There are an unusual number of comments from new accounts making disingenuous arguments on this post. I wonder who is behind the astroturfing.
The answer to "what else should we do about bad people doing bad things?" is, of course how we usually catch people doing bad things: old-fashioned detective work. It involves taking reports of suspicious or illegal acts, interviewing witnesses and associates, requesting court orders to search or surveil specific people and places when there's evidence to do so, etc.... It doesn't scale. It's not supposed to.
> Please don't post insinuations about astroturfing, shilling, bots, brigading, foreign agents and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data.
I mean yeah, but when there's a bunch of green accounts whose only comments are horrible corpo-speak takes on one single submission they're basically holding a sign that says "I am not a real HN commenter".
Scrolling down... You weren't lying. I've recently been pondering more and more in how far governments use social media to manipulate our perception. The astroturfing has been pretty shamelessly obvious recently (in particular on sites like Reddit.)
On the other hand, since there seems to be so much going on, why aren't there any whistleblowers?
First rule of propaganda: look who will profit from this:
The companies who sell personal data, politicians in power, maybe some 3 letter agencies, although they already have this data.
Anyway, this is a good sign that humanity is too stupid to learn from history.
Hmm, idk, I had two accounts in the past and I wasn’t even using them for anything nefarious, but I got a reply from dang asking me to not use multiple accounts, so I went back to using just one account.
Seems from my experience that at least to some degree dang is on top of making sure each person has only one account.
But again, the situation may be different when people intentionally try to do sketchy things. If someone uses separate browser sessions and separate VPN connections then there would not be much HN could do to discover that multiple accounts belong to the same person, except if the person with the accounts made the mistake of displaying voting ring behaviour, i.e. a number of accounts upvoting each other, and that sort of thing
HN's best defense against that is probably that it doesn't take many flags from older accounts to kill a comment from a new account.
Whether these accounts were one person with an axe to grind, trolling by someone who doesn't really believe the arguments they were making, or coordinated activity by an organization, none of the comments stayed up longer than 15 minutes.
I noticed the same thing, but this really is a strange one since there isn't an obvious single party which would desire this legislation (from my limited view).
External state-actors (e.g. China for proxy-policing), or non-democratic internal politicians/leaders (EU/EEA neo-facists?), is the only thing I can imagine.
The parties that want this are government agencies that want more power.
Perhaps the companies that plan to support the government agencies in this work.
There is a lot of money and political power that wants these laws. But they don't seem likely to be running any campaigns as obvious as astroturfing.
Isn't it more likely that the new commenters are people who want to remain anonymous?
> there isn't an obvious single party which would desire this legislation
Holy cow. Its amazing how the general public is so unaware of how the mechanism for lobbying for laws work:
This 'pedophilia! think of the children!' thing along with its accompanying laws came to the public agenda at the same time in both sides of the Atlantic. In the US, in the Eu at the same time. And separately, in the UK. With various celebrities pushing it and certain segments in the respective parliaments introducting it all at the same time. In the same fashion that laws like ACTA, PIPA etc were pushed.
Who wants it is pretty simple - the establishments want to spy on the citizens but they dont want the public stampede and ensuing fallout that laws like the Patriot act involves.
If you would have any doubts about it, just look at what the UK establishment and its politicians say - having gotten used to get whatever they want regardless of what they say, they are directly saying "Just give us backdoors" to encryption software producers without bothering with the hassle of pedophilia.
Which brings us to the below problem:
> China for proxy-policing
These people are able to commit all these evils, from patriot act to jailing whistleblowers, because the public rationalizes and justifies what they do and throws the blame and all the evils to outside just like you did.
It wasnt China who pushed the patriot act. It wasnt China who spied on everyone on the planet as revealed by Snowden. It was our own establishments. And as long as people like you keep diverting the blame to outside like you have done, those who perpetrated such acts will keep getting bolder.
...
Aside from all of these, there IS an actual party with a very specific interest that is pushing these laws, and the reason why it is doing this is so much sh*ttier than the above establishment reasons that you will want to gouge your eyes out:
Ashton Kutcher is a founder of something called Thorn that sells spying software to chat services. He and his partner Demi Moore are pushing this pedophilia law on the Eu in order to be able to sell spying software to chat services. At the same time they are lobbying for client side spying, ie, spying on people from their browser.
Washed up Hollywood actors trying to make money by destroying democracy...
> There are an unusual number of comments from new accounts making disingenuous arguments on this post. I wonder who is behind the astroturfing.
The comments are so obviously going to elicit a negative response that a reasonable explanation would be that they're intentionally terrible. It might just be someone having a laugh - someone who is actually against this proposal.
Either that or they're not sending their best and brightest...
His name is Sir Humphrey Appleby, aka the Deep State, aka the bureaucrats. Seriously watch the show Yes Minister, there has never been a show that does a better job at showing the ridiculousness that leads to these apparently horrible ideas that no one seems to like but seem to continue marching forward.
I only see two fresh accounts in this thread which were deleted/flagged. Come back when a pro-Tor topic is posted and see then how many new accounts pop up :)
I probably should get a mullvad account just to support them (even if I use my own VPN).
Something that is not discussed much in Sweden is surveillance via the bank system. Banks have access to customers' transaction information and use it for two purposes: the "useful" feature of telling their customer how many of their purchases were e.g. food vs entertainment or house rent, and--of course--for advertising their products and services to their customers.
And then the government has legislation to demand that banks mass-report certain information from private citizens, like revenue/expenses for financial services (i.e. interest paid on loans and capital earnings from financial assets) plus any international transactions. One small stumble down the slippery slope of surveillance, and the Swedish government will be able to build profiles of each citizen using the information collected by banks.
I don't remember the details but Swedish law takes a fairly strong stance on preventing government agencies from sharing information with each other, for better and worse.
The problem is there are no reports on what counter terrorism units achieved, how many potential attacks they thwarted because it would jepoardize their work, at least that's the mantra. So it's a you have to believe us that these measures is a must situation.
The problem is, that the silicon we use in everyday hardware is a black box. Same applies to online services. We do not even know how Youtube's and other big services' and hardware units' lawful intercept/secretservice interface looks like and what options do they offer to surveil and manipulate (!) average people. So there is deffo zero insight into this matter.
Who do you believe? It's like religion if you don't know what to look for. So... choose a god and believe.
If we look at the number of terrorism incidents in Sweden Vs say the number of times a public official got in trouble for abusing state power as well, then the two conclusions is that either the existing mechanisms are sufficient for thwarting terrorism or the threat of terrorism is overplayed to begin with
Yeah I agree. I'm starting to wonder about that mantra. If disclosing your successes endangers the work so much then maybe it's not such great work. The whole "there will always be bad actors" who want to "destroy our democracy" starts to wear thin when such high levels of secrecy are also eroding democracy.
If governments opened up more about what they're doing they might lose a few more of their secret battles (and people will die) but maybe it would be worth it when you look at the overall preservation of democratic thought. That's the ramblings of a wannabe patriot though, and not a lawyer, and lawyers are deciding all this.
> The problem is there are no reports on what counter terrorism units achieved, how many potential attacks they thwarted because it would jepoardize their work,
I used to subscribe to this but then there was the governor's kidnapping plot in Minnesota that the FBI started blowing their own horn about and making such a big deal right up until it turned out that 6 of the 13 individuals involved were in fact members of the FBI. That kinda shook my trust in the whole "we can't talk about our success because it is top secret." Excuse
I am currently reading through all of the legislation to try to figure out what the latest version of this actually requires from providers. Early versions talked about scanning for "grooming behavior" in textual conversations, but then also required that there would be no mass-scanning of communications: this seems obviously contradictory. What's frustrating about these laws is how vague everything is: I wish there were more high-quality summaries of the current legislation's terms. (If they exist, please post them here.)
The legislation [1] is amazingly vague about the impact on end-to-end encrypted systems. In fact the string "encryption" appears twice, and only once in the body of the text (in Paragraph 26 on page 27.) This paragraph basically says "it's ok to use end-to-end encryption" but does not actually stipulate an exemption for scanning technologies. Presumably this means you would need to somehow implement an effective scanner into your end-to-end encryption. The legislation gives no other guidance about how to do this, how secure it will be, or even a mild discussion of the tradeoffs.
This is alarming because the bill also makes clear that the goal is to detect not only known and unknown CSAM using some technological measure, but also to detect textual content that represents "grooming behavior." Only the "known" CSAM detection approach has ever even been attempted in a production system (with significant limitations) and that system was not ultimately deployed due to technical and customer concerns. But as much as CSAM media scanning worries me, the idea of automated ML-based text analysis for something as vague as "grooming behavior" is frankly terrifying. And I haven't even considered the slippery slope that becomes visible the second you build text-analysis and reporting systems into encrypted communications.
What is much more concerning than the legislation is the Impact Assessment [2], which is cited in the legislation to justify its reasoning. Specifically, the Impact Assessment recommends Option E, which is "mandatory scanning of all known and unknown CSAM, as well as textual detection of 'grooming behavior'" even in systems that deploy E2E encryption.
Where the legislation is vague about E2E encryption, the impact assessment [2] leaves no scrap of unambiguity: it makes clear that the need for these mandatory scanning mechanisms is almost entirely a response to the increasing deployment of E2EE, and specifically cites Facebook's (still un-deployed) 2019 encryption announcement to support its argument for a mandatory scanning requirement. It uncritically cites Apple's (since withdrawn) CSAM scanner (p. 39) as an example of a balanced privacy solution. It cites vaguely to the existence of scanners capable of detecting unknown CSAM, barely acknowledging that such techniques are entirely at the hypothetical/research stage and may not be safe at all. Finally it provides a privacy analysis that somehow concludes that the privacy benefits "in protecting victims" naturally outweigh all other concerns that might pop up around the deployment of what will be the world's most powerful ML-based text and media mass-surveillance system for encrypted and unencrypted private messages.
Because take note: while the authors don't use that terminology, readers should have no doubt: that is what the EU is proposing to build with this legislation.
It puts the onus on the implementer to be overzealous under fear of being criminally liable. This has the added benefit (to the slimy legislators pushing this garbage) of allowing them to scapegoat any perceived excesses onto corporations and developers.
And if you are worried, don't upload to a some smaller provider either because some of them might have fun looking at the backups of the things that people find to to sensitive to upload to Google.
I am really worried about this. I feel completely helpless though, I am almost a 100% convinced this legislation will make it through. It will be the worst day in the history of the EU. Great to see this campaign though.
Wow, kudos. I don't see any way on Mullvad's site to donate to the cause... I might just have to buy a second Mullvad account for a few months to support them.
This seems like an appropriate campaign to reach people who probably don't think about this kind of stuff. I think there's more than enough HN articles that show the tech circle's opposition to these kinds of measures already. Energy is better spent explaining the issue to others and advocating for the right thing.
Readit News
The answer to "what else should we do about bad people doing bad things?" is, of course how we usually catch people doing bad things: old-fashioned detective work. It involves taking reports of suspicious or illegal acts, interviewing witnesses and associates, requesting court orders to search or surveil specific people and places when there's evidence to do so, etc.... It doesn't scale. It's not supposed to.
> Please don't post insinuations about astroturfing, shilling, bots, brigading, foreign agents and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data.
https://news.ycombinator.com/newsguidelines.html
On the other hand, since there seems to be so much going on, why aren't there any whistleblowers?
First rule of propaganda: look who will profit from this: The companies who sell personal data, politicians in power, maybe some 3 letter agencies, although they already have this data.
Anyway, this is a good sign that humanity is too stupid to learn from history.
Seems from my experience that at least to some degree dang is on top of making sure each person has only one account.
But again, the situation may be different when people intentionally try to do sketchy things. If someone uses separate browser sessions and separate VPN connections then there would not be much HN could do to discover that multiple accounts belong to the same person, except if the person with the accounts made the mistake of displaying voting ring behaviour, i.e. a number of accounts upvoting each other, and that sort of thing
Whether these accounts were one person with an axe to grind, trolling by someone who doesn't really believe the arguments they were making, or coordinated activity by an organization, none of the comments stayed up longer than 15 minutes.
I noticed the same thing, but this really is a strange one since there isn't an obvious single party which would desire this legislation (from my limited view).
External state-actors (e.g. China for proxy-policing), or non-democratic internal politicians/leaders (EU/EEA neo-facists?), is the only thing I can imagine.
There is a lot of money and political power that wants these laws. But they don't seem likely to be running any campaigns as obvious as astroturfing. Isn't it more likely that the new commenters are people who want to remain anonymous?
Holy cow. Its amazing how the general public is so unaware of how the mechanism for lobbying for laws work:
This 'pedophilia! think of the children!' thing along with its accompanying laws came to the public agenda at the same time in both sides of the Atlantic. In the US, in the Eu at the same time. And separately, in the UK. With various celebrities pushing it and certain segments in the respective parliaments introducting it all at the same time. In the same fashion that laws like ACTA, PIPA etc were pushed.
Who wants it is pretty simple - the establishments want to spy on the citizens but they dont want the public stampede and ensuing fallout that laws like the Patriot act involves.
If you would have any doubts about it, just look at what the UK establishment and its politicians say - having gotten used to get whatever they want regardless of what they say, they are directly saying "Just give us backdoors" to encryption software producers without bothering with the hassle of pedophilia.
Which brings us to the below problem:
> China for proxy-policing
These people are able to commit all these evils, from patriot act to jailing whistleblowers, because the public rationalizes and justifies what they do and throws the blame and all the evils to outside just like you did.
It wasnt China who pushed the patriot act. It wasnt China who spied on everyone on the planet as revealed by Snowden. It was our own establishments. And as long as people like you keep diverting the blame to outside like you have done, those who perpetrated such acts will keep getting bolder.
...
Aside from all of these, there IS an actual party with a very specific interest that is pushing these laws, and the reason why it is doing this is so much sh*ttier than the above establishment reasons that you will want to gouge your eyes out:
https://www.theregister.com/2022/10/13/clientside_scanning_c...
https://www.thorn.org/about-our-fight-against-sexual-exploit...
Ashton Kutcher is a founder of something called Thorn that sells spying software to chat services. He and his partner Demi Moore are pushing this pedophilia law on the Eu in order to be able to sell spying software to chat services. At the same time they are lobbying for client side spying, ie, spying on people from their browser.
Washed up Hollywood actors trying to make money by destroying democracy...
https://mobile.twitter.com/NameRedacted247/status/1628847554...
There is a meta-effect going on here: Your complaining about the now vastly downvoted comments is now filling the top of this topic.
Dead Comment
[1] https://en.wikipedia.org/wiki/Foundations_of_Geopolitics
The comments are so obviously going to elicit a negative response that a reasonable explanation would be that they're intentionally terrible. It might just be someone having a laugh - someone who is actually against this proposal.
Either that or they're not sending their best and brightest...
I probably should get a mullvad account just to support them (even if I use my own VPN).
Something that is not discussed much in Sweden is surveillance via the bank system. Banks have access to customers' transaction information and use it for two purposes: the "useful" feature of telling their customer how many of their purchases were e.g. food vs entertainment or house rent, and--of course--for advertising their products and services to their customers.
And then the government has legislation to demand that banks mass-report certain information from private citizens, like revenue/expenses for financial services (i.e. interest paid on loans and capital earnings from financial assets) plus any international transactions. One small stumble down the slippery slope of surveillance, and the Swedish government will be able to build profiles of each citizen using the information collected by banks.
Dead Comment
The problem is, that the silicon we use in everyday hardware is a black box. Same applies to online services. We do not even know how Youtube's and other big services' and hardware units' lawful intercept/secretservice interface looks like and what options do they offer to surveil and manipulate (!) average people. So there is deffo zero insight into this matter.
Who do you believe? It's like religion if you don't know what to look for. So... choose a god and believe.
If governments opened up more about what they're doing they might lose a few more of their secret battles (and people will die) but maybe it would be worth it when you look at the overall preservation of democratic thought. That's the ramblings of a wannabe patriot though, and not a lawyer, and lawyers are deciding all this.
I used to subscribe to this but then there was the governor's kidnapping plot in Minnesota that the FBI started blowing their own horn about and making such a big deal right up until it turned out that 6 of the 13 individuals involved were in fact members of the FBI. That kinda shook my trust in the whole "we can't talk about our success because it is top secret." Excuse
Dead Comment
This is alarming because the bill also makes clear that the goal is to detect not only known and unknown CSAM using some technological measure, but also to detect textual content that represents "grooming behavior." Only the "known" CSAM detection approach has ever even been attempted in a production system (with significant limitations) and that system was not ultimately deployed due to technical and customer concerns. But as much as CSAM media scanning worries me, the idea of automated ML-based text analysis for something as vague as "grooming behavior" is frankly terrifying. And I haven't even considered the slippery slope that becomes visible the second you build text-analysis and reporting systems into encrypted communications.
What is much more concerning than the legislation is the Impact Assessment [2], which is cited in the legislation to justify its reasoning. Specifically, the Impact Assessment recommends Option E, which is "mandatory scanning of all known and unknown CSAM, as well as textual detection of 'grooming behavior'" even in systems that deploy E2E encryption.
Where the legislation is vague about E2E encryption, the impact assessment [2] leaves no scrap of unambiguity: it makes clear that the need for these mandatory scanning mechanisms is almost entirely a response to the increasing deployment of E2EE, and specifically cites Facebook's (still un-deployed) 2019 encryption announcement to support its argument for a mandatory scanning requirement. It uncritically cites Apple's (since withdrawn) CSAM scanner (p. 39) as an example of a balanced privacy solution. It cites vaguely to the existence of scanners capable of detecting unknown CSAM, barely acknowledging that such techniques are entirely at the hypothetical/research stage and may not be safe at all. Finally it provides a privacy analysis that somehow concludes that the privacy benefits "in protecting victims" naturally outweigh all other concerns that might pop up around the deployment of what will be the world's most powerful ML-based text and media mass-surveillance system for encrypted and unencrypted private messages.
Because take note: while the authors don't use that terminology, readers should have no doubt: that is what the EU is proposing to build with this legislation.
[1] https://eur-lex.europa.eu/resource.html?uri=cellar:13e33abf-...
[2] https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELE...
It puts the onus on the implementer to be overzealous under fear of being criminally liable. This has the added benefit (to the slimy legislators pushing this garbage) of allowing them to scapegoat any perceived excesses onto corporations and developers.
First ad:
Kid: Haha!! Did you send the photo to mom, dad?
Dad's phone: Your photo has triggered our criminal activities filter. Your online services have been suspended and the police has been alerted.
Caption: Create safe spaces online for children instead of making the internet unsafe for everyone.
...
Second ad:
First worker: Weren't we just supposed to look for sexual crimes and terrorism?
Second worker: That was during the previous government.
Third worker: adds a 'race' label
Caption: The governments of today say they will monitor serious crimes. What will the governments of tomorrow say?
Deleted Comment
Dead Comment
Dead Comment
Deleted Comment