Chat Control May Finally Be Dead: European Court Rules That Weakening Encryption Is Illegal!
tuta.com
In a legal blow, it looks like Chat Control may not roll out client-side scanning. A huge win for privacy advocates!

The EU Court ruled that “Backdoors may also be exploited by criminal networks and would seriously compromise the security of all users’ electronic communications. The Court takes note of the dangers of restricting encryption described by many experts in the field.” Any requirement to build in backdoors to encryption protocols for law enforcement agencies could also be taken advantage of by malicious actors.

The EU Court of Human Rights’ also builds on their acknowledgment that “mass surveillance does not appear to have contributed to the prevention of terrorist attacks, contrary to earlier assertions made by senior intelligence officials.”

As the EU Commision’s Chat Control Bill directly targets undermining secure end-to-end encryption, it now looks to be in trouble. In its current version, the Chat Control bill would require the scanning of content on your personal devices, including that which is sent via end-to-end encrypted messenger apps or encrypted email. At some point, providers would be required to either break this encryption to allow the scanning of content or scan content once it has been decrypted and is readable.

On February 13th, Europe received an early Valentine’s gift from the European Court of Human rights when they banned any laws that aims to weaken end-to-end encryption. This ruling is a major stumbling block for the EU Chat Control Bill, but does it really mean that Chat Control is dead? There are many reasons why Chat Control should never become law, we’ve collected the turn of events and steps you can take to help prevent this dangerous bill from ever being passed!

    • Natanael@slrpnk.net
      20·
      5 months ago

      E2EE doesn’t require servers to have access. See Matrix for federated messaging with encryption support

          • delirious_owl@discuss.online
            82·
            5 months ago

            We have less than 1 month left on the deadline. Which direction do you think this is going to go?

            Matrix bridges already do this. They take what would be e2ee and then decrypt the message and dump it into another app unencrypted. This is how legislators break encryption.

            • uis@lemm.ee
              2·
              5 months ago

              Obviously. For e2ee to function both clients should use same e2ee scheme. In theory you can e2ee matrix with xmpp, but in practice either matrix client should support xmpp message format or xmpp client should support matrix message format.

              Still better than nothing and you still get e2ee between matrix users anyway.

        • Flumpkin@slrpnk.net
          4·
          5 months ago

          I think the idea is that only the big platforms have to offer a protocol for interoperability You could always disable that in matrix or chat with someone on another chat protocol unencrypted.

          But the real advantage is that someone on those big chat apps can just switch to a different (more secure) app without loosing his contacts. Basically this should be a huge boost for open source and trustworthy messaging apps. At least from what I’ve read here:

          https://www.eff.org/deeplinks/2022/04/eu-digital-markets-acts-interoperability-rule-addresses-important-need-raises