12 comments

[ 1.7 ms ] story [ 25.5 ms ] thread
> 537 Members of the European Parliament

They have names I assume. They can hide, but we can't it seems.

(comment deleted)
Related discussion from yesterday (an even worse take - the discussion yesterday was around a misunderstanding that this was requiring companies to do this rather than allowing): https://news.ycombinator.com/item?id=27753727

Actual link to the legislation: https://www.europarl.europa.eu/RegData/docs_autres_instituti...

It’s not an overwhelming read.

Key takeaways: no one bans encryption or mandates back doors. No one requires companies to do this, but this suspends the ban on doing it (temporarily).

I don't think it is a bad take. While it doesn't force companies to implement an interface to access content, it is unrealistic to assume they will not if their business isn't advocating privacy.

Additionally, you cannot be sure your line is encrypted on many services. That is a loss in my opinion.

Businesses are either forced by legislation or they aren't. If the legislation doesn't explicitly say that they are, then they are not. You don't really need a take.

It's good to be worried that this might happen, or that businesses might do something voluntarily as an extension or whatever. But it's not the same as "EP passes legislatino forcing businesses to install back doors" which is parroted by the PP over and over. That's hyperbole (to not say outright bullshit).

I think most people expect their mail provider to not read their mail, of course compromises are made to filter spam etc.

But I think it is still important that mails qualify as confidential communication, even with all its limitations. That has been clearly removed by this legislation.

And you can argue that companies are indeed forced to scan mails, it depends a bit on their business, but many might feel indeed be forced to take such a measure to not get left behind. As I said, depends on the business.

And the title is correct to the letter. The parliament did approve mass surveillance for private mail. Maybe use another word like sanction, but it fits the

Perhaps it is a bit dishonest, because it can be read wrong and that might be the case in most instances, but that is sadly how things are often framed today.

> I think most people expect their mail provider to not read their mail, of course compromises are made to filter spam etc.

Machines reading my mail is something I reluctantly accept (For spam it's a good thing, and for ads it's a bad thing).

> But I think it is still important that mails qualify as confidential communication, even with all its limitations. That has been clearly removed by this legislation.

True, but this is also a temporary exemption to legislation that basically lets things go back to how they were just a short while back. And it's how it works everywhere else.

I'm all for codifying confidentiality (there wasn't really a strong protection for it in the past either) and while this certainly isn't a step in the right direction, I think it's important to look at this on two different levels: a) "regular" messaging (mail, emails, text messagges, etc) where people have some understanding that they aren't sending e2e encrypted data but still expect some privacy. For example they are probably fine with phones being tapped if it's after court orders and targeted rather than mass surveillance. And b) secret communications such as Signal where people expect that their e2e encrypted communications are secure and that governments do not break that such as by mandating back doors or banning the use of strong crypto.

This law only applies to a) but all the screaming from the pirate party seems to be about b). The hyperbole is in that nonsensical extrapolation. I'm completely fine with the conclusion that everyone looses all their "a-privacy" here - and I don't like it either. But it's still not the same as the mandating backdoors or banning crypto .

Ironic that the EU has GDPR, but then this?
Indeed, private companies can't be trusted to install cookies on the sites you visit, that's just too much private information... but regulators/law enforcement? Open bar!
GDPR is concerned with other aspects, namely personal data handling. It would be ironic if the assumptions circulating around were true - which they are not. The topic is lifting a ban on the backdoors, not mandating them. Some argue it's a slippery slope but for a reason slippery slope arguments are listed under "logical fallacies". These are arguments unfortunately too often used in political discussions but still fallacies nevertheless.
That is misinterpreting the fallacy.

A slippery slope is just a fallacy in a way that there might be insufficient proof for a certain consequence. I rarely read it applied correctly on the internet, although it became quite popular.

It's the time to impose mandatory encryption as a personal duty against the lack of privacy online (well, it's been the moment since a coupe of decades, my fault...). I know, this has been discussed many times before but something smells like sh.t this days if you ask me...