EU to have AI automatically scan private chats (including encrypted messengers)

YmpkerYmpker OGContent Writer
edited May 2022 in General

Seems like EU is planning to automatically have AI scan private chats and force messengers with E2E encryption to embed backdoor to do so. Justification is, as always it seems, to fight CP.. (wasn't this the "reason" why they wanted to introduce upload filters back then, too?).

What's your thought on this?

Anyway, might be worth looking into self-hosted Rocket Chat or the like for family and close friends..

Some sources:

https://www.ccc.de/en/updates/2022/eu-kommission-will-alle-chatnachrichten-durchleuchten

https://netzpolitik.org/2021/eu-commission-why-chat-control-is-so-dangerous/

https://www.theverge.com/2022/5/11/23066683/eu-child-abuse-grooming-scanning-messaging-apps-break-encryption-fears

Thanked by (1)chimichurri

Comments

  • vyasvyas OGContent Writer

    I have responded to you via PM

    ;-)

    Thanked by (1)Ympker

    VPS reviews | | MicroLXC | English is my nth language.

  • Private solutions will be voided eventually.

  • YmpkerYmpker OGContent Writer
  • vyasvyas OGContent Writer

    @legendary said:
    Private solutions will be voided eventually.

    Read it as “Privates” will be voided

    VPS reviews | | MicroLXC | English is my nth language.

  • edited May 2022

    Regardless the jurisdiction, the excuse for these kind of things always seems to be either CP or terrorism.. -_-'

    Two quick ideas to consider for affected people in case SHTF (as I personally don't think self hosting would be practical):

    1. https://www.securemessagingapps.com/ - unless other governments follow, for now, perhaps anything non-EU based would be OK?
      So, if one is to pick one of the author's recommended solutions, this would mean that you might be better off switching to either Signal, Threema or Session (since the last recommendation, i.e. Wire, seems to have servers in the EU).
      Based on my microbubble, I think Signal might be the most popular one ATM - YMMV.

    2. OTR OMEMO @ Jabber XMPP using a trusted server... (although not as good of a choice compared to the ones above, IMHO, since AFAIK, this would still leak some metadata)
      As for the question of which server you should trust, I was going to say e.g. http://jabber.ccc.de/ ... and, TBH, RN I'd still trust them ;)
      However, assuming this thing becomes reality, it might not be the best long-term choice, since Germany most likely will not be leaving the EU anytime soon :p

    Thanked by (1)Ympker

    Contribute your idling VPS/dedi (link), Android (link) or iOS (link) devices to medical research

  • edited May 2022

    PGP will void this i guess

    Signature currently under construction
    Sorry for the inconvenience

  • vyasvyas OGContent Writer
    edited May 2022

    What about
    Lime
    Telegram
    Proton email
    Yandex

    In above context and by extension
    Email service
    Tutanota
    Posteo

    Thanked by (1)Ympker

    VPS reviews | | MicroLXC | English is my nth language.

  • I imagine it will not affect Signal users.

  • edited May 2022

    @vyas said:
    What about
    Lime

    Just to be clear, you mean https://wiki.linphone.org/xwiki/wiki/public/view/Lib/Features/Instant Messaging/LIME/ (of which I've never heard...), and this wasn't a a typo of https://line.me/en/ ?
    In case you actually did mean the latter, IMHO, it's probably not the most secure app around... :#

    Telegram

    See my link above on secure messaging apps. (tl;dr bad practice=custom crypto, plus encryption disabled by default)

    Proton email

    One of my email accounts is with them, but were I to be affected by the above law, I'm not sure I'd trust them 100%, as they seem to have something sketchy going on, e.g. https://lowendspirit.com/discussion/comment/82330/#Comment_82330

    Yandex

    What..? :o Do they even provide any kind of encryption? :'(

    In above context and by extension
    Email service

    Wouldn't be my first choice, because of metadata leaks by design... :3

    Tutanota
    Posteo

    Both are EU-based (DE) services, which might make them eventually an even worse choice than Yandex, depending on what this proposed law (?) ends up being (right now, they at least provide some kind of encryption, I guess? :s )
    Also, can't say anything about Posteo, but right now, Tutanota seems to be complying with court wiretap orders (and I don't really blame them for that, dura lex, sed lex :/ )

    Thanked by (2)Ympker vyas

    Contribute your idling VPS/dedi (link), Android (link) or iOS (link) devices to medical research

  • YmpkerYmpker OGContent Writer
    edited May 2022

    @zirius said:
    I imagine it will not affect Signal users.

    The article in OP from The Verge mentions something like "this would also apply to Signal".

    The most extreme obligations would apply to communications services like WhatsApp, Signal, and Facebook Messenger.

    These two also look interesting:
    https://getsession.org/

    https://status.im/

  • What freaks me out more than this, is that it is part of a wider trend. All the western govs are rapidly going this route.

    Not quite full blown citizen surveillance like a certain country, but "think of the children" we have to have more monitoring.

    Fortunate enough to not actually have anything serious to hide as such...but the intrusion vexes me anyway out of principle

    @legendary said:

    Private solutions will be voided eventually.

    Issue is that the sophisticated solutions are utterly useless in this context for practical reasons. The chances of me getting all my mates & mom onto a selfhosted encrypted chat app like matrix is approximately zero.

    Even signal was already pushing the limits on that front...and its basically whatsapp with a different look

    @zirius said:
    I imagine it will not affect Signal users.

    Denmark is working on that one

    Thanked by (2)Ympker AlwaysSkint
  • bikegremlinbikegremlin ModeratorOG

    In the meantime, small website owners technically have to pay for GDPR lawyers and implement GDPR cookie consent, contact persons etc.

    Allegedly, to protect the privacy of people who carry microfone+camera surveillance devices with them all day long, wherever they go.

    Thanked by (1)Ympker

    BikeGremlin I/O
    Mostly WordPress ™

  • To an extent, even DNS will be recorded, because it's also a communication between devices.

  • Let's be real here.

    Do our opinions matter? Hell, no.

    Do I care? Nope.

    Do I support this? Don't care. I just think that everything you put out on the internet will be seen even if it's meant for private.

    Thanked by (1)stevewatson301

    ♻ Amitz day is October 21.
    ♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.

Sign In or Register to comment.

This Site is currently in maintenance mode.
Please check back here later.

→ Site Settings