Streicher the kind of attention he would never have found in a climate of a free and open debate. In the years from 1923 to 1933, Der Stürmer [Streicher's newspaper] was either confiscated or editors taken to court on no fewer than thirty-six occasions. The more charges Streicher faced, the greater became the admiration of his supporters. The courts became an important platform for Streicher's campaign against the Jews.
As to norms, they can be self-enforced because free speech allows such a choice, otherwise it would be the case that those norms were imposed or not even available. Most likely, they'd be someone else's norms.
I didn't expect this much of a reaction and didn't have time to engage, as mentioned this is not my fight anymore, but I will try to be helpful.
Free speech absolutism is also known as 'Meiklejohnian absolutism' which pertains to the 1st amendment with a particular opposition to the liberal interpretation of 'clear and present danger'. Heather Lynn Mac Donald is prominent person who holds similar views on speech and she makes the case that calling for end of Israel is protected free speech since there is not a 'clear and present danger'. The people calling for that genocide are presently unable to carry it out. It's actually one of the things I agree with Claudine Gay about. The problem in Harvard's case is that it's selective free speech but that is a different issue.
The liberal interpretation of the 'clear and present danger' carve out for the 1st amendment is the reason why there is so much emphasis on tying speech to violence. This is why safe spaces must be created where views that could make things unsafe are not permitted. For example, misgendering people could cause them to commit suicide therefore you are in effect murdering people with your words. It's a total stretch of the 'clear and present danger' but it is done at such a scale that is has been effective.
The last thing I fought against was the removal of The Daily Stormer from the internet. I figured it set a bad precedent which was sure to be abused. Once services have signaled that they can be swayed then immense pressure would be brought to bear to sway them further. Another reason is that I think it's important to hear what people say instead of what some people say about what some other people say. I think the Taliban and ISIS should also have websites. I also figured it was very counter productive. If you're going to do it once, fine, but don't keep doing it. By first forcing the most extreme people out of mainstream and onto alternate sites the character of those sites will change to be more extreme. By subsequently forcing less extreme people out of mainstream these people have no where to go except for the already extreme sites where they will be outnumbered and they will see the existing extreme views as the new consensus. Slowly salami-slicing the mainstream fosters the creation of a large and very extreme population which is extremely counter productive. A similar effect can be seen in prison populations where many people who go to prison are forced to join dangerous gangs for their own protection and instead of becoming rehabilitated they become far more dangerous than when they went in.
I think cynical political operatives knew this and did this intentionally as part of the 'pied piper' strategy where the 'basket of deplorables' needs to both be large and unpalatable to the rest of the population in order for that group to be effectively disenfranchised. The problem is when that basket gets too big and is no longer able to be disenfranchised and instead elects the pied piper president. I think Q-anon is an soviet style 'Operation Trust' that basically sent a substantial portion of the population insane - intentionally. One would think that they would have learned their lesson the first time when Trump got elected, but having succeed the second time they're going to try for a third time. This whole process is immensely damaging. Even now the attempts to destroy Trump are counter productive and instead helping him.
My primary concern is for the health of the middle class and I worry about mass immigration undermining that. I say this as an immigrant with the understanding that I would be personally worse off were it not for immigration. I think those in the middle class have legitimate grievances and ignoring the issue of mass immigration and deriding those opposed to it as hateful bigoted stay at home xenophobes has lead to the success of populists parties. Attempts at disenfranchising those populists parties with coalitions has only delayed the now seemingly inevitable.
I'm vehemently against hate speech laws, they start out as hate speech modifiers and through that simple existence now require the courts to establish thoughts through invasions of privacy. I think this rises to the level of thought crime in effect and is of course very Orwellian. Once the notion of hate speech crimes has been established it was just a matter of time before legislation makes it official, if not at the federal level then at the state level. I think the new 'anti-Zionism is antisemitism' conflation in combination with 'antisemitism is hate speech' in effect now makes criticism of Israel illegal, it'll be interesting to see how that is enforced as it's such a ridiculous notion. Predictably the left is now on the receiving end of the very policies there were instrumental in establishing. They have been hoisted by their own petard.
The attempt to stamp out 'hate' makes as much sense as the Soviet attempts in their creation of the 'New Soviet man' free from 'greed'. There are already proposals to stop companies from being 'greedy' though legislation.
I find it rather interesting that Popper's paradox espouses the idea that one must be 'intolerant of the things that threaten tolerance' sounds really similar to George Lincoln Rockwell's philosophy of 'you must hate the things that threaten what you love.' In both cases giving people license to do what they wanted to do anyway.
For me the battle is over, limited to posts like this, my focus these days is to avoid the crushing of the middle class by being as economically far away from the middle class as possible.
Honest question: why would a free speech absolutist start a discussion here, on this site? I have a feeling that plenty of rules here [0] wouldn't be accepted by such a crowd.
Free speech doesn't mean you can force anyone to listen.
The government should not make any speech illegal on a federal level, but individual private businesses or websites (like HN) can still decide what's tolerated on their property.
And the corollary -- I believe in free speech but there are some people I'll never listen to, even though I believe in their right to speak.
The first debater said it was okay because the companies complied voluntarily. I found myself at first nodding along.
Then, at least for me, after hearing more arguments I was like, "okay, she's basically saying if President Trump calls Musk and says (please censor anything pro-Biden)" that's fine as long as there's no "or else". To me it seemed wrong for that to be ok.
The other debater also pointed out that even if there was no explicit "or else" the twitter files made it clear the people there thought there was an implicit "or else".
Free Speech as a political principle is about relations between a state, and citizens, not a website, and its users. There are some gray-zone cases (e.g. formally private press/platforms can be heavily influenced by a ruling party using economic means, or for whatever reason some press/platform conglomerate controls market share so big it can influence gov't to legislate conditions harmful to potential competition), but it's definitely not about this site.
Free speech absolutism doesn't exist in a bubble, but falls under a broader civil rights umbrella. Most free speech absolutists here would likely understand that Hacker News is a privately ran forum.
Many free speech absolutists would agree that Hacker News should not be compelled to publish off-topic or rule-breaking discussions any more than a cake shop owner should be compelled to sell you a cake displaying a message that the cake shop owner doesn't agree with.
Yup. Using the early internet required a moderate amount of intelligence. The current internet does not. And now when things are being optimized for the lower 50% of the bell curve it results in things looking a lot different.
The early internet was like a race track for experienced drivers. Nowadays even kids are allowed to participate so all cars are heavily speed limited, with soft bumpers and a huge framework of regulations and protections.
That's fine in itself, but more importantly (to the point) it doesn't mean that pure race tracks should be banned. That's where all the interesting stuff happens.
> This is why the roles of the major players in society (government, monopolies) need to be circumscribed ... We need some sort of human right for digital privacy to make this sort of thing illegal
The entities that need to be circumscribed need to enforce a law that circumscribes themselves? Those incentives do not seem to align to form a stable structure.
The only way is to have a broad-based idea among the people about exactly what is allowed for a government and a big business.
There's a strong and widespread expectation among many that it's morally imperative for them to be able to elect their own government. So any moves by the government to limit this will be met by fierce resistance.
If a similar idea existed about privacy, these sneaky moves wouldn't be feasible and would leave a bad taste in the mouths even of the perpetrators.
Unfortunately, many among us are of the "But I've got nothing to hide" persuasion.
> widespread expectation among many that it's morally imperative for them to be able to elect their own government. So any moves by the government to limit this will be met by fierce resistance.
That's not really true as far as it comes to the EU though? The EU parliament has always been a joke with limited power (both because of structural reasons and because most of it's members are clueless and extremely easy to influence) and besides that the EU population has no way to exert any direct influence on EU policies (they could do that through the council but they'd have prioritize the EU over domestic issues when voting in national elections which will never happen)
In the same vein, EU does not have an idea of sanctity of free speech. Various forms of censorship exist in various EU members, all for apparently good causes.
That's why you need to always ensure authority rests with individuals, or the ability to secure against unjust authority.
The second your only recourse against authority is to politely ask it not to do something bad to you (maybe, for instance, on a piece of paper with multiple choice questions), you have no real autonomy.
That and I can choose not to directly do business with a company without having to upend my entire life. Also none of them have armies. Not that I'm a libertarian or something, just gotta remember that the big nations are very clearly more powerful than corporations.
It'd mean directing people to a new email address, downloading stuff out of Drive, and maybe not advertising via Google. That doesn't seem like a lot. If your job is YouTube content creation, you'd need a new job, but you also had to make specific choices to end up there.
> We need some sort of human right for digital privacy to make this sort of thing illegal.
This already exists in the EU, the EU charter of Fundamental Rights https://fra.europa.eu/en/eu-charter/article/7-respect-privat.... states "Everyone has the right to respect for his or her private and family life, home and communications", however it seems to have been ignored.
" Maybe checks and balances would work as a system, but the EU has neither " This is just wrong. There are courts (on EU level and national level), the council and the parlament.
What about letting people to learn about privacy in digital world in first place? Regulations take individual responsibility and create feeling of something is solved by government. But no one knows what exactly, how is it done and most important... Why.
Tell that to the people cheering the EU "sticking it" to the megacorporations like Apple. Not that those policies were bad on their own but we shouldn't delude ourselves into thinking that the bureaucrats in Brussels ever cared about anything else than exerting their power and control over anything they can touch...
The administrative budget of the EU should be cut by 3-4x times and the money should be spent on something more useful because clearly they are out of control and have nothing better to do. While we're at turning Belgium into something like DC and disenfranchising their government/people living there wouldn't be the worst idea since they clearly have been co-opted into propagating this nonsense.
Certainly. Although megacorps at least still have some incentives to compete with each other and therefore try to appease the consumers. Unfortunately the EU does not.
There isn’t much incentive for them to compete. They have demonstrated numerous times they would gladly work together and not compete openly if it were entirely legal. Non compete clauses are an example of this. Additionally, as we’ve seen with asbestos & lead use in personal care and beauty products after it was demonstrated to be horribly toxic, many corporations would gladly even kill their own customers as long as they got paid first.
That is to say, megacorps have way too much power and access and this must be globally curtailed. To achieve such a goal the EU cannot be going forward with these changes that put more power into the hands of megacorps who will have no problem complying, as they do in China.
EU is, and always was, a compensation job for failed national politicians at their respective national levels. It's the trade horse for allowing your party buddies to take over the government jobs.
EU politicians should keep their over inflated salaries, and stick to what they are good at. Meeting with Google and Microsoft lobbyists at the best Brussels luxury restaurants.
EU was established to provide mutual economic and military security in Europe on a federal model following WW2, and it's done very well in that aim. Of course it's not perfect, but shallow takes like the one above provide nothing of value.
The European Coal and Steel Community, which in many ways is the precursor organization to EU was formed in 1951, with the explicit goal of linking the German and French economies to such a degree that they would be incapable of waging war against each other.
The European Coal and Steel Community wasn't meant to be a political federation, as the name shows. Nor was the European Economic Community to give it its full name.
The concept of the ECSC/EEC/EU as a political federation was always a goal of some small number of federalists (mostly in the beginning communists who were imprisoned on Ventotene during the war), but they didn't have any support for that from the people of Europe themselves, which is why the history of the EU is full of the people building it saying explicitly that they have to lie about their true intentions and can only expand its powers during a crisis.
Certainly there was absolutely no intent anywhere immediately after WW2 to create a political federation. Far from it.
Yes, Jean Monnet, pretty much the founding father of the EU, said this in 1943
“There will be no peace in Europe if the States are reconstituted on the basis of national sovereignty, with all that that entails in terms of prestige politics and economic protectionism. The countries of Europe are too small to guarantee their peoples the prosperity that modern conditions make possible and consequently necessary. Prosperity for the States of Europe and the social developments that must go with it will only be possible if they form a federation or a "European entity" that makes them into a common economic unit.”
Federation was always the goal and it was in direct response to WWII.
> established to provide mutual economic and military security in Europe
Yes and it was/is very successful at that. The overpaid and incompetent bureaucracy in Brussels seems to be mostly tangential if not detrimental to that.
Also to be fair your take is also very shallow and provides little value.
It's a necessary component of this sort of idea, but clearly it's not sufficient. I mean, we have had Russia in war with Ukraine for about a decade now, beginning at the annexation of Crimea, even though they had fairly good trade relations, even if they were hurt once Maidan happened.
I think that one needs strong economic ties, but it seems to only truly work with democratic societies.
Economic interdependence is a deterrent against war, not an absolute barrier.
If you can easily swap trade partners for example, it's less of a deterrent. Which is one of the reasons why EU has gone beyond simple import/export agreements.
Kinda, but NATO is (imho) more about external threats. I think part of the EU's founding vision was to prevent further intra-European wars, in which it has been largely successful.
If a Member State is the victim of armed aggression on its territory, the other Member States shall have towards it an obligation of aid and assistance by all the means in their power, in accordance with Article 51 of the United Nations Charter. This shall not prejudice the specific character of the security and defence policy of certain Member States.
Commitments and cooperation in this area shall be consistent with commitments under the North Atlantic Treaty Organisation, which, for those States which are members of it, remains the foundation of their collective defence and the forum for its implementation.
> shallow takes like the one above provide nothing of value.
The previous Portuguese PM António Costa, who had to resign amid a corruption inquiry...Has just been announced today for an EU role that will triplicate his previous annual salary as Portuguese prime minister
"...Costa's appetite for a top European position has been an open secret for years. In March 2022, amid speculation Costa was angling for a Brussels job, Portuguese President Marcelo Rebelo de Sousa warned him that he would call an election if he were to leave his post early..."
It is a graft and of the worst kind, and naive takes like yours is what led to scenarios like Brexit. It's a jobs for the boys organization and you are not part of the club.
The implicit line here is that if there is peace, then there is military security. And the EU has been pretty good at providing that within its borders (compared to the history of wars between countries of the EU).
At least far as it comes to privacy Apple and even FB, MS and Google to an extent share the same interests as their users, unlike the EU bureaucrats who just seem to be salty because they are unable to exert control over society and justify their existence (they might pass some decent policies while they are it that's just mostly a coincident..).
If Chat Control goes ahead long-term that will outweigh any benefits DMA might have.
DMA, like any other regulation that preceded it, was severely lobbied down. It happened in spite of EU. There is too great of a democratic consensus for it to be completely ignored. Do not get this wrong.
I wouldn't expect it to any time soon either. They'll likely find a way to maliciously comply.
My bet is that they'll only allow "Trusted Partners" to interact with their network, and you'll need to sign a contract with one of these partners to connect to WhatsApp. This contract will have pretty much the same terms as signing up with Meta directly.
First: nothing against a polemic comment against politicians but in this case, the proposal is coming from the council, which is made of national politicians and this news was written by a EU politician (Patrick Breyer of the Pirate Party Germany), so maybe a bit misplaced.
No they should be kept accountable for their actions and the money they waste. Currently there is no mechanism for that, but i m sure hordes of them would quit if we made one
I already kicked up a shit here in NL together with a few other well connected people (with success) but it's a little frustrating that there's little more to do other than hope that nerds in other EU countries can make a difference.
Call your representatives and try to get into contact with the key civil servants involved. Then explain the problem to them. Just an honest argument. I mean a lot of us have kids and want to protect them. Totally agree with the concept.
Only this isn't something which can be solved by technical measures without abandoning "Liberté, égalité, fraternité". This is something for China/Russia/Iran/North Korea/England, not France.
For any regulation or directive to pass, it needs to pass both the Parliament and the Council. Passing the Council means it needs unanimous approval from every member country. I don't see what "blocking majority" the article refers to, one country should be enough. Unless they mean stop it even before it reaches a Council vote, in which case that might be true.
It's a council of the EU vote (as apposed to an EU council vote, different council). Within certain treaties (in this case the Lisbon treaty), certain matters only need a qualified majority (>55% of countries, 15 approximately, and to represent>65% of EU population).
Perhaps the German pirate party should have sticked to focusing on privacy and digital rights instead of becoming a second Green party with a far left bend.
Really his snide at the right gaining traction in his post shows that he still doesn't get it.
I think the government is more reasonable than the private corporations. As an example, I got suspended by Facebook yesterday with nobody to contact. All my friends from school, relatives, and former coworkers are gone - with most of them I was connected only via Facebook. All my messages in Facebook Messenger groups have been deleted! Everything that I ever posted, shared, or reacted to - gone! With no recourse - all at the mercy of some 20-year-old reviewer. Yeah, the government sucks, but private corporations suck much more! At least I can complain to the government and talk to real people!
I know there are alternatives to Facebook - I've pitched all of them to my friends, but people my age are still only on Facebook.
It's time for humanity to move on, to social/messaging platforms not controlled by (for-profit) entities. Or ideally by themselves. Have you seen https://lurk-lang.org? Now it's even possible for anyone to provably compute a specific algorithm on your encrypted data!
The proposal leaked a few weeks ago[1] is extremely vague on this matter and does not clarify how providers should detect CSAM "prior to transmission". Is anyone aware of any sort of scanning technology that can be implemented purely on the client side? Note that the leaked text says that it should be able to detect known and new abuse material.
It wasn't 100% reliable and in fact people quickly found collisions. Which you should expect to be able to with an even more advanced system.
> Ahh, the Misunderstanding Olympics of 2021
There's much nicer ways to say this that is congruent with community standards[0]. If you believe I have misunderstood then try pointing out specifically what I have misunderstood instead of just making an assertion.
But the question was if anyone was aware of any client side scanning technology that could in fact check for stuff such as CSAM. In fact, the Apple system was developed explicitly for this purpose, so yes, this does exist. While Replay doesn't have this explicitly feature stated (that I'm aware of), it is not a big step to think that you can just smash the two things together. As Apple shows a system detecting based on images and Replay is taking images of one's computer.
Yes, they made collisions with cat pictures and complete gibberish. Whoopdedoo.
They forgot that:
a) It required _multiple_ matches before it was mathematically possible for Apple to see any of the photos
b) AFTER the multiple matches to known and verified CSAM signatures there would be an actual human looking at the picture (at reduced resolution or something like that)
c) Only after the human factor they would consider getting law enforcement involved.
Now your fancy collision has slightly inconvenienced a minimum wage CSAM checker for 15 seconds.
Not exactly a master plan for getting people SWATed for CSAM possession =)
--
And the "Misunderstanding Olympics" was referring to the fact that I think I was one of 12 people in the world who actually read the specs of how the system was designed and didn't just imagine in my head how they might've done it and started panicking about "Tim Apple looking at every photo on my phone!!11".
You misunderstand. The objection is not to the methods in which the task is accomplished. The objection is to the principle of the technology. The objection would exist under the best of forms. There is no misunderstanding of the operations you mention; you rebut but a strawman. In fact, the fear was never about "Tim Apple looking at every photo" and has little to do with Apple itself.
It is about how such a technology can enable abuse. It does not matter if the technology is exclusively used for good if the harm it does if abused is too great. And we have plenty of evidence to see that irrespective of which country you reside in, that the scope of such projects typically widens. We also live in a global world and we are not exclusively subjected to the laws of our own governments. We don't have to go far back in history to see examples of the government turning on its own citizens. It is not just the US, it is not just German, not just Russia, not just China, but such actions have been prolific. I do not believe the is sufficient reason to believe your own government is incapable of abusing such power and I'd accuse you of lunacy if you claim that no government would seek to abuse it. Was not the US founded on the explicit principle of treating the government as an adversarial entity? Because if not, well then one of us must be illiterate, since Federalist 10 and 51 famously write this explicitly. Not to mention a litany of quotes by Jefferson.
experience hath shewn, that even under the best forms, those entrusted with power have, in time, and by slow operations, perverted it into tyranny
So no, it is not a misunderstanding on my part as to the specs of the technology. Because the matter is about how much harm could be caused when such perversion happens. It is the understanding that the road to hell is paved with good intentions. That evil is not solely created by evil men seeking to do evil, but the unfortunate reality is that it is often created when good men are seeking to do good. Even under the best forms.
In the "think of the children" scenario the parents are incentivized to consent to some filter. (So they or someone(!!!) gets an alert if the boogeyman is talking to their kids, asking them to send nudes, or sending dick pics.)
See recital 13 on top of page 7 for the definition.
And see 17 on bottom of page 8 for this:
"To allow for innovation and ensure proportionality and technological neutrality, no exhaustive list of the compulsory mitigation measures should be established"
and
(page 46) "... measures shall be ... targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk as well as the provider’s financial and technological capabilities and the number of users; ..."
This is a framework. It seems to be coming from overly-anxious law nerds who can't stop thinking of the children. (And yes, this usually makes them a problem, because they're nigh unreasonable.)
It seem to be set up as a DIY thing for providers. And, again, for parents it makes sense, let your kids surf on the marked-safe-for-kids part of the Internet. (And nowadays kids really spend most of their time on (in!) certain apps, not in a web browser.)
The ugly part is that there are fines to compel the providers to adjust their risk metrics. (page 104, page 110 mentions max 6% of global turnover)
This clearly seems to be a softish push to assign a cost to internet ecosystems for online child sexual abuse.
On page 45 there are some requirements.
The provider needs to think about risks (but guidelines will come from authorities anyway), have some appropriate budget to actually work on this it the context of its own service, and then if it looks like there are problems it should spend money on remediation. (Ie. spend on content moderation, work with other providers in the industry, have a team and provide UX to notify that team, and allow users to limit what they share with others based on age.)
One page 17 section 28 says "... constantly assess the performance of the detection technologies and ensure
that they are sufficiently reliable, as well as to identify false positives and avoid to the extent erroneous reporting to the EU Centre, providers should ensure human oversight and, where necessary, human intervention, adapted to the type of detection technologies and the type of online child sexual abuse at issue. Such oversight should include regular assessment of the rates of false negatives and positives generated by the technologies, based on an analysis of anonymised representative data sample"
and for the draft law language see page 60 which says that after the user reported something the provider forwards is anonymized to this new EU Centre, where there human verification has to take place.
So supposedly this means our tax will pay for folks to look at a ton of rashes and pimples.
Headline is clickbait nonsense. Nothing is being greenlighted.
Here's the only relevant section, which links to an article [1] that says only that discussion will continue on the 19th June:
According to documents leaked by netzpolitik.org, the COREPER 2 meeting in which they will put it [compromise proposal] to a vote will already take place on Wednesday, 19 June.
Also, I expect "green light" in this context means that it will make it on the EU Parliament's agenda, nothing more. That's still perilously close, but it's not done and dusted yet.
I'm pretty sure the "greenlight" on the title means they are meeting to confirm that the countries will vote in favor of the law so it can be quickly approved once it makes to the parliament:
> If Chat Control is endorsed by Council now, experience shows there is a great risk it will be adopted at the end of the political process.
meaning: there will be little opposition to the proposal once it reaches the MEPs.
So regular folks would get scanned, but the bank's private messaging service isn't included. Just like the child pornographer's private messaging service won't be included either.
I want reviewed studies that clearly show how much CSAM is send by those public available services. There are none based arguments for making this regulation. Just spreading a fear and public guilt.
>End-to-end encrypted services such as Whatsapp or Signal would have to implement the automated searches “prior to transmission” of a message (so-called client-side scanning, Article 10a).
So app developers would be required to add code that will scan every message you send for "sensitive" content (which can be defined however the politicians like and be changed any time), and the app will report your message to the government.
- providers spend money on having a counter-abuse team
- providers and authorities cooperate to identify risks
- providers implement proportional controls based on the risks
so if Meta/Signal/etc comes up with something they implement it
users can continue to run their own private stuff.
it seems this has almost nothing do with the organized sex crime stuff, it's about catching those lone pervs who realized they can send dick picks to minors all day.
"... measures shall be ... targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk as well as the provider’s financial and technological capabilities and the number of users; ..."
> So whenever you send anything to example.com you also send it to government-snooping-service.org?domain=example.com.
No, it's client side scanning - you have a database with bad material / a neural network trained to detect such material.
Only when it detects a positive match, it will contact the government server.
"... measures shall be ... targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk as well as the provider’s financial and technological capabilities and the number of users; ..."
- have big players to spend money, have a team that for this, and have effective "parental controls" (have more age-appropriatedness controls, more tagging options for users/content, etc)
- have an EU center that works on the technological part of the problem
It will be very interesting to see the responses of WhatsApp and Apple if this moves forward. Do their commitments to E2EE mean anything or not. Will iMessage and WhatsApp leave the EU or not. That would be extremely telling as to the actual quality of the security guarantees they purport to provide.
Wouldn't client side scanning prior to E2EE circumvent this issue? If WhatsApp or iMessage scan your messages on device it doesn't really matter if they are then encrypted during transmission.
Things change, especially when the Gov says they must. It’s already been a few years. Given the “Apple in China” precedent I wouldn’t be so optimistic.
My understanding is that Apple openly declares they have the same encryption standards in China, and that iCloud Advanced Data Protection was one of the things that started getting them on China’s “naughty list” again.
Note the concern is based on historical precedent, that the commission can browbeat the parliament into passing it, especially considering the recent changing of the guard and relatively limited information that many national voters get of their MEP's activities in the european parliament because of the tendency for EU elections to be decided on domestic issues.
Probably under the umbrella of "you're not going to transmit anything meaningful with an extremely limited amount of horizontal space due to the automatic formatting of chat bubbles"
> Only Germany, Luxembourg, the Netherlands, Austria and Poland are relatively clear that they will not support the proposal, but this is not sufficient for a “blocking minority”.
Ahem what? Last I checked any EU country can veto anything on its own.
> Belgian EU Council presidency
It's Council of the EU, not EU Council, that's the heads of state who don't have any legislative role. But the Council only does inter-country treaties, how is this even their thing?
> Ahem what? Last I checked any EU country can veto anything on its own.
Only on certain topics, which have been narrowed down over time. For most areas (including something like chat control), it comes down to Qualified Majority Voting, which needs at least 55% of countries representing at least 65% of EU population.
Hmm if they are passing this as a "treaty" of some sort then the head of state Council might still need to confirm it even if it passes. At least I hope so.
Feels like they did this shit deliberately though, as it would never pass the Parliament for sure.
I can see how that would be implemented for WhatsApp and other apps from large companies. But how would that work in practice for applications like Matrix where clients are not controlled by the server operator nor the server developer?
Some questions I have from reading Patrick's website:
- How do you even ensure a client is actually self-reporting? On-device attestation doesn't really work.
- As a provider of E2EE chats, should the client report to you or to a third-party (Who?)? If the client reports to you, you are now possessing CSAM. Since even possession of CSAM is illegal, how does that work?
- If a photo are flagged, will it appear in a GDPR access request?
Matrix is a software, it's not a provider. It's out of scope. (see 1. on page 37 for scope)
see page 39 "5. Without prejudice to Article 10a, this Regulation shall not prohibit or make impossible end-to-end encryption, implemented by the relevant information society services or by the users"
"... measures shall be ... targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk as well as the provider’s financial and technological capabilities and the number of users; ..."
also, it's a big framework without any tech requirements (see page 8 recital 17)
You only really answer question 2 of your parent, and they obviously meant for someone operating a Matrix server with regards to their users. It's pretty well summarized in Patrick Breyer's sumary page[0]:
> Only non-commercial services that are not ad-funded, such as many open source software, are out of scope
> How do you even ensure a client is actually self-reporting?
This is an interesting technical question whether or not it's covered by the actual proposal. How do you ensure that Messenger for instance is
1. actually doing the reporting, and not someone simply bypassing the app to keep sending e2ee chats without them being client-side scanned. That would most likely be against ToS and accounts would maybe get banned if doing so
2. prevent against spam reporting, where someone could basically DoS the reporting service with false positives
> If a photo are flagged, will it appear in a GDPR access request?
There are a bunch of dispositions in the draft concerning personal data protection (ctrl+f personal data to find the relevant articles). It also states pretty much everywhere that processing should be done in accordance with Regulation (EU) 2016/679, more commonly known as GDPR.
> Having regard to the availability of technologies that can be used to meet the
requirements of this Regulation whilst still allowing for end-to-end encryption, nothing in this Regulation should be interpreted as prohibiting, requiring to disable, or making end-to-end encryption impossible. Providers should remain free to offer services using end-to-end encryption and should not be obliged by this Regulation to decrypt data or create access to end-to-end encrypted data
I believe this was added as a request from France, which didn't want E2EE to be undermined by this proposal. However, the provider would need to "create access to end-to-end encrypted data" to report it to the EU Centre. Although the following article states that E2EE can still be used if you don't send images, videos and URLs, so I guess that's the compromise?
> Sorry, I don't follow. Am I misreading something? To me the the quoted text says the opposite.
Yeah me too. But how would the provider report CSAM content if they are not obliged to break encryption? I don't really follow the Regulation on that part.
It's a broad framework and - based on my cursory reading:
- providers have to set up a counter-abuse team and fund it
- authorities and industry-wide cooperation on trying to come up with guidelines and tech
- counter-abuse team needs to interpret the guidelines, do "due diligence"
- provider needs to have monitoring to at least have an idea of abuse risks
- if there are, work on addressing them if possible without breaking privacy
As far as I understand the point is have more of services like "YouTube for Kids", where you can give your kid an account and they can only see stuff tagged "kid appropriate" (and YT simply said we are going to be sure there are no bad comments, so there's no comment section for these videos - which hurts their engagement, which hurts profitability).
There's a section about penalties and fines, up to 6% of global revenue, if the provider doesn't take abuse seriously. And - again, based on my understanding - this is exactly to prod big services to make these "safer, but less profitable" options.
EU continues its descent into an authoritarian surveillance state. I hope all the EU netizens wake up and realize how much more control the EU has been exerting over its citizens since the pandemic.
Covid restrictions were significantly worse in the EU than USA, your government locked you all down and made it clear that they decide who works and who doesn’t. To be clear, the USA has some awful cities with those types of ideas too but it was far more rare. EU, Canada, and Australia showed they are teetering towards authoritarian surveillance states more than they are democracy. The more people put their head in the sand and justify these actions with the talking points they receive from the overlords, the more the water starts to boil.
Next time you want to stay home destroy economics and life of millions of people please don't drag us with you -[1] "lockdowns have had little to no effect on COVID-19 mortality"
"The price tag of lockdowns in terms of public health is high: by using the known connection between health and wealth, we estimate that lockdowns may claim 20 times more life years than they save."
"Numerous deaths can be attributed to the interruption of normal social life and routine regular social interactions. The direct factors are [25,26]:
increased mortality due to postponement of diagnoses and routine treatments
increase in mortality due to non-arrival at hospitals
increase in mortality due to a decrease in the level of income and as a result—use of less safe cars, reduction in the scope of physical activity, etc.
“deaths of despair” caused by drugs, alcohol, and suicide following loss of social-economic status
increase in violence, including domestic violence; dismantling of families
severe health damage to the elderly in particular—physical and mental deterioration (usually irreversible) due to loneliness, lack of movement, and routine supportive care."
wasn't there a specific lobbying group pushing for this kind of legislation in some places (connected to the makers of software for this type of scanning)?
Once implemented it would be just a matter of time until they advance the features of this with image scanning and of course active actions like taking control over your device with a warrant obtained digitally.
In addition to usual communication, everyone should just start spamming as much as possible of "content" generated with GenAI. Good luck sorting through all that nonsense.
"... As services which enable direct interpersonal and interactive exchange of information merely as a minor ancillary feature that is intrinsically linked to another service, such as chat and similar functions as part of gaming, image-sharing and video-hosting are equally at risk of misuse, they should also be covered by this Regulation. "
https://cdn.netzpolitik.org/wp-upload/2024/05/2024-05-28_Cou...
Arguably North Korea since their RedStar OS had a kernel module that scanned all files and text looking for keywords like 'torture'. And if you're being compared to one of the most brutal and isolated dictatorships on Earth, things are not good.
The justification is obviously a lie anyway. If CSAM were such a huge concern, you wouldn't have member states where distributing CSAM is about as severe of a crime as theft, which is the case in Germany.
Surely the first step would be to have actual significant criminal charges for these crimes in all member states.
self hosted chats included? ;)
.
.
It's a big framework to push the industry to have more "parental controls".
Everything is covered, but there the actual requirements make sense. See page 45.
It's still bad, because it's extremely tone-deaf (and playing with fire is bad), but it's written by and for policy idiots, who live in Word documents, and (un)fortunately rarely have contact with the outside world.
https://mastodon.world/@Mer__edith/112535616774247450
Seems like a good thing. If nothing else works at least that might bring some attention to this nonsense..
And so, 96% of people now think Signal is evil.
The overwhelming majority of people living in the EU won't really care or even notice this new law/directive/(?) because they don't really pay any attention to what the EU is doing but yeah for most of of the remaining ones that will probably suffice.
They'll just be blocked from the app store for EU users and their user base in the EU will drop to near zero within a year.
They are not somehow bluffing or threatening this simply to try to change the law. It's a principled stance that they simply cannot provide E2E encrypted chat under such conditions. So either they break their protocol in which case their claimed offer would be a lie, or they leave.
Seems like the only choice they have, really. Also, by "leave EU" I'm pretty sure they mean not offer their app in the EU, so yes I think they expect their EU user base to be zero in this scenario.
There are already anti-circumvention mechanisms built into Signal to facilitate use in places like China and Iran, so they've shown no interest in compliance where that goes directly contrary to their mission. Should they be removed from the App Store in Europe, I imagine they'll work on making use of the EU's own push to open iOS up for alternative app stores / PWAs. (It's clear that the EU is unhappy with Apple's current take on compliance, so we can expect that to open up further.)
That's not to say that the present proposals aren't already bad enough.
The hardest to convince would be Whatsapp, but I think that Zuckerberg is one of the few big tech CEOs that still has principles, at least sometimes. I think it could happen.
"Still"? I'm not aware of a time when he's publicly shown any sort of principles.
Google or Microsoft would just give up data of their users at the first request to avoid a ban.
Sure, Meta can't * do it because of E2E, but that alone is much better than what Google does.
* without pushing a malicious update.
And I believe that is exactly what the court was demanding they do. Push an update to uncloak the users that the court determines should lose their privacy.
Hint: I'm taking Simons' role in this: They won't drop to zero.
Can GrapheneOS prevent detection of somebody sideloading Signal?
Large organizations will always try to grow in size and power.
We need some sort of human right for digital privacy to make this sort of thing illegal.
Hopefully with more tech-savvy generations gradually taking power, this will happen without too many painful lessons.
Did we though? Unfortunately outside the US and a handful of other places free speech doesn't seem to be valued that much, often it's even viewed as a threat (and I'm not talking about authoritarian regimes). It's a double-edged sword to be fair, enabling misinformation and chaos.
Can you convince me of this? Because it's not my impression.
American freedom of speech aka "you can literally be fired and see your life ruined for having a political opinion but you won't go to jail so be thankful"
I think one of the main problems "free speech absolutist" have is that they chose such an awkward phrase to self-identify themselves. The word "absolutist" is so unambiguous that it implies that seemingly no one would qualify for it besides true loons which makes the whole idea easy to dismiss.
When you really get down to it, almost everyone supports some type of restriction on speech. This should be especially apparent when discussing legislation like this in which the goal is preventing the distribution of child porn. How can a "free speech absolutist" be okay with a government making certain images and videos illegal to share? Wouldn't a true absolutist fight for people's right to distribute child porn?
The ambiguity of "absolutist" ends up making any reasonable "free speech absolutist" debate the meaning of the word "speech". Suddenly things like child porn, defamation, threats, fraud, and/or the location of Elon Musk's private plane need to be debated as whether they qualify as "speech". The chosen phrase necessitates that the "absolutist" need to weaken the idea of "free speech" in order to seem reasonable. Which in turn makes people who are ostensibly pro-free speech start to question whether something like hate speech should even qualify for free speech protections.
So a "free speech absolutist" either needs to argue some truly extreme views like why child porn should be legal or they weaken the overall pro-free speech side of the whole debate.
Without responsibility there is no free speech. Making bunch of regulations, collective guilt etc. wont learn those few abusers why their actions might harm others.
separately, you say, 'I think it is fundamentally dishonest to point to a Pulitzer Prize winning photograph as any sort of representative example of "child porn".' however, the thing you think is dishonest is something you made up, not something i said, suggested, implied, or agree with
So the free speech absolutist groups got infiltrated by those that wanted to dog whistle and (almost) never tailored arguments to those who were strongly opposed; and worse, those who need free speech the most.
The same often goes for encryption. And we have to deal with adversaries that are willing to straight up lie and promise things that sound nice and sound accurate (things that follow when using basic logic but don't if nuance is incorporated). There are no universal optimas, things with no downsides/costs. But most importantly we have to tailor arguments to audiences, not expect them to be just taken and understood like we do. The priors are different and their objective functions may be different as well. So often people will argue what they think is most important to fall of deaf ears because people don't consider that thing important (at least in context).
How about just political opinions? How quickly we forgot "free speech zones." This is the government actually limiting public speech in the USA.
https://en.wikipedia.org/wiki/Free_speech_zone
BTW, I am not for this regulation in any way. I just don't see the connection to hate speech.
Really because all the people I've seen who bitch about both the lack of their freedom to speak and of being accused of hate speech never shut up, in fact it's seemingly their entire career now to make public appearances at venues and complain about how silenced they are, into hot microphones, for an audience.
https://xkcd.com/1357/
I’m also in this camp and have been down-voted into oblivion many times for just saying something like “I disagree with what you say but I will defend to the death your right to say it”.
It’s not fun to be a defender of truly free speech because you get painted into the same camp as the bad guys.
If you disagree with me on major issues, I will defend your right to state that. But if I find myself in a place full of hate, be they nazis, or tankies, or whatever, I leave and don't come back.
And turns out very few people want actually free speech. We're in a forum with strong moderation and the discussion is better for it. Most communities self-enforce norms even without central moderation. There's no easy answers when you have to reckon with the real effects speech has. Germany wasn't special, they weren't even alone at the time. What folks call "fascism" naturally precipitates under the right conditions and I can't think of any time in history where it's been dealt with by the socratic method and not violence of a kind.
But once you have a word you can accuse someone of with actual repercussions folks acting in bad-faith try to fit people they don't like into the mould. We think ourselves so much better than those silly puritans accusing people of witchcraft but we just changed the words. I'm sure you could name five off the top of your head that people level without any kind of justification.
In real life on the other hand I want to be able to say stupid things and even if I might be more sensible to others' "hate speech" I would not want that to be banned.
Big online forums with any kind of global popularity already have an inherent problem despite the moderation, not because of hate speech but because of ragebait and other forms of grifting. Especially with anonymous users.
Firstly, that Germany's descent into fascism and anti-semitism were both helped by the lack of free speech. Blasphemy laws prevented the anti-semitism preached from the pulpits to be challenged, and hate speech laws actually helped the Nazis publicise their movement[1].
> Rather than deterring the Nazis and countering anti-Semitism, the many court cases served as effective public-relations machinery, affording Streicher the kind of attention he would never have found in a climate of a free and open debate. In the years from 1923 to 1933, Der Stürmer [Streicher's newspaper] was either confiscated or editors taken to court on no fewer than thirty-six occasions. The more charges Streicher faced, the greater became the admiration of his supporters. The courts became an important platform for Streicher's campaign against the Jews.
As to norms, they can be self-enforced because free speech allows such a choice, otherwise it would be the case that those norms were imposed or not even available. Most likely, they'd be someone else's norms.
[1] https://www.newyorker.com/news/news-desk/copenhagen-speech-v... Interview with Fleming Rose about his book.
Free speech absolutism is also known as 'Meiklejohnian absolutism' which pertains to the 1st amendment with a particular opposition to the liberal interpretation of 'clear and present danger'. Heather Lynn Mac Donald is prominent person who holds similar views on speech and she makes the case that calling for end of Israel is protected free speech since there is not a 'clear and present danger'. The people calling for that genocide are presently unable to carry it out. It's actually one of the things I agree with Claudine Gay about. The problem in Harvard's case is that it's selective free speech but that is a different issue.
The liberal interpretation of the 'clear and present danger' carve out for the 1st amendment is the reason why there is so much emphasis on tying speech to violence. This is why safe spaces must be created where views that could make things unsafe are not permitted. For example, misgendering people could cause them to commit suicide therefore you are in effect murdering people with your words. It's a total stretch of the 'clear and present danger' but it is done at such a scale that is has been effective.
The last thing I fought against was the removal of The Daily Stormer from the internet. I figured it set a bad precedent which was sure to be abused. Once services have signaled that they can be swayed then immense pressure would be brought to bear to sway them further. Another reason is that I think it's important to hear what people say instead of what some people say about what some other people say. I think the Taliban and ISIS should also have websites. I also figured it was very counter productive. If you're going to do it once, fine, but don't keep doing it. By first forcing the most extreme people out of mainstream and onto alternate sites the character of those sites will change to be more extreme. By subsequently forcing less extreme people out of mainstream these people have no where to go except for the already extreme sites where they will be outnumbered and they will see the existing extreme views as the new consensus. Slowly salami-slicing the mainstream fosters the creation of a large and very extreme population which is extremely counter productive. A similar effect can be seen in prison populations where many people who go to prison are forced to join dangerous gangs for their own protection and instead of becoming rehabilitated they become far more dangerous than when they went in.
I think cynical political operatives knew this and did this intentionally as part of the 'pied piper' strategy where the 'basket of deplorables' needs to both be large and unpalatable to the rest of the population in order for that group to be effectively disenfranchised. The problem is when that basket gets too big and is no longer able to be disenfranchised and instead elects the pied piper president. I think Q-anon is an soviet style 'Operation Trust' that basically sent a substantial portion of the population insane - intentionally. One would think that they would have learned their lesson the first time when Trump got elected, but having succeed the second time they're going to try for a third time. This whole process is immensely damaging. Even now the attempts to destroy Trump are counter productive and instead helping him.
My primary concern is for the health of the middle class and I worry about mass immigration undermining that. I say this as an immigrant with the understanding that I would be personally worse off were it not for immigration. I think those in the middle class have legitimate grievances and ignoring the issue of mass immigration and deriding those opposed to it as hateful bigoted stay at home xenophobes has lead to the success of populists parties. Attempts at disenfranchising those populists parties with coalitions has only delayed the now seemingly inevitable.
I'm vehemently against hate speech laws, they start out as hate speech modifiers and through that simple existence now require the courts to establish thoughts through invasions of privacy. I think this rises to the level of thought crime in effect and is of course very Orwellian. Once the notion of hate speech crimes has been established it was just a matter of time before legislation makes it official, if not at the federal level then at the state level. I think the new 'anti-Zionism is antisemitism' conflation in combination with 'antisemitism is hate speech' in effect now makes criticism of Israel illegal, it'll be interesting to see how that is enforced as it's such a ridiculous notion. Predictably the left is now on the receiving end of the very policies there were instrumental in establishing. They have been hoisted by their own petard.
The attempt to stamp out 'hate' makes as much sense as the Soviet attempts in their creation of the 'New Soviet man' free from 'greed'. There are already proposals to stop companies from being 'greedy' though legislation.
I find it rather interesting that Popper's paradox espouses the idea that one must be 'intolerant of the things that threaten tolerance' sounds really similar to George Lincoln Rockwell's philosophy of 'you must hate the things that threaten what you love.' In both cases giving people license to do what they wanted to do anyway.
For me the battle is over, limited to posts like this, my focus these days is to avoid the crushing of the middle class by being as economically far away from the middle class as possible.
[0]: https://news.ycombinator.com/newsguidelines.html
The government should not make any speech illegal on a federal level, but individual private businesses or websites (like HN) can still decide what's tolerated on their property.
And the corollary -- I believe in free speech but there are some people I'll never listen to, even though I believe in their right to speak.
https://opentodebate.org/debate/mock-trial-murthy-v-missouri...
The first debater said it was okay because the companies complied voluntarily. I found myself at first nodding along.
Then, at least for me, after hearing more arguments I was like, "okay, she's basically saying if President Trump calls Musk and says (please censor anything pro-Biden)" that's fine as long as there's no "or else". To me it seemed wrong for that to be ok.
The other debater also pointed out that even if there was no explicit "or else" the twitter files made it clear the people there thought there was an implicit "or else".
It's a hard problem.
Many free speech absolutists would agree that Hacker News should not be compelled to publish off-topic or rule-breaking discussions any more than a cake shop owner should be compelled to sell you a cake displaying a message that the cake shop owner doesn't agree with.
https://en.wikipedia.org/wiki/Masterpiece_Cakeshop_v._Colora...
https://en.wikipedia.org/wiki/Lee_v_Ashers_Baking_Company_Lt...
The early internet was like a race track for experienced drivers. Nowadays even kids are allowed to participate so all cars are heavily speed limited, with soft bumpers and a huge framework of regulations and protections.
That's fine in itself, but more importantly (to the point) it doesn't mean that pure race tracks should be banned. That's where all the interesting stuff happens.
The entities that need to be circumscribed need to enforce a law that circumscribes themselves? Those incentives do not seem to align to form a stable structure.
There's a strong and widespread expectation among many that it's morally imperative for them to be able to elect their own government. So any moves by the government to limit this will be met by fierce resistance.
If a similar idea existed about privacy, these sneaky moves wouldn't be feasible and would leave a bad taste in the mouths even of the perpetrators. Unfortunately, many among us are of the "But I've got nothing to hide" persuasion.
That's not really true as far as it comes to the EU though? The EU parliament has always been a joke with limited power (both because of structural reasons and because most of it's members are clueless and extremely easy to influence) and besides that the EU population has no way to exert any direct influence on EU policies (they could do that through the council but they'd have prioritize the EU over domestic issues when voting in national elections which will never happen)
https://en.wikipedia.org/wiki/Internet_censorship_in_the_Uni...
The second your only recourse against authority is to politely ask it not to do something bad to you (maybe, for instance, on a piece of paper with multiple choice questions), you have no real autonomy.
WalMart is the largest private spender in the world at around ~$400B per year. The US Federal Government alone spends >$400B per month...
That doesn't even include state and local governments which basically doubles that.
I could easily see a self-employed Google user who decided to cut all ties with Google basically having to build a new life from scratch.
This already exists in the EU, the EU charter of Fundamental Rights https://fra.europa.eu/en/eu-charter/article/7-respect-privat.... states "Everyone has the right to respect for his or her private and family life, home and communications", however it seems to have been ignored.
That's how you get another level of super-government, i.e. one more tyrant in the chain
Historically the circle breaks only with revolution and violence .
Maybe checks and balances would work as a system, but the EU has neither
This sort of rhetoric is dangerous.
> Maybe checks and balances would work as a system
It does seem to be working well in America.
How?
For governments.
> It does seem to be working well in America.
They say ignorance is bliss.
Ahh yes, because only government officials die in war.
> They say ignorance is bliss.
Who's ignorant?
I vouched for it myself, by the way.
The administrative budget of the EU should be cut by 3-4x times and the money should be spent on something more useful because clearly they are out of control and have nothing better to do. While we're at turning Belgium into something like DC and disenfranchising their government/people living there wouldn't be the worst idea since they clearly have been co-opted into propagating this nonsense.
That is to say, megacorps have way too much power and access and this must be globally curtailed. To achieve such a goal the EU cannot be going forward with these changes that put more power into the hands of megacorps who will have no problem complying, as they do in China.
EU politicians should keep their over inflated salaries, and stick to what they are good at. Meeting with Google and Microsoft lobbyists at the best Brussels luxury restaurants.
I only make the point because the current EU is so far removed in scope from the initial post-WW2 version
The concept of the ECSC/EEC/EU as a political federation was always a goal of some small number of federalists (mostly in the beginning communists who were imprisoned on Ventotene during the war), but they didn't have any support for that from the people of Europe themselves, which is why the history of the EU is full of the people building it saying explicitly that they have to lie about their true intentions and can only expand its powers during a crisis.
Certainly there was absolutely no intent anywhere immediately after WW2 to create a political federation. Far from it.
“There will be no peace in Europe if the States are reconstituted on the basis of national sovereignty, with all that that entails in terms of prestige politics and economic protectionism. The countries of Europe are too small to guarantee their peoples the prosperity that modern conditions make possible and consequently necessary. Prosperity for the States of Europe and the social developments that must go with it will only be possible if they form a federation or a "European entity" that makes them into a common economic unit.”
Federation was always the goal and it was in direct response to WWII.
Yes and it was/is very successful at that. The overpaid and incompetent bureaucracy in Brussels seems to be mostly tangential if not detrimental to that.
Also to be fair your take is also very shallow and provides little value.
Wasn't that NATO (aka mostly the US)?
I think that one needs strong economic ties, but it seems to only truly work with democratic societies.
Economic interdependence is a deterrent against war, not an absolute barrier.
If you can easily swap trade partners for example, it's less of a deterrent. Which is one of the reasons why EU has gone beyond simple import/export agreements.
If a Member State is the victim of armed aggression on its territory, the other Member States shall have towards it an obligation of aid and assistance by all the means in their power, in accordance with Article 51 of the United Nations Charter. This shall not prejudice the specific character of the security and defence policy of certain Member States.
Commitments and cooperation in this area shall be consistent with commitments under the North Atlantic Treaty Organisation, which, for those States which are members of it, remains the foundation of their collective defence and the forum for its implementation.
The previous Portuguese PM António Costa, who had to resign amid a corruption inquiry...Has just been announced today for an EU role that will triplicate his previous annual salary as Portuguese prime minister
"Portuguese PM António Costa resigns amid corruption probe" - https://www.politico.eu/article/portugal-prime-minister-anto....
"Portugal's Antonio Costa expected to be next head of European Council" - https://www.reuters.com/world/europe/portugals-antonio-costa...
"...Costa's appetite for a top European position has been an open secret for years. In March 2022, amid speculation Costa was angling for a Brussels job, Portuguese President Marcelo Rebelo de Sousa warned him that he would call an election if he were to leave his post early..."
It is a graft and of the worst kind, and naive takes like yours is what led to scenarios like Brexit. It's a jobs for the boys organization and you are not part of the club.
The EU's mutual defense clause is an empty shell
Are you talking about the same EU that just passed the DMA? That must have been some really nasty food poisoning then!
If Chat Control goes ahead long-term that will outweigh any benefits DMA might have.
My bet is that they'll only allow "Trusted Partners" to interact with their network, and you'll need to sign a contract with one of these partners to connect to WhatsApp. This contract will have pretty much the same terms as signing up with Meta directly.
No they should be kept accountable for their actions and the money they waste. Currently there is no mechanism for that, but i m sure hordes of them would quit if we made one
Only this isn't something which can be solved by technical measures without abandoning "Liberté, égalité, fraternité". This is something for China/Russia/Iran/North Korea/England, not France.
I sent something I composed myself, but this template looks good if you need inspiration.
https://nextcloud.pp-eu.eu/index.php/s/cwyRic7cC5zcfHk?dir=u...
It's really disappointing that Sweden are behind this as they have some extremely talented people only they aren't being listened to.
It's going to be awful not having Patrick Breyer reporting these activities.
Really his snide at the right gaining traction in his post shows that he still doesn't get it.
I know there are alternatives to Facebook - I've pitched all of them to my friends, but people my age are still only on Facebook.
[1] https://cdn.netzpolitik.org/wp-upload/2024/05/2024-05-28_Cou...
Apple: Their CSAM detection system that was lambasted not too long ago[0]
[0] https://www.apple.com/child-safety/pdf/Expanded_Protections_...
The Apple system was pretty much the best way this could be done short of having a 100% reliable "AI" system on-device detecting bad stuff.
It wasn't 100% reliable and in fact people quickly found collisions. Which you should expect to be able to with an even more advanced system.
> Ahh, the Misunderstanding Olympics of 2021
There's much nicer ways to say this that is congruent with community standards[0]. If you believe I have misunderstood then try pointing out specifically what I have misunderstood instead of just making an assertion.
But the question was if anyone was aware of any client side scanning technology that could in fact check for stuff such as CSAM. In fact, the Apple system was developed explicitly for this purpose, so yes, this does exist. While Replay doesn't have this explicitly feature stated (that I'm aware of), it is not a big step to think that you can just smash the two things together. As Apple shows a system detecting based on images and Replay is taking images of one's computer.
[0] https://news.ycombinator.com/newsguidelines.html
They forgot that:
a) It required _multiple_ matches before it was mathematically possible for Apple to see any of the photos
b) AFTER the multiple matches to known and verified CSAM signatures there would be an actual human looking at the picture (at reduced resolution or something like that)
c) Only after the human factor they would consider getting law enforcement involved.
Now your fancy collision has slightly inconvenienced a minimum wage CSAM checker for 15 seconds.
Not exactly a master plan for getting people SWATed for CSAM possession =)
--
And the "Misunderstanding Olympics" was referring to the fact that I think I was one of 12 people in the world who actually read the specs of how the system was designed and didn't just imagine in my head how they might've done it and started panicking about "Tim Apple looking at every photo on my phone!!11".
It is about how such a technology can enable abuse. It does not matter if the technology is exclusively used for good if the harm it does if abused is too great. And we have plenty of evidence to see that irrespective of which country you reside in, that the scope of such projects typically widens. We also live in a global world and we are not exclusively subjected to the laws of our own governments. We don't have to go far back in history to see examples of the government turning on its own citizens. It is not just the US, it is not just German, not just Russia, not just China, but such actions have been prolific. I do not believe the is sufficient reason to believe your own government is incapable of abusing such power and I'd accuse you of lunacy if you claim that no government would seek to abuse it. Was not the US founded on the explicit principle of treating the government as an adversarial entity? Because if not, well then one of us must be illiterate, since Federalist 10 and 51 famously write this explicitly. Not to mention a litany of quotes by Jefferson.
So no, it is not a misunderstanding on my part as to the specs of the technology. Because the matter is about how much harm could be caused when such perversion happens. It is the understanding that the road to hell is paved with good intentions. That evil is not solely created by evil men seeking to do evil, but the unfortunate reality is that it is often created when good men are seeking to do good. Even under the best forms.This may be true, and yet it's also true that it was still a terrible plan. This is exactly why it simply shouldn't be done at all.
In the "think of the children" scenario the parents are incentivized to consent to some filter. (So they or someone(!!!) gets an alert if the boogeyman is talking to their kids, asking them to send nudes, or sending dick pics.)
See recital 13 on top of page 7 for the definition.
And see 17 on bottom of page 8 for this:
"To allow for innovation and ensure proportionality and technological neutrality, no exhaustive list of the compulsory mitigation measures should be established"
and
(page 46) "... measures shall be ... targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk as well as the provider’s financial and technological capabilities and the number of users; ..."
This is a framework. It seems to be coming from overly-anxious law nerds who can't stop thinking of the children. (And yes, this usually makes them a problem, because they're nigh unreasonable.)
It seem to be set up as a DIY thing for providers. And, again, for parents it makes sense, let your kids surf on the marked-safe-for-kids part of the Internet. (And nowadays kids really spend most of their time on (in!) certain apps, not in a web browser.)
The ugly part is that there are fines to compel the providers to adjust their risk metrics. (page 104, page 110 mentions max 6% of global turnover)
This clearly seems to be a softish push to assign a cost to internet ecosystems for online child sexual abuse.
On page 45 there are some requirements.
The provider needs to think about risks (but guidelines will come from authorities anyway), have some appropriate budget to actually work on this it the context of its own service, and then if it looks like there are problems it should spend money on remediation. (Ie. spend on content moderation, work with other providers in the industry, have a team and provide UX to notify that team, and allow users to limit what they share with others based on age.)
A pretty common example in my circle is parents taking pictures of baby rashes/pimples/blisters etc to send to family doctor or doctor friends.
It sounds like a situation where every parent with a toddler will end up on some list.
One page 17 section 28 says "... constantly assess the performance of the detection technologies and ensure that they are sufficiently reliable, as well as to identify false positives and avoid to the extent erroneous reporting to the EU Centre, providers should ensure human oversight and, where necessary, human intervention, adapted to the type of detection technologies and the type of online child sexual abuse at issue. Such oversight should include regular assessment of the rates of false negatives and positives generated by the technologies, based on an analysis of anonymised representative data sample"
and for the draft law language see page 60 which says that after the user reported something the provider forwards is anonymized to this new EU Centre, where there human verification has to take place.
So supposedly this means our tax will pay for folks to look at a ton of rashes and pimples.
Here's the only relevant section, which links to an article [1] that says only that discussion will continue on the 19th June:
According to documents leaked by netzpolitik.org, the COREPER 2 meeting in which they will put it [compromise proposal] to a vote will already take place on Wednesday, 19 June.
[1] https://netzpolitik.org/2024/anlasslose-massenueberwachung-f...
> If Chat Control is endorsed by Council now, experience shows there is a great risk it will be adopted at the end of the political process.
meaning: there will be little opposition to the proposal once it reaches the MEPs.
meaning: because the dust hasn't settled on the EU parliamentary elections, MEPs could vote without giving full attention to the law.
Call me an optimist, but I still hold hope that that's not the case.
Will TLS have to be redone with a third snooping party in the mix? Is that what we're going for here?
So regular folks would get scanned, but the bank's private messaging service isn't included. Just like the child pornographer's private messaging service won't be included either.
So app developers would be required to add code that will scan every message you send for "sensitive" content (which can be defined however the politicians like and be changed any time), and the app will report your message to the government.
https://www.patrick-breyer.de/en/majority-for-chat-control-p...
users can continue to run their own private stuff.
it seems this has almost nothing do with the organized sex crime stuff, it's about catching those lone pervs who realized they can send dick picks to minors all day.
see page 45 and 46 https://cdn.netzpolitik.org/wp-upload/2024/05/2024-05-28_Cou...
"... measures shall be ... targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk as well as the provider’s financial and technological capabilities and the number of users; ..."
[0] yes, amazing name, I know, I know, thank you
So whenever you send anything to example.com you also send it to government-snooping-service.org?domain=example.com.
And if you refuse to adjust your app you will get fined I guess.
Will curl have to self report every request? Lol...
Every client? Like will axios need to self report?
No, it's client side scanning - you have a database with bad material / a neural network trained to detect such material. Only when it detects a positive match, it will contact the government server.
For actual details in the draft see
page 45 and 46 ... https://cdn.netzpolitik.org/wp-upload/2024/05/2024-05-28_Cou...
...
"... measures shall be ... targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk as well as the provider’s financial and technological capabilities and the number of users; ..."
https://cdn.netzpolitik.org/wp-upload/2024/05/2024-05-28_Cou...
for more details on this thing see page 45 and 46
in general this is a framework to
- have big players to spend money, have a team that for this, and have effective "parental controls" (have more age-appropriatedness controls, more tagging options for users/content, etc)
- have an EU center that works on the technological part of the problem
Look what we got…
I am sure that no single implementation is as sophisticated as Apple had.
https://proton.me/blog/eu-parliament-chat-control
Preventing the spreading of CSAM is one of the key ideas behind the regulation.
I wonder what happens with pictures sent as base64 text blobs though.
Welcome all ye bards!
The relentless push, I feel may mean some American contractors are demanding their pound of flesh.
https://mullvad.net/en/why-privacy-matters/going-dark
They should be checking the bank statements of those on the EU payroll, and who are relentlessly pushing this. Make sure everything is above board.
Ahem what? Last I checked any EU country can veto anything on its own.
> Belgian EU Council presidency
It's Council of the EU, not EU Council, that's the heads of state who don't have any legislative role. But the Council only does inter-country treaties, how is this even their thing?
Only on certain topics, which have been narrowed down over time. For most areas (including something like chat control), it comes down to Qualified Majority Voting, which needs at least 55% of countries representing at least 65% of EU population.
https://en.wikipedia.org/wiki/Voting_in_the_Council_of_the_E...
Feels like they did this shit deliberately though, as it would never pass the Parliament for sure.
Other matters, notably foreign policy, require unanimity.
Some questions I have from reading Patrick's website:
- How do you even ensure a client is actually self-reporting? On-device attestation doesn't really work.
- As a provider of E2EE chats, should the client report to you or to a third-party (Who?)? If the client reports to you, you are now possessing CSAM. Since even possession of CSAM is illegal, how does that work?
- If a photo are flagged, will it appear in a GDPR access request?
see page 39 "5. Without prejudice to Article 10a, this Regulation shall not prohibit or make impossible end-to-end encryption, implemented by the relevant information society services or by the users"
https://cdn.netzpolitik.org/wp-upload/2024/05/2024-05-28_Cou...
see also page 46
"... measures shall be ... targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk as well as the provider’s financial and technological capabilities and the number of users; ..."
also, it's a big framework without any tech requirements (see page 8 recital 17)
> Only non-commercial services that are not ad-funded, such as many open source software, are out of scope
> How do you even ensure a client is actually self-reporting?
This is an interesting technical question whether or not it's covered by the actual proposal. How do you ensure that Messenger for instance is
1. actually doing the reporting, and not someone simply bypassing the app to keep sending e2ee chats without them being client-side scanned. That would most likely be against ToS and accounts would maybe get banned if doing so
2. prevent against spam reporting, where someone could basically DoS the reporting service with false positives
> If a photo are flagged, will it appear in a GDPR access request?
There are a bunch of dispositions in the draft concerning personal data protection (ctrl+f personal data to find the relevant articles). It also states pretty much everywhere that processing should be done in accordance with Regulation (EU) 2016/679, more commonly known as GDPR.
[0] https://www.patrick-breyer.de/en/posts/chat-control/
What really bugs me though, is this:
> Having regard to the availability of technologies that can be used to meet the requirements of this Regulation whilst still allowing for end-to-end encryption, nothing in this Regulation should be interpreted as prohibiting, requiring to disable, or making end-to-end encryption impossible. Providers should remain free to offer services using end-to-end encryption and should not be obliged by this Regulation to decrypt data or create access to end-to-end encrypted data
I believe this was added as a request from France, which didn't want E2EE to be undermined by this proposal. However, the provider would need to "create access to end-to-end encrypted data" to report it to the EU Centre. Although the following article states that E2EE can still be used if you don't send images, videos and URLs, so I guess that's the compromise?
Sorry, I don't follow. Am I misreading something? To me the the quoted text says the opposite.
"Providers should remain free to [...] and should not be obliged by this Regulation to [...] create access to end-to-end encrypted data"
> prevent against spam reporting, where someone could basically DoS the reporting service with false positives
Yep, probably there's no way to do this. (Likely this whole thing will be a lot of money spent to realize this.)
Yeah me too. But how would the provider report CSAM content if they are not obliged to break encryption? I don't really follow the Regulation on that part.
It's a broad framework and - based on my cursory reading:
As far as I understand the point is have more of services like "YouTube for Kids", where you can give your kid an account and they can only see stuff tagged "kid appropriate" (and YT simply said we are going to be sure there are no bad comments, so there's no comment section for these videos - which hurts their engagement, which hurts profitability).There's a section about penalties and fines, up to 6% of global revenue, if the provider doesn't take abuse seriously. And - again, based on my understanding - this is exactly to prod big services to make these "safer, but less profitable" options.
https://dsa-observatory.eu/2023/02/21/the-dsas-crisis-approa...
Not to mention that under the DSA plattforms have to delete "misinformation" in a short time span, whatever that is.
"The price tag of lockdowns in terms of public health is high: by using the known connection between health and wealth, we estimate that lockdowns may claim 20 times more life years than they save."
"Numerous deaths can be attributed to the interruption of normal social life and routine regular social interactions. The direct factors are [25,26]:
increased mortality due to postponement of diagnoses and routine treatments increase in mortality due to non-arrival at hospitals increase in mortality due to a decrease in the level of income and as a result—use of less safe cars, reduction in the scope of physical activity, etc. “deaths of despair” caused by drugs, alcohol, and suicide following loss of social-economic status increase in violence, including domestic violence; dismantling of families severe health damage to the elderly in particular—physical and mental deterioration (usually irreversible) due to loneliness, lack of movement, and routine supportive care."
[1] - Are Lockdowns Effective in Managing Pandemics? - https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9368251/#:~:tex....