Hacker Neue

Preferences
worldsayshi parent
How is VPN supposed to work? How are internet banks supposed to operate? All security will go out the window? Backdoors everywhere?

Will TLS have to be redone with a third snooping party in the mix? Is that what we're going for here?

WhyNotHugo
The draft specifies (in page 3) that this is only for publicly accessible services: https://cdn.netzpolitik.org/wp-upload/2024/05/2024-05-28_Cou...

So regular folks would get scanned, but the bank's private messaging service isn't included. Just like the child pornographer's private messaging service won't be included either.

t0bia_s
I want reviewed studies that clearly show how much CSAM is send by those public available services. There are none based arguments for making this regulation. Just spreading a fear and public guilt.
Dig1t
Client side scanning is going to be required, it doesn’t matter if you’re on a VPN if your device is self-reporting.
gpvos
How would my device be (self-)reporting?
Dig1t
>End-to-end encrypted services such as Whatsapp or Signal would have to implement the automated searches “prior to transmission” of a message (so-called client-side scanning, Article 10a).

So app developers would be required to add code that will scan every message you send for "sensitive" content (which can be defined however the politicians like and be changed any time), and the app will report your message to the government.

https://www.patrick-breyer.de/en/majority-for-chat-control-p...

gpvos
Okay, so not the device but the Signal app, as I already understood.
pas
Based on this proposal the strategy is

  - providers spend money on having a counter-abuse team
  - providers and authorities cooperate to identify risks
  - providers implement proportional controls based on the risks
so if Meta/Signal/etc comes up with something they implement it

users can continue to run their own private stuff.

it seems this has almost nothing do with the organized sex crime stuff, it's about catching those lone pervs who realized they can send dick picks to minors all day.

see page 45 and 46 https://cdn.netzpolitik.org/wp-upload/2024/05/2024-05-28_Cou...

"... measures shall be ... targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk as well as the provider’s financial and technological capabilities and the number of users; ..."

gpvos
Okay, so "app", not "device". I was wondering which other app or part of the OS would do that, since obviously Signal won't implement it.
pas
I guess it's stuff like setting up a "kid watcher app"[0] and it helps parents, etc.

[0] yes, amazing name, I know, I know, thank you

worldsayshi OP
All legal apps have to be self reporting I guess...

So whenever you send anything to example.com you also send it to government-snooping-service.org?domain=example.com.

And if you refuse to adjust your app you will get fined I guess.

Will curl have to self report every request? Lol...

Every client? Like will axios need to self report?

pantalaimon
> So whenever you send anything to example.com you also send it to government-snooping-service.org?domain=example.com.

No, it's client side scanning - you have a database with bad material / a neural network trained to detect such material. Only when it detects a positive match, it will contact the government server.

pas
Providers, not individual apps.

For actual details in the draft see

page 45 and 46 ... https://cdn.netzpolitik.org/wp-upload/2024/05/2024-05-28_Cou...

...

"... measures shall be ... targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk as well as the provider’s financial and technological capabilities and the number of users; ..."

pas
VPN continues to work, see top of page 39

https://cdn.netzpolitik.org/wp-upload/2024/05/2024-05-28_Cou...

for more details on this thing see page 45 and 46

in general this is a framework to

- have big players to spend money, have a team that for this, and have effective "parental controls" (have more age-appropriatedness controls, more tagging options for users/content, etc)

- have an EU center that works on the technological part of the problem

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal