The EU Court ruled that “Backdoors may also be exploited by criminal networks and would seriously compromise the security of all users’ electronic communications. The Court takes note of the dangers of restricting encryption described by many experts in the field.” Any requirement to build in backdoors to encryption protocols for law enforcement agencies could also be taken advantage of by malicious actors.
The EU Court of Human Rights’ also builds on their acknowledgment that “mass surveillance does not appear to have contributed to the prevention of terrorist attacks, contrary to earlier assertions made by senior intelligence officials.”
As the EU Commision’s Chat Control Bill directly targets undermining secure end-to-end encryption, it now looks to be in trouble. In its current version, the Chat Control bill would require the scanning of content on your personal devices, including that which is sent via end-to-end encrypted messenger apps or encrypted email. At some point, providers would be required to either break this encryption to allow the scanning of content or scan content once it has been decrypted and is readable.
On February 13th, Europe received an early Valentine’s gift from the European Court of Human rights when they banned any laws that aims to weaken end-to-end encryption. This ruling is a major stumbling block for the EU Chat Control Bill, but does it really mean that Chat Control is dead? There are many reasons why Chat Control should never become law, we’ve collected the turn of events and steps you can take to help prevent this dangerous bill from ever being passed!
Knowing some of the fucks in the EU parliament it certainly won’t stop them from trying. It is very reassuring to know that the courts are aware of what fuckery some of the politicians are trying to pull and are actively moving to prevent the abuse from happening.
I don’t think the politicians who advocate for weakening of encryption see it as fuckery, but rather that they are “preventing terrorism”, “stopping criminal networks” and, of course, “working to prevent child sex abuse”. And so do the people who support them.
yeah, and they’re all wrong
Right, right. Sure.
And I was born yesterday.
Those are the arguments they use. Damn few, if any, actually believe those arguments.
Do you mind sharing what you believe they think they’re doing then?
The parliament has spoken against “chat control” as well AFAIK. The Commission, however, is probably still trying to find a way to eliminate privacy in whichever way they can.
FuckThank you EU fortakingprotecting our freedom and human rights.I think they made a mistake though, it’s not the EU court, it’s the European court, ECHR.
Yes but it’s mandatory to respect the European Court of Human Rights in EU. So it counts for all of EU. But not for instance UK.
Why not for the UK? It’s a founding member state.
The court has jurisdiction amongst the member states of the Council of Europe which includes almost every country in Europe except for Vatican City, Belarus and Russia.
I am pretty sure part of Brexit is that it allows UK to not follow the court orders. Because they already have practices that are contrary to it, for instance on surveillance. But It’s a requirement to be a member of the EU. So there is no longer anything AFAIK that can punish UK for not following the court. In this regard UK was already, when they were still a member of EU, in conflict with these conditions.
As I understand it, this European Court of Human Rights has nothing to do with the EU.
This article is about the international court of the Council of Europe (not of the European Union). For the EU’s judicial branch, see Court of Justice of the European Union. For the supreme court of the EU in matters of Union law, see European Court of Justice.
Everybody and their grandma is in the Council of Europe, except for Vatican City, Belarus and Russia. And the UK was a founding member of the Council of Europe, so their leaving the EU shouldn’t change a thing regarding this court.
That is so typically Swedish, to mix up the words “take” and “make” when talking about decisions. You make decisions in English, whereas you take them in Swedish.
It’s not Swedish specific though. In French it’s the same, you “take” a decision
Yeah, most western European languages actually.
Dutch, French, Spanish, Italian… Though most of these languages alternate between “taking a decision” and using a form of “to decide”.
German seems to be the exception. They just had to be different. Guess that’s that German precision for ya, they have to “hit their decisions” otherwise they won’t count.
I’m German you “hit” a decision.
You could also “meet” it or “wrestle through to” it.
I’m Dutch and we “come to” a decision.
We nemen een besluit, we komen tot een overeenstemming.
Huh. Misschien zat ik vast in een Dunglish vertaalslag.
Edit: Snelle Google laat zien dat we zeker later tot een besluit kunnen komen. We laten ze ook af en toe vallen. We nemen, geven en breken deze ook.
We also take decisions. “Besluit nemen”. But we also make them… “Een keuze maken” (though this is a different noun, more akin to choice, so I don’t know if it counts). Our language is weird.
We also “drop” decisions, which means the total opposite of what you would think.
It means a decision has been made.
Greek also.
Making me wish I lived in the EU right now
he’ll yeah
Damn right he will! Wait, who again?
rip to the blokes in brexitland tho
Obviously IANAL but I suppose this arguement can be used in UK courts citing the European court
I’m not so sure it was obvious you ANAL.
;)
The ECHR is separate to the EU.
Those who don’t believe in autocorrect will go strait to he’ll
Those who don’t believe in autocorrect will go strait to he’ll
Does this affect secret services too?
Good question, it absolutely should, since they say secret backdoors compromise security for ALL users.
Unfortunately many governments seem to think it’s OK for secret services to break the law, and work beyond grey areas. I personally believe they should operate within the law, but for some reason most people seem to think that’s an unsustainable model. ???Anyone remember when the NSA knew about Eternalblue?
The NSA did not alert Microsoft about the vulnerabilities, and held on to it for more than five years before the breach forced its hand.
An organization formed for national security doesn’t give a shit about software vulnerability that can threaten national security.
It’s as I’ve been saying for a long time, most of these secret agencies are rotten at the core.
Once I thought we were better (Denmark). But Snowden showed we are not, they even threatened to prosecute a defense minister on national security charges, for mentioning things Snowden had already revealed. This was police and defense intelligence backed by administration of the government.
And Denmark is supposed to be one of the least corrupt countries in the world!!deleted by creator
The ECHR ruling is good news (and there was already a post about it in this community and many others, a week ago, from a reputable publication), but this post about that news is actually spam for a company selling a snakeoil privacy product thinly disguised as news.
It’s worth taking note of the details of the court’s ruling in the context of Tuta’s architecture: this ruling specifically is not about when police demand that services like tuta use their capability to bypass encryption for specific users, which the architecture of services like Tuta very conveniently makes easy for them to do. Instead, it is about when authorities try to mandate that better-designed systems move to a tuta-like architecture to make targeted surveillance easy. Which makes Tuta’s use of this particular news for advertising purposes even more disgusting.
Backdoors may also be exploited by criminal networks and would seriously compromise the security of all users’ electronic communications.
Yeah, and usually those “criminal networks” are, in fact, governments.
It’s still funny how that almost stereotypical harmless clueless kind of Europeans (trusting into making everything safe with more laws) somehow got to actually making laws, and those laws do seem like made not by clueless, but rather quite malicious people.
For once, it seems like the right people were involved in this resolution.
What the court says is a pretty standard opinion in cybersecurity, you can’t have “safe backdoors”. We could have had some lobbying bullshit like the usual but this time the common sense won.
ECHR is not the EU, is not affiliated with the EU, and ultimately we’ll see if the EU cares.
So no competent people managed to shoot down that law inside EU institutions until this decision by a court which is not EU.
AFAIK every member of EU is also member of ECHR, so even if EU doesn’t care, each member does.
States often ignore their obligations. As I said, we’ll see, EU member states usually are more modest in this regard.
there is no “stereotypical European”. It’s not even a federation like U.S.
Consider the differences between somebody from California and Texas. And now, consider the differences between somebody from Hungary and Holland or Greece and Germany.
Not even a common language!
After Brexit there’s no justification for speaking English yet they mostly communicate in English.
After Brexit there’s no justification for speaking English yet they mostly communicate in English.
Republic of Ireland is still an EU member, so the EU is still obligated to treat it as an EU language.
Also, the EU is quite rational and english isn’t going anywhere even if Ireland bailed since it’s the lowest common denominator as far as foreign languages go.
a) why won’t the Irish too stop using “the lowest common denominator” and speak, you know, Irish?
b) i guess Irish is one of the official languages of the EU because of Lithuania?
c) thanks for pointing out the obvious
d) https://en.wikipedia.org/wiki/Muhlenberg_legend
e) none of the above
I kinda intuitively excluded Hungary, Poland, Greece etc and imagined sporty grannies talking about regulating IT.
Hungary is the exclusion.
Poland is back in and Greece in EU was never in that reactionary, backward group.
Greece in EU was never in that reactionary, backward group.
So why’d you say that? Doesn’t click with anything I meant, if that’s not clear, and you are not reading my thoughts.