EU vs. end-to-end encryption (E2EE)

[RickSanchez]

From Ars Technica:

“War upon end-to-end encryption”: EU wants Big Tech to scan private messages

Services may have to scan encrypted messages for child abuse images and grooming.

arstechnica.com

This would apply to people who use E2EE applications such as WhatsApp or ProtonMail. It also appears it could affect general web browsing, per the article by Bits of Freedom:

For example, the proposal will allow authorities to have access to certain URLs blocked. These could be specific pages, such as 'https://www.bitsoffreedom.nl/doneren', or specific images on that page. Nowadays, almost all websites are only accessible through a secure TLS connection (the "s" in "https://"). So is ours. When you visit the web page you're currently on, the connection between your browser and the server where the website is "stored", is encrypted. Because of that encryption, your provider can only tell you are visiting our website, but not which page or its contents. Your provider cannot see the full URL. And that means it is technically impossible to filter your internet as the European Commission would like providers to do. That is - unless we simply abolish encryption or expect providers to manipulate your internet traffic.

 

[threni]

From Ars Technica:

“War upon end-to-end encryption”: EU wants Big Tech to scan private messages

Services may have to scan encrypted messages for child abuse images and grooming.

arstechnica.com

This would apply to people who use E2EE applications such as WhatsApp or ProtonMail. It also appears it could affect general web browsing, per the article by Bits of Freedom:

The only question is how do they intend to deal with apps/systems such as Signal. Will they prevent them from being downloaded from app stores? Pull the source from the internet? Throw you in prison just for possessing it? Kind of tricky when there's no big for-profit org you can legally compel to insert secret back doors, censor etc. Sort of mildly interesting they've stopped using terrorism or drugs as the excuse.

 

[mansr]

The US tried to regulate encryption back in the 90s. It didn't work, and they ultimately gave up. It hasn't got any easier since then.

 

[Blumlein 88]

I've read the article, but short of banning the use of encryption I don't see how it can work. As the article says near the end, "Hey tech companies, do this impossible thing, and how you do it is up to you". Whole way encryption works prevents those companies from complying with the proposal. It would be like proposing automakers must produce cars that get infinite gas mileage.

 

[somebodyelse]

This week it's the EU, but similar proposals keep popping up in the US, UK, Aus etc, always framed as necessary to stop terrorists, child abuse, 'serious and organized crime' or whatever the suitable hot button topic of the day is. The price of freedom...

 

[JJB70]

Most politicians are generalists who rely on others to provide expertise on matters of the day. What is more worrying is that I find this is increasingly the case in government regulatory agencies who many assume to be highly competent in their fields.