>According to the Data Retention Directive, EU member states had to store information on all citizens' telecommunications data (phone and internet connections) for a minimum of six months and at most twenty-four months, to be delivered on demand to police authorities.
This was actually law for 8 years until the Court of Justice of the EU found it to be violating fundamental rights and was declared invalid.
It's still a law in Denmark, despite being rendered illegal in the EU, and likewise in national courts.
It was last used to convict a murderer of the murder of Emilie Meng (https://en.wikipedia.org/wiki/Murder_of_Emilie_Meng). At the time, he had kidnapped a 13 year old girl (IIRC), that he had sexually assaulted for 24+ hours, and various dashcam recordings were used to piece together what had happened. He was also convicted of attempted kidnapping of a 15 year old girl from a school.
They found the 13 year old in his home, so not much doubt about that, but the other two cases were partially proven with phone metadata logging, proving he had been in the area at the time.
In the light of that, it's hard to disagree 100% that it's a "bad idea". It's a question of balance I guess, and the mass surveillance proposed in ChatControl is way out of balance. Not only does it scan in the background, it also scans for things that are unknown to you, and alerts authorities without alerting you. That's the perfect tool for facist regimes to get rid of political dissents.
It's always a tradeoff. Nothing is ever going to have zero benefit, the problem is that these laws use the marginal benefit as an excuse to institute something that actually has massive downsides.
- The data was collected in 2016, and was used in 2023 - a retention period of 7 years, way longer than the specified maximum of 2
- I'd argue that the basis of lawmaking is weighing the advantages versus the costs - supplying partial evidence in a case once a decade does not meet the requirements for introducing mass surveillance with infinite retention
The police work was sloppy, the facts as they stand are:
- The guy was on a list of 1400 or so of suspects, and was convicted of abducting a 13yo in 2023, a different crime. It bears mentioning that the town had a population of 5k and the municipiality 63k, halving that just to count the men doesn't give you a short list
- A white car was seen at the 2016 scene of the crime, suspected to be a Hyundai i30, but with a degree of uncertainty, just to illustrate how uncertain they were, the article mentions the police confiscated a white van
- The guy owned and sold his 2016 Hyundai around the time
- Thanks to Big Brother dragnet perma-retention surveillance (mobile cell info), it was established that the guy was in the area (a train station!) of the 2016 crime at the time (which is a large window considering the exact time of the disappearence of the first girl is not well known)
From this it's unclear to me whether the same guy was the perp in the 2016 and 2023 cases. If he was, I'd argue the dragnet-collected evidence is only circumstantial. I feel like it was possible that the police wanted to pin the crime on him as they had an expectation to catch the 2016 killer and he was obviously a pedo.
Even if he did it, I'd say the digital evidence was neither necessary nor that important in convicting him.
Article 8 point 2. They're missing the provisions of data retrieval. If available, that would immediately take down the whole monitoring system as a full message history request would have to be available since they don't know which data is private or personally identifying.
Additionally, this falls under GDPR legitimate concern category so must be possible to reject by the user. Otherwise it's an involuntary measure making the law contradictory.
True, it's sad to see activists needs to be on duty 24/7/365 and yet it's useless if they can't get normal people to follow them and spam the inbox of every single EU employee just to delay more whatever chains they're trying to pass.
First, suppose two child pornographers get together and agree on a set of word substitutions that remove the key words and phrases deemed suspect. Now the authorites are scanning chats about flowers being planted, or birds being watched, etc. that are actually about targeting victims. Then the only detected uses of suspect words and phrases are accidental. If the authorites learn the new lingo the perpetrators will evolve it.
The only child pornographers that will be caught are the very stupid ones but they would have been caught by other less invasive means.
Meanwhile, the mass surveilance will destroy the free market. Imagine having to negotiate contracts when every business is a global corporation that knows what colour underwear you are wearing from scanning all of your chats. That means every business has a permanent information asymmetry in its favour, in every economic transaction you will ever make. Try to negotiate the purchase of a car, home, and so forth.
It would seem the end of freedom is nigh, listen for the sound of cheering and applause.
Isn't it obvious that mass surveilance only works on those who can be kept ignorant of it? If people know about surveilance then their behaviour is altered. How do entire nations and groups of nations fall for nonsensical plans like chat control.
The idea of chat control is to combat child vicimization by setting authorities on impossibly costly, technically insane strategies that can be thwarted by a high functioning chimpanzee.
> Yesterday, this revised version was quietly greenlit by Coreper, essentially paving the way for the text’s adoption by the Council, possibly as early as December.
Hmm. So, as I read the article, they've dropped the mandatory universal scanning (which has the effect of no longer requiring on-device scanning)... but added age verification.
Voluntary scanning (voluntary for the provider, not for the serfs^H^H^H^H^Husers) is already happening under some kind of temporary directive. So that's kind of codifying the status quo.
If they had just dropped the mandatory scanning, it might even be good to see it passed, in that it could eventually, slowly, drive all the users either to providers that don't scan... or better yet to P2P. There are probably some players who accepted the lack of mandatory scanning because they're betting they can find "noncoercive" ways to coerce all the major providers... but P2P is a lot harder to pressure that way. Even "mostly P2P" is harder to pressure, just because the infrastructure required is smaller. And it's not clear that all of the people doing the horsetrading understand that P2P is even possible.
They've been coming back with this Chat Control bullshit every year, in an obvious "keep demanding it until you get a yes" strategy. But once they've passed something, it'll be harder politically for them to change it to ban effectively encrypted P2P messaging. They could end up screwing themselves.
BUT the age verification ruins the whole thing, since it torpedoes privacy in general, and it probably, depending on how it's phrased and who it binds, effectively bans P2P messaging.
I wonder how many people involved intentionally took that into account, versus how many just saw AV as something vaguely authoritarian that could be put in to placate the forces of Control(TM).
Readit News
In 2006 the EU passed the Data Retention Directive: https://en.wikipedia.org/wiki/Data_Retention_Directive
>According to the Data Retention Directive, EU member states had to store information on all citizens' telecommunications data (phone and internet connections) for a minimum of six months and at most twenty-four months, to be delivered on demand to police authorities.
This was actually law for 8 years until the Court of Justice of the EU found it to be violating fundamental rights and was declared invalid.
It was last used to convict a murderer of the murder of Emilie Meng (https://en.wikipedia.org/wiki/Murder_of_Emilie_Meng). At the time, he had kidnapped a 13 year old girl (IIRC), that he had sexually assaulted for 24+ hours, and various dashcam recordings were used to piece together what had happened. He was also convicted of attempted kidnapping of a 15 year old girl from a school.
They found the 13 year old in his home, so not much doubt about that, but the other two cases were partially proven with phone metadata logging, proving he had been in the area at the time.
In the light of that, it's hard to disagree 100% that it's a "bad idea". It's a question of balance I guess, and the mass surveillance proposed in ChatControl is way out of balance. Not only does it scan in the background, it also scans for things that are unknown to you, and alerts authorities without alerting you. That's the perfect tool for facist regimes to get rid of political dissents.
- The data was collected in 2016, and was used in 2023 - a retention period of 7 years, way longer than the specified maximum of 2
- I'd argue that the basis of lawmaking is weighing the advantages versus the costs - supplying partial evidence in a case once a decade does not meet the requirements for introducing mass surveillance with infinite retention
The police work was sloppy, the facts as they stand are:
- The guy was on a list of 1400 or so of suspects, and was convicted of abducting a 13yo in 2023, a different crime. It bears mentioning that the town had a population of 5k and the municipiality 63k, halving that just to count the men doesn't give you a short list
- A white car was seen at the 2016 scene of the crime, suspected to be a Hyundai i30, but with a degree of uncertainty, just to illustrate how uncertain they were, the article mentions the police confiscated a white van
- The guy owned and sold his 2016 Hyundai around the time
- Thanks to Big Brother dragnet perma-retention surveillance (mobile cell info), it was established that the guy was in the area (a train station!) of the 2016 crime at the time (which is a large window considering the exact time of the disappearence of the first girl is not well known)
From this it's unclear to me whether the same guy was the perp in the 2016 and 2023 cases. If he was, I'd argue the dragnet-collected evidence is only circumstantial. I feel like it was possible that the police wanted to pin the crime on him as they had an expectation to catch the 2016 killer and he was obviously a pedo.
Even if he did it, I'd say the digital evidence was neither necessary nor that important in convicting him.
And cherry on the cake, countries like France decided to ignore the CJEU ruling using the joker card of 'national security'.
https://ffii.org/ffii-asks-meps-to-reject-big-brother-direct...https://ffii.org/eu-law-making-process-cracking-under-pressu...https://ffii.org/eu-adopts-big-brother-directive-ignores-ind...
Reader mode seems to work.
> UnHerd and our 5403 technology partners ask you to consent to the use of cookies to store/access and process personal data on your device.
Oh, okay.
Specifically, the charter: https://eur-lex.europa.eu/eli/treaty/char_2012/oj/eng
Article 8 point 2. They're missing the provisions of data retrieval. If available, that would immediately take down the whole monitoring system as a full message history request would have to be available since they don't know which data is private or personally identifying.
Additionally, this falls under GDPR legitimate concern category so must be possible to reject by the user. Otherwise it's an involuntary measure making the law contradictory.
With this in mind, it's toothless if corrected.
First, suppose two child pornographers get together and agree on a set of word substitutions that remove the key words and phrases deemed suspect. Now the authorites are scanning chats about flowers being planted, or birds being watched, etc. that are actually about targeting victims. Then the only detected uses of suspect words and phrases are accidental. If the authorites learn the new lingo the perpetrators will evolve it.
The only child pornographers that will be caught are the very stupid ones but they would have been caught by other less invasive means.
Meanwhile, the mass surveilance will destroy the free market. Imagine having to negotiate contracts when every business is a global corporation that knows what colour underwear you are wearing from scanning all of your chats. That means every business has a permanent information asymmetry in its favour, in every economic transaction you will ever make. Try to negotiate the purchase of a car, home, and so forth.
It would seem the end of freedom is nigh, listen for the sound of cheering and applause.
Isn't it obvious that mass surveilance only works on those who can be kept ignorant of it? If people know about surveilance then their behaviour is altered. How do entire nations and groups of nations fall for nonsensical plans like chat control.
The idea of chat control is to combat child vicimization by setting authorities on impossibly costly, technically insane strategies that can be thwarted by a high functioning chimpanzee.
What am I missing?
It hasn't been passed yet. We'll see.
Voluntary scanning (voluntary for the provider, not for the serfs^H^H^H^H^Husers) is already happening under some kind of temporary directive. So that's kind of codifying the status quo.
If they had just dropped the mandatory scanning, it might even be good to see it passed, in that it could eventually, slowly, drive all the users either to providers that don't scan... or better yet to P2P. There are probably some players who accepted the lack of mandatory scanning because they're betting they can find "noncoercive" ways to coerce all the major providers... but P2P is a lot harder to pressure that way. Even "mostly P2P" is harder to pressure, just because the infrastructure required is smaller. And it's not clear that all of the people doing the horsetrading understand that P2P is even possible.
They've been coming back with this Chat Control bullshit every year, in an obvious "keep demanding it until you get a yes" strategy. But once they've passed something, it'll be harder politically for them to change it to ban effectively encrypted P2P messaging. They could end up screwing themselves.
BUT the age verification ruins the whole thing, since it torpedoes privacy in general, and it probably, depending on how it's phrased and who it binds, effectively bans P2P messaging.
I wonder how many people involved intentionally took that into account, versus how many just saw AV as something vaguely authoritarian that could be put in to placate the forces of Control(TM).
Deleted Comment