Honest question. The EU was created as an economic and trade institution. How has it morphed into a wierd political institution, which NATO was already supposed to be?
The root question: how did an organization that ushered in things like the Euro become a body that decides whether Europeans are allowed to have personal privacy?
saubeidl7 minutes ago
> The EU was created as an economic and trade institution. How has it morphed into a wierd political institution, which NATO was already supposed to be?
That is not the case.
The 1957 Treaty Establishing the European Community contained the objective of “ever closer union” in the following words in the Preamble. In English this is: “Determined to lay the foundations of an ever closer union among the peoples of Europe …..”.
> The root question: how did an organization that ushered in things like the Euro become a body that decides whether Europeans are allowed to have personal privacy?
Sensationalist framing aside, how does any government become a body that decides anything?
aestetix1 minute ago
That treaty was established just over a decade after Hitler surrendered, when there were two Germanys, an Iron curtain across Europe, and a lot of other things which changed significantly after the Wall fell. Surely you would agree that those words meant something quite different then than they do now?
I don't think my framing was sensationalist at all. Chat Control is using the threat of child porn to make people forget the reasons why the ECHR cares so deeply about privacy. I'm not sure why Denmark is pushing it so hard, but governments have long feared and hated encryption.
johnwayne6661 hour ago
Does this already include the parliament's position based on a trilogue or will there be amendments before it's voted in parliament?
throw_a_grenade56 minutes ago
IIUC no, this is Council position before trilogue.
thecopy1 hour ago
Seems… fine? At least i dont see any invasion of privacy or encryption related obligations in this proposal.
The EU ostensibly wants to improve innovation, i wonder how these new assessment regulations help with that, especially for SME and startups.
halJordan1 hour ago
"High risk" providers will be obligated to "contribute" technologies "to mitigate." Seems like a doublespeak way of saying enforced decryption or enforced backdoors.
potato373284214 minutes ago
It's one of those things that will obviously be used to boil the frog over time via beurocratic rules.
Year 1 a minimum viable effort manual process will be fine. But they'll say "not good enough" to someone every now and then and the minimum can do in order to get a) permission b) enforcers not crawling up your ass (IDK if it will be permission based or enforcement after the fact based) will ratchet up.
By year 10 or 20 "everyone" will have an API or a portal or whatever.
And worse, by creating a compliance industry they create a whole suite of business and people who will ask for more, more, more more.
stephen_g52 minutes ago
Yes, I see this as the people pushing for surveillance and control taking what they can get for now, with the view to bring it back to mandatory scanning before all is said and done.
throw_a_grenade1 hour ago
The crux is in those „risk assessments”, to be approved by authorities. IIUC those authorities will be able to designate e.g. Signal „high risk” and slap penalties unless they „mitigate” the risk. Hard to tell what will happen without seeing final regulation.
jacknews1 hour ago
I know it's the recognized term for 'officially designated authority', but 'competent authority' seems to conflate two traits that do not necessarily co-habit.
pavlov1 hour ago
Legal competence is like a legal person — it's a subset of what we normally associate with the term.
Zaiberia1 hour ago
Just read it as ”we have the competence to make decisions with authority on this issue”, though we all wish it always meant ”we have authority to make competent decisions on this issue” xD
giuliomagnifico1 hour ago
In a nutshell, there will be no more intrusions into chats, but only obligations for the companies to provide preferential channels for victims of these crimes.
Honest question. The EU was created as an economic and trade institution. How has it morphed into a wierd political institution, which NATO was already supposed to be?
The root question: how did an organization that ushered in things like the Euro become a body that decides whether Europeans are allowed to have personal privacy?
> The EU was created as an economic and trade institution. How has it morphed into a wierd political institution, which NATO was already supposed to be?
That is not the case.
The 1957 Treaty Establishing the European Community contained the objective of “ever closer union” in the following words in the Preamble. In English this is: “Determined to lay the foundations of an ever closer union among the peoples of Europe …..”.
> The root question: how did an organization that ushered in things like the Euro become a body that decides whether Europeans are allowed to have personal privacy?
Sensationalist framing aside, how does any government become a body that decides anything?
That treaty was established just over a decade after Hitler surrendered, when there were two Germanys, an Iron curtain across Europe, and a lot of other things which changed significantly after the Wall fell. Surely you would agree that those words meant something quite different then than they do now?
I don't think my framing was sensationalist at all. Chat Control is using the threat of child porn to make people forget the reasons why the ECHR cares so deeply about privacy. I'm not sure why Denmark is pushing it so hard, but governments have long feared and hated encryption.
Does this already include the parliament's position based on a trilogue or will there be amendments before it's voted in parliament?
IIUC no, this is Council position before trilogue.
Seems… fine? At least i dont see any invasion of privacy or encryption related obligations in this proposal.
The EU ostensibly wants to improve innovation, i wonder how these new assessment regulations help with that, especially for SME and startups.
"High risk" providers will be obligated to "contribute" technologies "to mitigate." Seems like a doublespeak way of saying enforced decryption or enforced backdoors.
It's one of those things that will obviously be used to boil the frog over time via beurocratic rules.
Year 1 a minimum viable effort manual process will be fine. But they'll say "not good enough" to someone every now and then and the minimum can do in order to get a) permission b) enforcers not crawling up your ass (IDK if it will be permission based or enforcement after the fact based) will ratchet up.
By year 10 or 20 "everyone" will have an API or a portal or whatever.
And worse, by creating a compliance industry they create a whole suite of business and people who will ask for more, more, more more.
Yes, I see this as the people pushing for surveillance and control taking what they can get for now, with the view to bring it back to mandatory scanning before all is said and done.
The crux is in those „risk assessments”, to be approved by authorities. IIUC those authorities will be able to designate e.g. Signal „high risk” and slap penalties unless they „mitigate” the risk. Hard to tell what will happen without seeing final regulation.
I know it's the recognized term for 'officially designated authority', but 'competent authority' seems to conflate two traits that do not necessarily co-habit.
Legal competence is like a legal person — it's a subset of what we normally associate with the term.
Just read it as ”we have the competence to make decisions with authority on this issue”, though we all wish it always meant ”we have authority to make competent decisions on this issue” xD
In a nutshell, there will be no more intrusions into chats, but only obligations for the companies to provide preferential channels for victims of these crimes.