This is the face of a corrupt politician.
This is the face watching every message sent to your girlfriend/boyfriend.
For everyone who thinks its good its voluntary, its not like that, you have to read this… https://www.patrick-breyer.de/en/reality-check-eu-council-chat-control-vote-is-not-a-retreat-but-a-green-light-for-indiscriminate-mass-surveillance-and-the-end-of-right-to-communicate-anonymously/
For full disclosure we all now see their private chats too, right?
Of cause not. There will be provisions slid in at the last possible moment excluding MPs. And their aids. And their
sugar daddiesi mean donors
I’m sure that requires that both parties agree right? I don’t want other people to choose for me if my chats with them are controlled.
How can this ageee with GDPR?
Sigh…
GDPR doesnt apply to data being processed by individuals or groups for personal use, the “household exemption”.
If you’re part of a conversation then the other person also “owns” the conversation and can decide what to do with it.
But the moment that data is voluntarily sent to the government, doesn’t it stop being “for personal use”? The premises for which that data was shared were broken.
Yes, but it depends on why the data was shared and who it was sent to.
So for example (assuming you’re in the UK), you discuss a crime. The other party sends a record of your communication to the police, or HMRC or whatever.
Ordinarily under Article 14 of UK GDPR, an organisation must inform a data subject that they have received their data from elsewhere, why they have it, what they intend to do with it etc.
However, there are numerous exemptions in the Data Protection Act (particularly Part 3 - Law Enforcement) and Schedules 2, 3 and 4 that would exempt an organisation from even telling you they have your data in the first place.
However, the “personal use” aspect still stands for the originator of the data. Don’t think of personal use as an exemption. It isnt, its more accurate to say that it is beyond the scope of UK GDPR, ie it isn’t covered at all. There is no exemption because one isnt needed, GDPR simply does not cover data being processed for personal reasons.
Think of another example. We work together and in confidence you tell me about a medical condition. If you told me because we are friends, then I’m free to tell whoever I want (corporate policies aside). However if you told me because I am your manager, then when I received the information I was acting in an official capacity on behalf of the organisation. Now if I chose to share that information with Occupational Health for instance, that woild probably be lawful. However if I emailed your colleagues and told them anything other than “he will be off work because he is ill” then that woild be a breach that the company would be liable for.
Hope that helps?
Isn’t it pretty commonly legal to record and disclose any conversation to which you’re a party?
To voluntarily “opt out”, you’ll have to click through five different pages of confusing legalese, on each page looking for the light grey link on a white background, only to find the final link dead. You’ll have to fight Google’s AI in order to get a working link. Eventually, you’ll find the page.
The final link to preserve your privacy will have five double and one single negative; the “confirm your decision” button will have three more that appear to contradict the earlier question; and the “are you really really sure” message will contradict both.
The final message will say “Thank you for your submission. Please allow six to eight weeks for your request to be processed. While we will comply with your request, we cannot guarantee that our fifty partners will also abide by your wishes. Have a nice day!”
The EU, now the US mark two.
This whole thing is so infuriating. It just won’t go away and in the end we are all going to be surveiled no matter what. Privacy will be gone and it’s just disgusting. Peter Hummelgaard and whoever puppeteers him needs as much negative attation about this case as possible. The media is hardly covering it at all. Fight for your privacy!
As this version of the law is completely voluntary, I don‘t think it will change anything. Secure chats won‘t implement it, because it‘s practically impossible, and insecure chats won‘t implement it, because there‘s absolutely no profit in it.
It‘s still completely unnecessary to have a law like this, as it won‘t help with anything. But at least it doesn‘t force any messaging applications to either break their encryption or leave the EU.
Also, as this is proposal is finally put into law, there‘s one less battle to be fought by privacy activists (for now).
So all in all: The worst has been successfully averted, I think we can celebrate that. But the next privacy invading proposal will come soon enough.
This is just the start, probably easier to change an already existing law than creating a new one?
Actually, i was reading the link another user posted , and it seems like it is straight up bad.
Have you considered what might be the point of writing a law that’s voluntary to follow?
Yes
Perhaps I should’ve clarified.
There’s no such thing as a voluntary law. No one’s getting away with murder by saying they didn’t feel like following the law that day. The point is to enforce it through legal trickery while everyone involved throws their hands in the air and goes, “Hey man, the law might be a piece of shit, but it’s voluntary! No one’s forcing you to follow it!”
I have to disagree with the statement that there is no voluntary law. For example, GDPR certifications (Art. 42) have been a thing for years, are encouraged by the EU, but have remained completely voluntary for organizations.
I totally agree with you that it’s important to stay vigilant and keep an eye on the further development of this specific regulation, especially as it still has a long way to go before actually becoming law. But I think seeing the compromise as some sort of trickery is purely speculative right now and doesn’t really do justice to the activists inside and outside EU organizations who have spent the last few years successfully preventing a mandatory chat control. A lot of the comments here seem very doom-and-gloomy, sometimes almost resigned, as if nothing has been accomplished by protesting these initial proposals. And I think, while there are definitely further battles ahead, it’s also a good idea to celebrate and remind ourselves of the accomplishments we’ve made here.
I have already read that article, and while I think that Patrick does a great job in general, this particular post contains overly dramatic and, in parts, misleading arguments. For example:
The text aims to make the temporary “Chat Control 1.0” regulation permanent. This allows providers like Meta or Google to scan all private chats, indiscriminately and without a court order.".
This is a bit strange. Chats without E2E encryption, especially the ones on Google or Meta platforms, were never private. I think it would be better to raise awareness of that fact and encourage E2E messaging instead of complaining about law enforcement having access to those chats.
His argument regarding age verification is also very weak:
[…] This means every citizen will effectively have to upload an ID or undergo a face scan to open an email or messenger account. […] This creates a de facto ban on anonymous communication […]
This is misleading at best. The implementation details of the age verification are not specified in this proposal. There are absolutely ways of verifying someone’s age anonymously (Privacy Pass comes to mind). It’s totally possible that it’ll be a far worse system, but that’s just not as set in stone as Patrick suggests.
It’s definitely necessary to keep an eye on the further development of this legislature. But Patrick’s Reality Check unfortunately stretches the meaning of the word Reality a bit too much.
This guy is exaggerating.
"The text aims to make the temporary “Chat Control 1.0” regulation permanent. "
This already passed in 2021. This guy is sensationalizing it like it’s opening new possibilities to tech companies while it’s been a law for 4 years already. If companies wanted to scan messages they would be doing this already.
Age verification and bans for teenagers are a separate issue completely. Many countries are working on this already independently. While I don’t agree with this personally I have to admin there are many good reasons to do it. A lot depends on the details of the regulation and this guy is not a good source of opinion on it. I will try to read it and post a more reasonable take.
