The European Court of Human Rights yesterday banned a general weakeningof secure end-to-end encryption. The judgement argues that encryptionhelps citizens and companies to protect themselves against hacking,theft of identity and personal data, fraud and the unauthoriseddisclosure of confidential information. Backdoors could also beexploited by criminal networks and would seriously jeopardise thesecurity of all users' electronic […]
I’m violently against every attempt to try and weaken e2ee. In my mind doing so would be equivalent to telling people they’re no longer allowed to meet in private and have one on one discussions.
There’s just this one issue with this that causes some doubt for me. CSAM. Yes, think about the childer and so on, I know… This is however still a real issue that I have personally encountered multiple times. I use certain encrypted platforms to chat with strangers anonymously and there’s a significant userbase there spreading this content. And I don’t mean provocative instagram pics but the kind of content that leaves you with zero doubt about what you just saw.
Do we just accept this uncomfortable trade-off? Obviously there are other ways for these people to get caught aswell than monitoring their private discussions which in my mind is kind of even worse than what they’re doing (unless they’re creating that content aswell) but it’s just a fact that if the conversations truly are 100% secure then there’s nothing that’s going to stop this behaviour. I guess there’s nothing stopping them from meeting face to face and trading printed physical photos aswell but I don’t know… This feels different and I’m really struggling to figure out how I feel about that.
Do you really expect people that are involved with child pornography to go “Oh well, now that it’s forbidden to have private messaging I guess I will just stop looking at children, because the law is the law and I have to follow it.”?
These people know they are breaking the law and I can promise you this. They will find a way to privately exchange their shit while the rest of us now have even less privacy…
Encrypting files that can only be unencrypted by one other person is still a thing. Sure it’s not quite as convenient as it happening automatically in your chat app. However, anyone who thinks weakening e2ee in chat apps actually stops illegal actions occuring needs to think a bit more carefully.
Criminals will always find a way. Make a surveillance state, and they’ll just break the law and use encrypted communication anyway. Might even hide data in other data if necessary.
That said, I’d wager that there are quite a few of those communities hidden in plain and unencrypted sight (discord, fediverse, etc.), but they just keep it small enough to not be found (The ones on discord did get found out eventually, but probably just moved platform). So the question would aris: why do these exist when we apparently have the resources to monitor EVERYONE given the chance?
Best you can do is to report communities and places where it runs rampant to the relevant authorities. That’s much more efficient than the authorities having to make privacy-violating laws and crawl the net themselves.
Except that’s not really the trade-off. There will still be means to secure communication and people who have an incentive to do so will go the extra mile to make sure they won’t be spied upon.
But we’ve opened the another door to spy on the general population, because average Joe won’t care. Another big leap towards total control, total surveillance.
I’m violently against every attempt to try and weaken e2ee. In my mind doing so would be equivalent to telling people they’re no longer allowed to meet in private and have one on one discussions.
There’s just this one issue with this that causes some doubt for me. CSAM. Yes, think about the childer and so on, I know… This is however still a real issue that I have personally encountered multiple times. I use certain encrypted platforms to chat with strangers anonymously and there’s a significant userbase there spreading this content. And I don’t mean provocative instagram pics but the kind of content that leaves you with zero doubt about what you just saw.
Do we just accept this uncomfortable trade-off? Obviously there are other ways for these people to get caught aswell than monitoring their private discussions which in my mind is kind of even worse than what they’re doing (unless they’re creating that content aswell) but it’s just a fact that if the conversations truly are 100% secure then there’s nothing that’s going to stop this behaviour. I guess there’s nothing stopping them from meeting face to face and trading printed physical photos aswell but I don’t know… This feels different and I’m really struggling to figure out how I feel about that.
This argument always bothers me.
Do you really expect people that are involved with child pornography to go “Oh well, now that it’s forbidden to have private messaging I guess I will just stop looking at children, because the law is the law and I have to follow it.”?
These people know they are breaking the law and I can promise you this. They will find a way to privately exchange their shit while the rest of us now have even less privacy…
Encrypting files that can only be unencrypted by one other person is still a thing. Sure it’s not quite as convenient as it happening automatically in your chat app. However, anyone who thinks weakening e2ee in chat apps actually stops illegal actions occuring needs to think a bit more carefully.
Criminals will always find a way. Make a surveillance state, and they’ll just break the law and use encrypted communication anyway. Might even hide data in other data if necessary.
That said, I’d wager that there are quite a few of those communities hidden in plain and unencrypted sight (discord, fediverse, etc.), but they just keep it small enough to not be found (The ones on discord did get found out eventually, but probably just moved platform). So the question would aris: why do these exist when we apparently have the resources to monitor EVERYONE given the chance?
Best you can do is to report communities and places where it runs rampant to the relevant authorities. That’s much more efficient than the authorities having to make privacy-violating laws and crawl the net themselves.
Except that’s not really the trade-off. There will still be means to secure communication and people who have an incentive to do so will go the extra mile to make sure they won’t be spied upon.
But we’ve opened
theanother door to spy on the general population, because average Joe won’t care. Another big leap towards total control, total surveillance.