Unbelievably stupid. Horrible overreach of government power.
In the USA our founding fathers wrote the constitution to limit government, not citizens. For sure, we have strayed away from this ideal, but things here are not as bad as apparently they are in the EU.
designerarvid · 8h ago
One of the main politicians behind this is Swedish Social Democrat Ylva Johansson[1]; coming from a party with a long history of political surveillance[2]. Unlike East Germany, Sweden has never “dealt” with this past. She thinks this is how it should be.
Read the USAs "Communications Assistance for Law Enforcement Act" of 1994, it may change your mind. An FBI document from 2021 foiad by the property of the people org shows the FBI abilities to get information from encrypted messengers, which, simplified, shows that end2end encrypted services run by american corporations have backdoors for the american government. Which surprises no one, except patriots who never heard of the patriot act of 2001.
dexterdog · 7h ago
So is Meta committing fraud when claiming in it's policies that it has no access to user e2e data?
mcbrit · 7h ago
I can drive several large trucks through that sentence while answering no, so: no. There are so many ways to create a no there is an important point.
Related: you are in an audit. The auditor asks you if you know what the time is. Correct answer: yes.
moritzwarhier · 1h ago
What?
I think you want to make a point about the use of the word "fraud", or about the exact wording in Meta's claims, or about legal exemptions when it comes to law enforcement, or about other ways to access data wirhout breaking encryption (e.g. on-device compromise), but your exact point is unclear.
Last I read their lingo, it was clearly communicating to the user that messages would not be accessible to Meta.
I'm not claiming this would be true, but your comment would make more sense if you pointed put what exact flaw in the parent comment you mean.
Like, is it because law doesn't apply to Meta, or because of a loophole in their wording.
Or was it just meaningless cynicism? What's the point of the trucks?
AlecSchueler · 1h ago
You're sending out masked gangs to grab people into vans to be trafficked overseas without due process or oversight. But sure, it's the EU with the overreach issues.
I don't understand why they keep trying this over and over. It can't possibly be a moral crusade as it keeps happening with different players, but I don't understand the purpose.
We now live in a world where the opposite routinely happens: a crime happens, you give the police access to Apple or Google's Find Device / Find My data, they throw it in the trash. Law enforcement has more data to find and procecute criminals than they have time. People get scammed out of money by the thousands every day, over the phone, an insanely easy system to tap and trace. No one gets arrested.
Who is actually repeatedly pushing for things like these within the EU? For what purpose? What crimes went unprocecuted because of the unability to perform mass surveillance like this? It seems that all the time, when law enforcement actually cares about, it's trivial for them to get evidence? So why does this keep popping up every year?
vasac · 8h ago
You know the answer, you’re just not comfortable saying it out loud.
disruptiveink · 7h ago
I really don't, what is the answer? I assume higher ups at law enforcement, who are detached from the day-to-day operations, make up excuses about "end to end encryption being a challenge" because it's a meme, much like execs in our fields parrot "challenges" to boards and VC investors that are often fully removed from actual execution issues.
And then because it comes up in slides so much at that higher level, politicians actually start thinking that's why we haven't solved all crime, our guys are competent and clearly they're not understaffed, it's that pesky "not being able to break end to end encryption" that is preventing law enforcement from doing their work!
123yawaworht456 · 4h ago
>It can't possibly be a moral crusade as it keeps happening with different players, but I don't understand the purpose.
it's not a moral crusade. they don't give a shit about children. they don't give a shit about crime. to the people in power, crime - even the most heinous kind - is just background noise. the laughably short sentences given to the perpetrators of the most heinous crimes in the EU/UK reflect that.
mass surveillance is a means to identify and suppress dissent.
the people in power care only about maintaining it. it's that simple. and once you acknowledge that, it will finally make sense why the US/EU/UK are implementing the same measures that China and Russia do.
immibis · 6h ago
That's pretty much exactly why. The EU is structured in a way where various groups keep proposing things and the elected representatives keep voting against them. There's no law saying they can't keep proposing the same things that keep getting rejected, so, they do.
We have this exact same post multiple times a year, where an EU body proposes a bad encryption law and everyone gets angry about how authoritarian the EU is. And then everyone forgets about it before the elected representatives get to vote on it and they vote to reject it, but that doesn't get to the front page so it doesn't give everyone the opposite emotions.
Also, end-to-end encryption is a challenge to law enforcement - idk why you think that's a meme. If they could just spy on all citizens 24/7, they could solve crime so much more easily! (Now that's a meme)
rusk · 6h ago
I’d imagine there’s a lot of money chasing around the lobby and some of it just slushes into things like these. Easy passive income when you think about it.
Metalnem · 9h ago
It's sad to see Europe's influence fading, and instead of investing in innovation, politicians are focused on stripping even more freedoms from their citizens.
mystified5016 · 8h ago
That's pretty much all the major governments these days. Globally we're sliding back to authoritarianism, likely as a prelude to WWIII
miohtama · 9h ago
When privacy is criminalised, only criminals have privacy.
Also a state where a police makes the laws is called a police state.
For example, East Germany was a police state, so Europe has a rich history on the topic.
Jon_Lowtek · 7h ago
a rich and fascinating history. If i may recommend a wikipedia article: "Cabinet Noir", which includes: "by the 1700s, cryptanalysis was becoming industrialized"
leakycap · 8h ago
Wild that Marshall McCluhan prophesied all of this before the technology to achieve it was around.
He got the message out there, we just didn't listen.
So how will this work, if this becomes law? Ok, I understand whatsapp and signal and whatnot will have to change their code inorder to be able to provide cleartext messages for the goverment.
But there are other, maybe less known apps. Will all github repos that try to achieve e2ee be shut down? Won’t such apps just move to Tor?
immibis · 6h ago
We can compare it to anything that's already illegal, like distributing child porn for example. What do you think happens to github repos that distribute child porn? Won't they just move to Tor? Enforcement of one illegal bitstream is the same as enforcement of another illegal bitstream.
m00dy · 8h ago
The EU just doesn’t have the tech muscle to make this happen now or ever. They’re pros at cranking out regulations, but when it comes to the actual tech know-how, they’re kind of out of their depth.
jmclnx · 8h ago
I was thinking the same. Plus who cares, I or probably most people here can encrypt their own data. If I were ever to send things to the "cloud", it would be encrypted on my local system first by me before uploading it.
If this is enabled, all they will get to see is LOL cats, data they would really want to see will still be invisible to them.
wuschel · 3h ago
Could someone with strong background in this area perhaps shine a light on this?
Is this essentially the EU empowering its constituent nation states to deeply compromise security practices? Or is this just basic capability building for mass communication surveillance?
There is little a private man can do against state actors. Of course, I could operate my encrypted backups with my antique Raspberry Pi in a Faraday cage. But … really?
Also, how does this not backfire when taking account third accounts?
immibis · 9h ago
The EU always sounds schizophrenic when you call each of its individual parts "the EU". These proposals are proposed every year and never accepted.
Phil_Latio · 8h ago
The EU clearly moves in that authoritarian direction, not away from it.
bestouff · 8h ago
Each and every state does nowadays
immibis · 5h ago
Any legislative body keeps making legislature, yes, that's what it does.
Most legislative bodies make a lot of legislature that keeps things away from people, like GDPR. That's "authoritarian" if by "authoritarian" you mean "more legislation". If by "authoritarian" you mean "more interference with people's lives" then it's actually anti-authoritarian.
rvz · 8h ago
It is bad enough that AI is a threat to millions of existing jobs today, and this will just worsen for the unprepared in 2030.
Now we have this introduced from the complete lunacy of the EU.
Could 2030 get any more worse?
scarface_74 · 7h ago
So you’re telling me that all of the grandstanding the EU and Europeans do about how much more they care about their citizens and protecting them from the evil American privacy invading capitalists was all BS?
immibis · 5h ago
this proposal will get rejected just like the last 50 of these proposals. If it was in the USA, it'd already be law.
And when they fail and you don’t give them your keys they will throw you in jail.
omnicognate · 8h ago
No, when they fail no such law will be passed.
StopVibeCoding · 4h ago
When they fail they will pretend that the CEO of a messaging company is actually a criminal mastermind, and will throw him in jail for almost a week as soon as he steps into a european country, then he will not be allowed to leave the country for over a year, but I'm obviously exaggerating this would never happen, right?
Yeah, what of it? It helps protect my privacy rights online, though enforcement is severely lacking.
Hacker News intentionally doesn't comply with it, by the way - as a pure USA website which doesn't take payments, they didn't really have to, but they chose to make an ideology out of it anyway.
StopVibeCoding · 4h ago
My comment, which, upon reflection was poorly written, was supposed to imply "remember how the European Union pretended to care about privacy, and created GDPR? That same european union wants to do this"
immibis · 1h ago
GDPR is great for privacy. All these sites that track you have to tell you all the ways they track you and trick you into clicking "consent".
In the USA our founding fathers wrote the constitution to limit government, not citizens. For sure, we have strayed away from this ideal, but things here are not as bad as apparently they are in the EU.
1 https://en.wikipedia.org/wiki/Ylva_Johansson?wprov=sfti1#Sur...
https://en.wikipedia.org/wiki/IB_affair?wprov=sfti1
Related: you are in an audit. The auditor asks you if you know what the time is. Correct answer: yes.
I think you want to make a point about the use of the word "fraud", or about the exact wording in Meta's claims, or about legal exemptions when it comes to law enforcement, or about other ways to access data wirhout breaking encryption (e.g. on-device compromise), but your exact point is unclear.
Last I read their lingo, it was clearly communicating to the user that messages would not be accessible to Meta.
I'm not claiming this would be true, but your comment would make more sense if you pointed put what exact flaw in the parent comment you mean.
Like, is it because law doesn't apply to Meta, or because of a loophole in their wording.
Or was it just meaningless cynicism? What's the point of the trucks?
https://news.ycombinator.com/item?id=44168134 ("EU Commission refuses to disclose authors behind its mass surveillance proposal", 292 comments)
We now live in a world where the opposite routinely happens: a crime happens, you give the police access to Apple or Google's Find Device / Find My data, they throw it in the trash. Law enforcement has more data to find and procecute criminals than they have time. People get scammed out of money by the thousands every day, over the phone, an insanely easy system to tap and trace. No one gets arrested.
Who is actually repeatedly pushing for things like these within the EU? For what purpose? What crimes went unprocecuted because of the unability to perform mass surveillance like this? It seems that all the time, when law enforcement actually cares about, it's trivial for them to get evidence? So why does this keep popping up every year?
And then because it comes up in slides so much at that higher level, politicians actually start thinking that's why we haven't solved all crime, our guys are competent and clearly they're not understaffed, it's that pesky "not being able to break end to end encryption" that is preventing law enforcement from doing their work!
it's not a moral crusade. they don't give a shit about children. they don't give a shit about crime. to the people in power, crime - even the most heinous kind - is just background noise. the laughably short sentences given to the perpetrators of the most heinous crimes in the EU/UK reflect that.
mass surveillance is a means to identify and suppress dissent.
the people in power care only about maintaining it. it's that simple. and once you acknowledge that, it will finally make sense why the US/EU/UK are implementing the same measures that China and Russia do.
We have this exact same post multiple times a year, where an EU body proposes a bad encryption law and everyone gets angry about how authoritarian the EU is. And then everyone forgets about it before the elected representatives get to vote on it and they vote to reject it, but that doesn't get to the front page so it doesn't give everyone the opposite emotions.
Also, end-to-end encryption is a challenge to law enforcement - idk why you think that's a meme. If they could just spy on all citizens 24/7, they could solve crime so much more easily! (Now that's a meme)
Also a state where a police makes the laws is called a police state.
For example, East Germany was a police state, so Europe has a rich history on the topic.
He got the message out there, we just didn't listen.
https://en.wikipedia.org/wiki/Marshall_McLuhan#Legacy
But there are other, maybe less known apps. Will all github repos that try to achieve e2ee be shut down? Won’t such apps just move to Tor?
If this is enabled, all they will get to see is LOL cats, data they would really want to see will still be invisible to them.
Is this essentially the EU empowering its constituent nation states to deeply compromise security practices? Or is this just basic capability building for mass communication surveillance?
There is little a private man can do against state actors. Of course, I could operate my encrypted backups with my antique Raspberry Pi in a Faraday cage. But … really?
Also, how does this not backfire when taking account third accounts?
Most legislative bodies make a lot of legislature that keeps things away from people, like GDPR. That's "authoritarian" if by "authoritarian" you mean "more legislation". If by "authoritarian" you mean "more interference with people's lives" then it's actually anti-authoritarian.
Now we have this introduced from the complete lunacy of the EU.
Could 2030 get any more worse?
[1] https://www.businessinsider.com/telegram-pavel-durov-travel-...
Hacker News intentionally doesn't comply with it, by the way - as a pure USA website which doesn't take payments, they didn't really have to, but they chose to make an ideology out of it anyway.