Context: Chat Control 2.0: EU governments set to approve the end of private messaging and secure encryption

“By making a minor concession EU governments hope to find a majority next week to approve the controversial ‘chat control’ bill. According to the proposed child sexual abuse regulation (CSAR), providers of messengers, e-mail and chat services would be forced to automatically search all private messages and photos for suspicious content and report it to the EU. To find a majority for this unprecedented mass surveillance, the EU Council Presidency proposed Tuesday that the scanners would initially search for previously classified CSAM only, and even less reliable technology to classify unknown imagery or conversations would be reserved to a later stage. The proposed „deal“ will be discussed by ambassadors tomorrow and could be adopted by ministers next week.”

Source: https://www.patrick-breyer.de/en/chat-control-2-0-eu-governments-set-to-approve-the-end-of-private-messaging-and-secure-encryption/

  • Ludwig van Beethoven@sh.itjust.worksEnglish
    1·
    9 months ago

    Fairly fucking sure this is a nothingburger like Art. 13-17 was, and will not break E2EE messengers.

    The reason:

    Encryption plays an essential role in securing communications. The international human rights law test of legality, necessity and proportionality should be applied to any measures that would affect encryption. Both the UN Commissioner for Human Rights[1]and the European Data Protection Supervisor[2]have concluded that the EU’s proposal for a regulation on child sexual abuse material fails this test[3].

    A recent article published by Wired[4]described a European Council survey of Member States’ views on regulating encryption. In its response to the survey, Spain stated that there should be legislation prohibiting EU-based service providers from implementing end-to-end encryption.

    Requiring platforms and device manufacturers to build back doors to facilitate law enforcement access would make everyone more susceptible to malicious hacking from criminals and foreign adversaries alike[5]. Measures allowing public authorities to access the content of communications affect the essence of the right to privacy.

    1.Which encryption experts did the Commission consult when preparing its proposal for a regulation on child sexual abuse material?

    2.Will the Commission revise its position on encryption in view of the opinions of human rights associations and experts?

    3.Given the abuse of Pegasus, how will the Commission ensure that the fundamental right to privacy is protected if a Member State, such as Spain, decides to ban encryption?

    Submitted: 24.5.2023

    [1] UN High Commissioner for Human Rights, ‘The right to privacy in the digital age’, A/HRC/51/17, 4 August 2022, para. 28, https://www.ohchr.org/en/documents/thematic-reports/ahrc5117-right-privacy-digital-age.
[2] https://edps.europa.eu/press-publications/press-news/press-releases/2022/combat-child-sexual-abuse-online-presents-serious-risks-fundamental-rights_en.
[3] https://home.crin.org/readlistenwatch/stories/privacy-and-protection.
[4] https://www.wired.com/story/europe-break-encryption-leaked-document-csa-law/.
[5] https://cdt.org/area-of-focus/government-surveillance/encryption-and-government-hacking/.

    Source: https://www.europarl.europa.eu/doceo/document/E-9-2023-001661_EN.html (EUP Parliamentary question E-001661/2023)

    So yeah, it is now established that forcing law enforcement on E2EE messaging services goes against human rights. glhf EUC