You must log in or register to comment.
One reported feedback there is brilliant:
At first glance, the proposed regulation might appear to be just another flawed attempt to balance security and privacy. But a closer look, especially at the High-Level Group (HLG) advice the EU cites as a foundational source, reveals something far more dangerous. Start with this: when German MEP Patrick Breyer requested the names of the individuals behind the so-called High-Level Group that drafted this sweeping proposal, the EU responded with a list where every single name was blacked out. A law that would introduce unprecedented surveillance powers across Europe is being built on recommendations from an anonymous and unaccountable group. In any democracy, this would be a scandal. In the European Union, it is an outright betrayal of public trust. According to digital rights organization EDRİ, “The HLG has kept its work sessions closed, by strictly controlling which stakeholders got invited and effectively shutting down civil society participation.” In short, the process was deliberately closed off to public scrutiny, democratic debate, and expert dissent. Civil society was excluded while powerful lobbyists shaped one of the most consequential digital laws of our time behind closed doors. A blunt overreach of state power: Universal identification and data retention, every click, message, and connection must be logged under your legal name, turning the entire population into perpetual Suspects. Encryption smashed: providers must supply data “in an intelligible way” (Rec 27.ii), forcing them to weaken or bypass end-to-end encryption whenever asked. Backdoors by design: hardware and software makers are ordered to bake permanent law-enforcement access points into phones, laptops, cars, and loT devices (Rec 22, 25, 26). Privacy shields outlawed: VPNS and other anonymity tools must start logging users or shut down. Criminalized resistance: services or developers who refuse to spy on their users face fines, market bans, or prison (Rec 34). No one exempt: the rules cover every “electronic communication service”, from open-source chat servers to encrypted messengers to vehicle comms systems (Rec 17, 18, 27.ii). A mass surveillance law, drafted in secrecy by unknown actors, with provisions that go beyond what we see in many authoritarian regimes. And yet, the European Commission is advancing it as if it’s routine policy work. The European Commission must halt this process immediately. No law that enables this scale of surveillance, especially one built in the shadows, should ever be allowed to pass. Europe must not become a place where privacy dies quietly behind closed doors. This threatens the fundamental rights of every citizen in the Union.
After another read, prompted by this comment, I found the part they’re referring to: if you click through at the top of the pdf to HLG you get here: https://home-affairs.ec.europa.eu/networks/high-level-group-hlg-access-data-effective-law-enforcement_en, and this does describe all the things mentioned in that comment!
Note that OP’s link is less crazy and dangerous (in fact, in cyber security you basically assume the metadata is known anyway), but this implies coming proposals that are a lot more invasive to our privacy
The only response should be “no”.
I’ve yet to see substantive evidence that mass surveillance actually does anything (positive), let alone to a degree that remotely justifies the incurred costs, whether material or societal.
You don’t see it only because your not a member of the elites. It works fine as a tool of intimidation and control of the masses.
Certain metadata processed by service providers are needed to effectively fight crime.
More like when these authoritarians suddenly decide protesting and freedom of expression are “crimes”
Vote against it or tell who ever you need to tell to vote against it. You don’t want this. It will turn on you in the future with law amendments over time most likely.
Correct me if I’m wrong:
The way I read it it’s not about any new data gathering or backdoors or whatever, it’s about keeping the metadata (so not message content, but things like source/destination, date & time of a message), which already are known to the service provider, but not structurally saved until slow law enforcement comes asking for it (which they already can and do). So nothing is added except efficiency, if I read it correctly.
If you have concerns about anything they already do, or things not in this proposal but scary or dangerous; now is as good a time as any to complain about it, and perhaps this is a valid platform for it, but phrase it as such.
But some of the comments (on the proposal) talking about adding backdoors just look like someone didn’t read and just blindly started complaining, which is not a good look.
If we want to participate as educated citizens, let’s educate ourselves so our input is still valued in the future.
That all aside, thanks for sharing!
I might also be interpreting it wrong, but this seems to be a bit more than just “increased efficiency” to me. It would legally require providers to keep metadata that can currently be deleted - including never retaining it in the first place.
Hmm, fair point. I guess I default to assuming that data is already kept, just often not long enough for law enforcement to come and request it (in a way that’s functionally the same as never even saving it I guess), but practically this would mean lots of providers starting to keep records, also the storage requirement would be enormous if it’s saved at every hop, so practicality is a concern too.
