Between a surveillance state where every communication is siphoned up, fed to LLMs, and used to target random people not already under suspicion... and a world where at the very least there needs to be some documented/auditable/accountable/whistle-blowable process of identifying an individual target and serving, say, a warrant to a third-party chat company... the second world has something of a "damping function" that slows the acceleration of authoritarianism. While far from ideal, it's better than the first option, which ChatControl was laying the groundwork for.
We are not obligated to choose a "lesser of two evils" here. We should reject both.
I really appreciate Signal's public responses to warrants ("sure, here's all the information we have, by design we don't have anything important"). https://signal.org/bigbrother/
By way of example, if there's a backdoor key, it can be stolen or misused. Witness the many examples of companies that collect too much data and have that data stolen, and many examples of police departments abusing police databases for personal stalking and similar misuses.
Any other backdoor mechanism can similarly be breached or misused. There is no such thing as a backdoor that can only be used for what it is "supposed" to be used for.
Depending on the level of security you need, there are any number of steps people could take or the industry as a whole could take:
- Don't allow remotely installing things on a device, only doing so with physical presence on the device.
- Have "binary transparency" mechanisms to make sure that you're seeing the same binary everyone else is, and you're not getting served a special backdoored version nobody else sees. (This doesn't prevent global backdoors, of course, but those are more likely to get caught.)
- Relatedly, have multiple independent app stores in different jurisdictions, and make sure they are serving identical binaries. That ensures no one jurisdiction can surreptitiously demand and enforce a backdoor.
- Have signatures from the original app author that can be verified, and ensure that intermediaries (e.g. "app stores") can add signatures but can't add anything to the package that's not covered by the original signature. That reduces the number of parties you have to trust.
- In an ideal world, only install Open Source software that's reviewed and subject to multiple independent reproducible builds.
> In high security settings, just don't allow devices in.
That's appropriate for a SCIF, not for someone's day-to-day life.
> Also, democratically authorized state actors have a valid role to play in liberal democracies.
They still don't get to have backdoors into everyone's device.
Also, many many events throughout history should demonstrate that "democratically authorized" is in fact laughably bad at curtailing abuses of power, and not a substitute for a sacrosanct right to privacy that's systematically enforced through both legal and technical means.
Make devices secure. When people tell you to make them insecure, refuse.
Not sure why why we are talking about everyone's device now or even a backdoor as such if it might even need access to the device to interfere with it? (My initial post wasn't about mass surveillance.)
If you look at history, not sure why technical measures would offer much protection against violence based approaches against privacy, though.
When you said "If you can install stuff on the device, how could you protect against it?", that sounded like it was talking about how a device that can have new software installed onto it can have a backdoor for later use installed onto it, and that led into a discussion about how to protect against that.
Were you instead saying "on a device you have control over, how can you protect yourself against that?". Or something else?
> If you look at history, not sure why technical measures would offer much protection against violence based approaches against privacy, though.
They can at a minimal level (e.g. steganography, duress passwords), but yes, ultimately there is little you can do against someone threatening you personally with harm.
Sorry, I meant it as in someone else installing surveillance on a device/bugging it, not as in installing something with a backdoor for some possible later use, i.e., targeted surveillance of a specific device under a warrant etc. So something which can have a lot more effort per device involved, potentially access to it, and not some broad-based thing.
And, yes, there can be a debate if such warrants are desirable etc., but I think it's quite different from broad-based backdoors for potential mass surveillance etc. and liberal democracies can decide to have such tools available.
Ah, got it! Sorry for us talking past each other there, then.
I think part of what I was suggesting still applies there: if you can't install things remotely, and you have oversight to ensure that any backdoor applied to you has to have been sent to everyone (which provides a measure of security), then what's left is physical control of the device. For instance, keeping the device in your possession, locking it down against peripherals...
That can't prevent you from being physically coerced, but it provides a lot of security in every other case. And if things have devolved to the point of you being physically coerced then you have much worse problems.
Too vague. More like surveillance of telecommunications at the source (by means of trojaning the source/device, or using existing backdoors at whichever layer of the stack).
The "second" world is now western civilization. People in government need to get paid, so if the state isn't paying them, then you have a defacto free society. When the state pays poorly, it aligns the incentives of the people and the government. It is the best form of government, and I am glad to live somewhere where the rule of law extends to all, and not just the elites.
Recently in the country I live some people from interpol accidentally withdrew a red notice, after initial prosecution, the prosecutor realized several mistakes were made and documents lost, so as a country with the rule of law, the prosecution withdrew the charges as there was insufficient evidence, compare and constrast with a corrupt country like Canada where the attorney general was fired for wanting to prosecute a company that had bribed Momar Ghaddaffi with 2 million dollars. Worse yet, they spread their culture of corruption through out the world instead of keeping it at home.
As an aside, “suspicionless” is a bad translation of what would correctly translate to “without cause”.
I agree that there shouldn’t be a backdoor by default. But, for example, planting a modified app update with backdoor on the device of a suspected high-risk felon, based on a court warrant, is something that can be more reasonably debated.
Court warrants aren't reliable, at least in Germany. Until that is fixed, which is quite important, there is not reason to allow something like chat control.
There are other channels for investigations that are enough, chat control introduces less security that we would gain (if there even is any gain).
> I agree that there shouldn’t be a backdoor by default. But, for example, planting a modified app update with backdoor on the device of a suspected high-risk felon, based on a court warrant, is something that can be more reasonably debated.
Sure. And on the flipside, given the many ways such a capability is a security risk and an abusable backdoor itself, it's something to develop additional technical safeguards against, such as Binary Transparency to verify that everyone's getting the same binaries.
That's active surveillance and wiretapping, and is not a backdoor.
Backdoors are unacceptable 100% of the time, and should never be legal.
A backdoor is a lazy power grab that is either supported in ignorance by technically illiterate useful idiots or supported in full knowledge of the intended partisan abuses of basic civil liberties.
Hacking a criminal's phone with compromised software, and/or intercepting their voice & data, is not a backdoor. Backdoors mandate a violation of informed consent, and as such, should be criminalized without exception.
There's no place for backdoors in civilized societies.
Agreed. Some people say “I don’t have anything to hide”, but the actual fact is they don’t have anyone to hide from. It just takes one election, or a couple of years of political distress leading to a coup and you can find yourself on the other side from the government. You might find that the “normal” things “everyone” believes aren’t so well tolerated anymore, and things like laws turn out to be a little less powerful than you were promised. Once the infrastructure is built out, it’ll turn out the bad guys are perfectly capable of using it to suit their needs.
Many consumer devices can be selectively targeted for updates. The entities that control the update servers are controlled by the states that they are a part of. People seem to have forgotten that companies once felt the need to invent warrant canaries to warn when they had received non-public court orders. Presumably they can also be forced not to remove the warrant canary.
Edit: My first read had me interpret backdoor as any undetected means of gaining access to a device/system. I have updated by definition to mean using a flaw in the system left intentionally to gain access. This somewhat negates the need for my previous comment, but I'll leave this for illustrative purposes.
Good call, it is a weasel argument. Our current government coalition in Germany that is "against" it for publicity reasons use the exact same terminology. It just postpones the chat control issue though.
Slamming the door and making noise here is the way to go because your officials are dishonest about their intentions.
Backdooring isn't OK because by definition you cannot selectively backdoor someone's phone, you need to have it backdoored by default to exploit it later, which is obviously terrible.
Wiretaping a suspect's phone on the other hand is a fine (and often necessary) police operation, as long as it must be approved by an independent magistrate.
"Suspicionless" is poor translation of "Anlasslose" which would more appropriately translated as "unfounded" in order to convey the uncommitted nature of "anlasslose". "Anlass" in this context is literally "reasons".
Because the language is far clearer in the US, you would and do hear "warrantless" being used in both the legal and general sense when it comes to these topics, but translating "Anlasslos" as "warrantless" would imply far too much confidence than is given.
"Unfounded" also reflects the weak perspective on hard boundaries of law and limitations on the state that simply do not exist in Germany and effectively all of Europe in the way that they do in the USA as de facto immovable law of the Constitution. "Anlasslos" implies a mental framework and conception that defers your rights (free speech in this case) to the subjective judgement of various people like politicians, judges, technocrats, bureaucrats, regulators, police officers, etc., i.e., someone does not like your speech so they will monitor your communication with our grandma for the abusive and narcissistic, manipulative concept of "hate speech", aka. "speech I hate".
"Learn GPG" is neither a useful nor a correct recommendation for people concerned about security; if you believe the device is backdoored, GPG will not save you, nor will anything else.
I've read up on this in the context of potentially backdoored CPUs and there is fundamentally no way. You don't need to trust the router (as you say: a device that just relays data can have all the backdoors you want, thanks to asymmetric cryptography enabling E2EE), but the scenario is that your own device has software from law enforcement on it
In which case, the best you can do is use an obscure method that the attacker is unprepared for. If they've hijacked the AES CPU operation to store the key and include it in the output for a later syscall like when writing the output file, but you unexpectedly use some funky experimental cipher, you'd be lucky until they push an update. The device has a mandatory backdoor after all, so govt can also decide what new code it needs to run now, perhaps under the guise of detecting more situations of terroristic content or whatnot. There's no winning that game except through obscurity, and I presume everyone has heard about how reliable security through obscurity is
He's referring to doing something like using a compromised device to take a photograph of the ciphertext made on a different device or something like that.
You must assume it is backdoored. Cell [smart] phones are the greatest surveillance network the government has ever created.
But, you can use that against them. Your phone doesn't have to always be with you. You can be where you are, and you phone's location can be hundres of miles away.
Current smartphones are already more careful about cell modems than they used to be. And in an ideal world, cell modems would have even less information than they do, and could be (and should be) powered off by the phone until needed.
Imagine an architecture in which you had a pervasive cellular data connection that was intentionally uncorrelated with any identifying information, the way wifi is.
Right now, the only legitimate reason cell networks have to identify specific devices to users is for billing, and for PSTN. The latter could be made utterly irrelevant with VoIP. The former could be solved in various ways, either by making it a public good, or by integrating anonymous payment mechanisms for a "session". Then, we could just have pervasive data connections.
To some extent I agree, but if the modem is off how long latency is acceptable for inbound messages? I suppose a low bandwidth broadcast "user 0x76abc937* has a new message" could work. Devices would filter out broadcasts that don't concern them.
* Ideally the user id should be used only once and derived from some pre-shared secret.
First, in a case closer to the current world, I'm just suggesting that disabling the cell modem should power it off so it can't do any kind of location or tracking.
Second, in a more ideal world, the concept of "data connection" would be entirely separate from any identity attached to a phone or text message, and you could handle the latter via whatever connection you have, whether a cell data connection or wifi or something else.
Good for Germany and the EU, but how (or why) is the rule of law supposed to make it a taboo? Is it thrown in just to sound nicer, or did they skip a few steps in the reasoning?
I heard "rule of law" being used to justify roughly the opposite (Russian laws, including mass surveillance and censorship), and neither that was clear; apparently it worked simply as an universal justification.
The usual definition is that there are written laws that apply to everyone equally, as opposed to a rule by decree and some kind of tyranny, and the laws do not change too often, are not made for particular occasions (so they do not turn into decrees effectively). So I'd think "suspicionless" -- that is, universal -- sounds closer to it, rather than selective/arbitrary surveillance on a suspicion. Unless such suspicion is at least decided by a court, without rubber-stamping.
This kind of mass surveillance is already illegal in Germany, and had Germany voted yes, it would have meant that politicians act against the law, which would be the opposite of the rule of law.
I don't think out constitution is fit to protect against much. It doesn't against home searches for example. Don't call a public official a dick.
For surveillance there just has to be the most benign reason to do it anyway as well.
It is not a strong constitution like the US has and the last decade proved that point. Also the frequency with legislative proposals contradicting the constitution, it doesn't seem to be respected much.
> Good for Germany and the EU, but how (or why) is the rule of law supposed to make it a taboo? Is it thrown in just to sound nicer, or did they skip a few steps in the reasoning?
Don't thank Germany too early. The only reason they changed their tune is because a massive number of people reached out to the government representatives in the last few days/weeks.
Without that, it would have gone through.
Case and point, you can look at the timeline of each country's position on https://fightchatcontrol.eu and you will see that Germany went from opposing to undecided to opposing again.
This is the sad state of affairs today. Privacy and rule of law have nothing to do with it.
I personally reached out to many German MEPs and the only ones who bothered to respond and were against CC were from the AFD. Make of that what you will.
> Don't thank Germany too early. The only reason they changed their tune is because a massive number of people reached out to the government representatives in the last few days/weeks.
The rule of law establishes, first of all, that the Law does not distinguish any kind of person from another. This is why in order to have a true Rule of Law, the three powers (Legislative, Executive, and Judiciary) must be truly separated.
Decrees are exactly one way to subvert it: the executive acts as the legislative.
Also, in tyrannies (vid. Venezuela, Iran, etc.), the Judiciary is a slave to the executive.
The rule of law states, first of all, that people in Government are subject to the same laws as any other citizen.
It is obviously an unreachable optimum (like true "democracy" is), but that is the basic principle. Not that "Laws" govern the place.
Chat Control (and see especially the Danish Minister who said "common citizens should not expect to be able to use cryptography" or words to that effect) is suspicious under the rule of law because it differentiates ipso iure between "ordinary citizens" and "the executive".
Edit: whether you agree with him or not, reading "The road to serfdom" should enlighten you a lot about this topic.
What is "nope" about? I understand "people in Government are subject to the same laws as any other citizen" to mean the same as "written laws that apply to everyone equally". The sort of thing Aristotle and Locke advocated for.
As for the separation of powers, it is a related concept, but still a distinct one; not sure if bringing it up helps here.
Added "The Road to Serfdom" into my book queue, thanks for the suggestion.
> Such laws cannot be enforced. Enforcement can only be arbitrary.
I am against criminalizing cryptography and largely agree about it being infeasible given the extent of proliferation and ease of replicating it/am playing devil's advocate:
Laws banning math related to manufacturing nuclear weapons can and has been enforced. It's important to take legal threats like ChatControl seriously and not just dismiss it as absurd/unenforceable overreach, even if that's likely true.
Banning math in relation to nuclear weapons was typically very specific and most often involved hardware export controls.
The key note with what the previous poster said was 'arbitrary', meaning the laws will end up a nonsensical mess because the maths have huge amount of industrial, commercial, and personal uses and suddenly one range of use is banned leads to situation where law enforcement tends to go after particular groups for who they are, not what they've done.
Tech companies can certainly be forced to build surveillance into their chat applications and operating systems. This doesn't have to be about backdooring crypto.
> Enforcement can only be arbitrary.
Sure, but it would be forced upon the vast majority of the population. Tech-savvy people will find ways to circumvent it, so will criminals, but that doesn't make mass surveillance of all others any less scary.
I also think the public generally doesn't understand much of cryptography. It's thought of as some sort of dark art. And to be reliant on computers. But some dice and basic arithmetic will suffice -- though you still shouldn't roll your own crypto system.
It more or less a constitution. It is not effective though. It proposes your home is protected against state access, but that privilege is lost if you call a public official a dick.
Such a constitution is empirically useless. No constitution is perfect, but the US one is probably still more or less the top spot.
How do you make sure that "suspicion based" Chat Control can't be exploited? All client side scanning must be explicitly banned. The EU had an opportunity to do just that with their AI Act.
You lose some civil rights when you decide to become a criminal (or join the Army). ;-) One of the things courts are allowed to do to a criminal is force them to wear a GPS tracker on their ankle, as a method of enforcing that they are not within some distance of an elementary school. It would not be so different to force them to install software on their phone, and the analogy to forcing everyone to wear a GPS tracker is clear. Your civil rights include not being told where to go, something you also lose as a criminal (or a soldier, obviously). It is how civil rights work in our society. Authoritarians want to turn everyone into criminals or permanent soldiers.
That would require trust in the same governments that try to pass this mass surveillance law again and again. Needless to say I don't share that trust.
You have to trust something though. There are people out to get you - maybe not you personally, but there are evil people. We need to handle criminals, letting them go free isn't not a good answer.
You seem to be saying that letting them go free is the best answer we have. This may be correct - it is something we as society need to debate in great depth. However it still isn't a good answer.
Yes, we should be willing to accept a certain level of crime if it means privacy and security for hundreds of millions of regular people. Even more so when their cure is worse than the disease.
Note that other threads in this post have said "with a warrant" which is different from general lack of privacy. These are things we need to debate as a society and it means understanding details not making two sentences on a discussion board with less than 15 minutes of thought... (I of course have no idea how much thought you may have put into this before this topic came up, I only see the time stamps on our comments... This is why I hate debates - you don't have time to make a well thought response to something new and so you can lose to a bad idea if you don't come up with the right counter)
We would need massive improvement of these mechanisms with secondary audits to even consider that. Because in reality these mechanisms are broken as well. Fixing that first is a necessary requirement.
Currently there is simply no capacity for warrants to be seriously vetted. Hence they become arbitrary.
> Note that other threads in this post have said "with a warrant"
I think there's some confusion and people talking past each other there.
With a warrant, LE can extract messages from devices, request and receive data dumps from service providers, and attempt to crack encrypted data. In many places they can also insert backdoors (server or client side) with a warrant. We see some people pointing this out as being sufficient.
This is different from every device and citizen (except politicians) preemtively having their devices backdoored with access granted after a warrant (which you seem to be arguing for). Most of us agree that this is unacceptable and is already unconstitutional in several EU countries.
I don't understand where the obligation to trust something, aside from the intended recipient, with my private communications comes from. It seems to me there is no such obligation and giving into surveillance is not a requirement, but a choice, and a poor one in my opinion.
There are hundreds of options. Some are imaginary, some are very real. The real ones often feel imaginary until they affect you (or someone close to you) and suddenly you realize how real they are.
Any backdoor fundamentally breaks the promise of any end-to-end encryption.
This isn't a problem of process like requiring warrants and just cause. Even if said process is designed to be perfect and is executed flawlessly, it is still hinged on a fundamental breakage of the security model a given chat software is built on. If a trusted government has a magic password that can read anybody's encrypted text messages, then it must be assumed more nefarious actors can figure out that password and use it themselves.
It creates a single point of failure that would compromise literally everyone.
A lot of negative comments here, many of which I agree with, but Germany opposing this is a net-good thing given how influential they are within the EU.
Surveillance is the occupation of the mental space and results in modification of behavior. Default mass surveillance, or in other words suspicionless surveillance, then leads to the end of mental sovereignty and, therefore, freedom.
That is not a state governed by rule of law, but instead, a peoples being ruled by the power of surveillance.
Never seems to matter how many horror stories are written or have actually happened regarding totalitarian states, people just seem drawn to them, like they can't help themselves.
What absurd news to be hearing in 2025, that "western liberal democracy" states are discussing whether to have the power to listen in on everyone's conversations - something Nazi Germany and Stalinist Russia could have only dreamed of.
Keep up the pressure. Write to your representatives. Write and inform the public. Never think somebody else will do it for you. Vote for the right party.
You will not find perfection, but Canada, anything in EU, Japan, the US, New Zealand all come to mind (and several more that I am not confident I can spell) as places where rule of law happens. Countries like Brazil and India probably belong on the list despite some faults.
The EU varies a lot. However they do have some standards and so even the worse is pretty good on the world stage. (Though Romania is not the only country in the EU with issues, and so if I was to list all countries you would probably be closer to Brazil - but understand I'm don't have much insight into the state of your country)
The "rule of law" like the "rules-based order" in geopolitics, in the net result. is a facade for the rule of the powerful who are usually corporations and oligarchs whom are protected by the gov because they control the politicians. We all heard about the E[stein files, and who is being protected. And we heard about the pedophile who was arrested in Las Vegas then allowed to flee. We all know that the law does not apply if you hold power. It's all about power.
I am an information totalist. The web/world would be a better place if ALL information was free and available to all. You could actually make informed decisions for yourself without being played by anyone.
Until the state itself makes an informed decision on you, based on you religion, political ideas etc, and you are no longer free to make any decision any more, informed or not.
But more than that, even if you had all the information available, it will still be drowned in order of magnitudes higher amounts of counterfeit information, propaganda, lies.
I'm not making it personal. In general, people who believe that all private information should be shared are free to make that decision for their data but not other people's data.
I can agree that this is interesting as a thought experiment, and indeed could form an amazing foundation for an ambitious work of fiction. But the only way to bring about such a world IRL would be by force, meaning that many people in such a society would perceive it as a highly oppressive state.
To get the paradigm shift you're after, and a collective consciousness, you'd have to have buy-in from every member of such a society, and to raise children in the same principles. Perhaps it could be a civilization on an island, or the founding principle of a generational starship or something.
One of the founders of the United States Thomas Jefferson was a pretty big encryption enthusiast. He invented[0] his own disk cipher that is on display in the National Museum of Cryptography. The concept of Americans sending encrypted messages had been normalized since before the United States existed. People have always been able to send each other handwritten letters securely encrypted with OTP's / etc.
I think you are mixing two separate things: rule of law vs privacy.
Sure, we didn’t have encrypted communication a couple decades ago, but we did have an expectation of privacy: letters, phone calls, even in-person conversations.
Encryption is just the modern way of preserving that same right in a digital context.
This comment is an irrelevant distraction. Why should the feelings of Chinese citizens have any relevance for a discussion of the democratic values of EU policy? China is a de facto a dictatorship. Xi Jinping's thoughts have been made part of the Chinese constitution.
People in China have every packet inspected and injected with a malicious payload if it doesnt suit their government. They may get a knock at the door if they say something bad. It also restricts free access to information.
China is a country with a population of 1.4 billion people. Where is their Stasi to enforce this surveillance state?
Many people use VPNs and use overseas services. The primary purpose of the "Great Firewall" appears to be erecting a technological barrier to entry, protecting the culture of average people who don't require that sort of access for business.
If ICE is going over everything I post online to see if I'm making fun of Trump and I'm gonna get a visit for not being white enough, I'm not sure we're not also on the way to being oppressed.
Referring to "suspicion" at all here is a distraction that suggests it would somehow be okay in other circumstances.
There must not be a way to backdoor user devices, under any circumstances.
Between a surveillance state where every communication is siphoned up, fed to LLMs, and used to target random people not already under suspicion... and a world where at the very least there needs to be some documented/auditable/accountable/whistle-blowable process of identifying an individual target and serving, say, a warrant to a third-party chat company... the second world has something of a "damping function" that slows the acceleration of authoritarianism. While far from ideal, it's better than the first option, which ChatControl was laying the groundwork for.
Remember, that German government made an attempt to secretely wiretap Jabber.ru XMPP node without any legal basis: https://www.devever.net/~hl/xmpp-incident
We are not obligated to choose a "lesser of two evils" here. We should reject both.
I really appreciate Signal's public responses to warrants ("sure, here's all the information we have, by design we don't have anything important"). https://signal.org/bigbrother/
I think, there are warrants to put surveillance software on a device under certain circumstances (in Germany, Quellen TKÜ).
Anywhere that a warrant could be used to do something, you can be certain that someone is doing that same thing without the warrant.
The method that works is to make it technically or practically impossible.
> The method that works is to make it technically or practically impossible.
The only way is to avoid the jurisdiction altogether then, because any app can be remotely updated to disable encryption…
Disable automatic remote updates. These should never have been a thing.
How much do you trust the button that says to disallow automatic updates then?
Why? How?
By way of example, if there's a backdoor key, it can be stolen or misused. Witness the many examples of companies that collect too much data and have that data stolen, and many examples of police departments abusing police databases for personal stalking and similar misuses.
Any other backdoor mechanism can similarly be breached or misused. There is no such thing as a backdoor that can only be used for what it is "supposed" to be used for.
If you can install stuff on the device, how could you protect against it?
Depending on the level of security you need, there are any number of steps people could take or the industry as a whole could take:
- Don't allow remotely installing things on a device, only doing so with physical presence on the device.
- Have "binary transparency" mechanisms to make sure that you're seeing the same binary everyone else is, and you're not getting served a special backdoored version nobody else sees. (This doesn't prevent global backdoors, of course, but those are more likely to get caught.)
- Relatedly, have multiple independent app stores in different jurisdictions, and make sure they are serving identical binaries. That ensures no one jurisdiction can surreptitiously demand and enforce a backdoor.
- Have signatures from the original app author that can be verified, and ensure that intermediaries (e.g. "app stores") can add signatures but can't add anything to the package that's not covered by the original signature. That reduces the number of parties you have to trust.
- In an ideal world, only install Open Source software that's reviewed and subject to multiple independent reproducible builds.
In high security settings, just don't allow devices in.
Also, democratically authorized state actors have a valid role to play in liberal democracies.
> In high security settings, just don't allow devices in.
That's appropriate for a SCIF, not for someone's day-to-day life.
> Also, democratically authorized state actors have a valid role to play in liberal democracies.
They still don't get to have backdoors into everyone's device.
Also, many many events throughout history should demonstrate that "democratically authorized" is in fact laughably bad at curtailing abuses of power, and not a substitute for a sacrosanct right to privacy that's systematically enforced through both legal and technical means.
Make devices secure. When people tell you to make them insecure, refuse.
Not sure why why we are talking about everyone's device now or even a backdoor as such if it might even need access to the device to interfere with it? (My initial post wasn't about mass surveillance.)
If you look at history, not sure why technical measures would offer much protection against violence based approaches against privacy, though.
> My initial post wasn't about mass surveillance.
When you said "If you can install stuff on the device, how could you protect against it?", that sounded like it was talking about how a device that can have new software installed onto it can have a backdoor for later use installed onto it, and that led into a discussion about how to protect against that.
Were you instead saying "on a device you have control over, how can you protect yourself against that?". Or something else?
> If you look at history, not sure why technical measures would offer much protection against violence based approaches against privacy, though.
They can at a minimal level (e.g. steganography, duress passwords), but yes, ultimately there is little you can do against someone threatening you personally with harm.
Sorry, I meant it as in someone else installing surveillance on a device/bugging it, not as in installing something with a backdoor for some possible later use, i.e., targeted surveillance of a specific device under a warrant etc. So something which can have a lot more effort per device involved, potentially access to it, and not some broad-based thing.
And, yes, there can be a debate if such warrants are desirable etc., but I think it's quite different from broad-based backdoors for potential mass surveillance etc. and liberal democracies can decide to have such tools available.
Ah, got it! Sorry for us talking past each other there, then.
I think part of what I was suggesting still applies there: if you can't install things remotely, and you have oversight to ensure that any backdoor applied to you has to have been sent to everyone (which provides a measure of security), then what's left is physical control of the device. For instance, keeping the device in your possession, locking it down against peripherals...
That can't prevent you from being physically coerced, but it provides a lot of security in every other case. And if things have devolved to the point of you being physically coerced then you have much worse problems.
What does Quellen TKU mean?
Something like source telecommunication surveillance
Too vague. More like surveillance of telecommunications at the source (by means of trojaning the source/device, or using existing backdoors at whichever layer of the stack).
https://de.wikipedia.org/wiki/Telekommunikations%C3%BCberwac...
https://bundesverfassungsgericht.de/SharedDocs/Pressemitteil...
https://www.bka.de/DE/UnsereAufgaben/Ermittlungsunterstuetzu...
The "second" world is now western civilization. People in government need to get paid, so if the state isn't paying them, then you have a defacto free society. When the state pays poorly, it aligns the incentives of the people and the government. It is the best form of government, and I am glad to live somewhere where the rule of law extends to all, and not just the elites.
Recently in the country I live some people from interpol accidentally withdrew a red notice, after initial prosecution, the prosecutor realized several mistakes were made and documents lost, so as a country with the rule of law, the prosecution withdrew the charges as there was insufficient evidence, compare and constrast with a corrupt country like Canada where the attorney general was fired for wanting to prosecute a company that had bribed Momar Ghaddaffi with 2 million dollars. Worse yet, they spread their culture of corruption through out the world instead of keeping it at home.
As an aside, “suspicionless” is a bad translation of what would correctly translate to “without cause”.
I agree that there shouldn’t be a backdoor by default. But, for example, planting a modified app update with backdoor on the device of a suspected high-risk felon, based on a court warrant, is something that can be more reasonably debated.
Court warrants aren't reliable, at least in Germany. Until that is fixed, which is quite important, there is not reason to allow something like chat control.
There are other channels for investigations that are enough, chat control introduces less security that we would gain (if there even is any gain).
> I agree that there shouldn’t be a backdoor by default. But, for example, planting a modified app update with backdoor on the device of a suspected high-risk felon, based on a court warrant, is something that can be more reasonably debated.
Sure. And on the flipside, given the many ways such a capability is a security risk and an abusable backdoor itself, it's something to develop additional technical safeguards against, such as Binary Transparency to verify that everyone's getting the same binaries.
That's active surveillance and wiretapping, and is not a backdoor.
Backdoors are unacceptable 100% of the time, and should never be legal.
A backdoor is a lazy power grab that is either supported in ignorance by technically illiterate useful idiots or supported in full knowledge of the intended partisan abuses of basic civil liberties.
Hacking a criminal's phone with compromised software, and/or intercepting their voice & data, is not a backdoor. Backdoors mandate a violation of informed consent, and as such, should be criminalized without exception.
There's no place for backdoors in civilized societies.
Agreed. Some people say “I don’t have anything to hide”, but the actual fact is they don’t have anyone to hide from. It just takes one election, or a couple of years of political distress leading to a coup and you can find yourself on the other side from the government. You might find that the “normal” things “everyone” believes aren’t so well tolerated anymore, and things like laws turn out to be a little less powerful than you were promised. Once the infrastructure is built out, it’ll turn out the bad guys are perfectly capable of using it to suit their needs.
Many consumer devices can be selectively targeted for updates. The entities that control the update servers are controlled by the states that they are a part of. People seem to have forgotten that companies once felt the need to invent warrant canaries to warn when they had received non-public court orders. Presumably they can also be forced not to remove the warrant canary.
Edit: My first read had me interpret backdoor as any undetected means of gaining access to a device/system. I have updated by definition to mean using a flaw in the system left intentionally to gain access. This somewhat negates the need for my previous comment, but I'll leave this for illustrative purposes.
Exactly, and "suspicion" is a slippery slope, it can and will be defined so vague to become a useless restriction.
Good call, it is a weasel argument. Our current government coalition in Germany that is "against" it for publicity reasons use the exact same terminology. It just postpones the chat control issue though.
Slamming the door and making noise here is the way to go because your officials are dishonest about their intentions.
Electronic communications surveillance shall be governed by the same rules that apply to the post.
And as you are free to exchange unintelligible information through the post, you are free to exchange unintelligible information electronically.
Backdooring isn't OK because by definition you cannot selectively backdoor someone's phone, you need to have it backdoored by default to exploit it later, which is obviously terrible.
Wiretaping a suspect's phone on the other hand is a fine (and often necessary) police operation, as long as it must be approved by an independent magistrate.
"Suspicionless" is poor translation of "Anlasslose" which would more appropriately translated as "unfounded" in order to convey the uncommitted nature of "anlasslose". "Anlass" in this context is literally "reasons".
Because the language is far clearer in the US, you would and do hear "warrantless" being used in both the legal and general sense when it comes to these topics, but translating "Anlasslos" as "warrantless" would imply far too much confidence than is given.
"Unfounded" also reflects the weak perspective on hard boundaries of law and limitations on the state that simply do not exist in Germany and effectively all of Europe in the way that they do in the USA as de facto immovable law of the Constitution. "Anlasslos" implies a mental framework and conception that defers your rights (free speech in this case) to the subjective judgement of various people like politicians, judges, technocrats, bureaucrats, regulators, police officers, etc., i.e., someone does not like your speech so they will monitor your communication with our grandma for the abusive and narcissistic, manipulative concept of "hate speech", aka. "speech I hate".
[dead]
The "device" is backdoored. People must be responsible for their own security. Sad, but true. Learn GPG people.
"Learn GPG" is neither a useful nor a correct recommendation for people concerned about security; if you believe the device is backdoored, GPG will not save you, nor will anything else.
A backdoored device can transmit secure comms, if the encryption is performed on a protected device.
I've read up on this in the context of potentially backdoored CPUs and there is fundamentally no way. You don't need to trust the router (as you say: a device that just relays data can have all the backdoors you want, thanks to asymmetric cryptography enabling E2EE), but the scenario is that your own device has software from law enforcement on it
In which case, the best you can do is use an obscure method that the attacker is unprepared for. If they've hijacked the AES CPU operation to store the key and include it in the output for a later syscall like when writing the output file, but you unexpectedly use some funky experimental cipher, you'd be lucky until they push an update. The device has a mandatory backdoor after all, so govt can also decide what new code it needs to run now, perhaps under the guise of detecting more situations of terroristic content or whatnot. There's no winning that game except through obscurity, and I presume everyone has heard about how reliable security through obscurity is
He's referring to doing something like using a compromised device to take a photograph of the ciphertext made on a different device or something like that.
If the device is already backdoored all hope is lost. The device can exfiltrate your private key and the password.
You must assume it is backdoored. Cell [smart] phones are the greatest surveillance network the government has ever created.
But, you can use that against them. Your phone doesn't have to always be with you. You can be where you are, and you phone's location can be hundres of miles away.
Use it to your advantage.... They do.
Current smartphones are already more careful about cell modems than they used to be. And in an ideal world, cell modems would have even less information than they do, and could be (and should be) powered off by the phone until needed.
Imagine an architecture in which you had a pervasive cellular data connection that was intentionally uncorrelated with any identifying information, the way wifi is.
Right now, the only legitimate reason cell networks have to identify specific devices to users is for billing, and for PSTN. The latter could be made utterly irrelevant with VoIP. The former could be solved in various ways, either by making it a public good, or by integrating anonymous payment mechanisms for a "session". Then, we could just have pervasive data connections.
To some extent I agree, but if the modem is off how long latency is acceptable for inbound messages? I suppose a low bandwidth broadcast "user 0x76abc937* has a new message" could work. Devices would filter out broadcasts that don't concern them.
* Ideally the user id should be used only once and derived from some pre-shared secret.
I'm talking about two different cases here.
First, in a case closer to the current world, I'm just suggesting that disabling the cell modem should power it off so it can't do any kind of location or tracking.
Second, in a more ideal world, the concept of "data connection" would be entirely separate from any identity attached to a phone or text message, and you could handle the latter via whatever connection you have, whether a cell data connection or wifi or something else.
True, but government is not a monolith.
Good for Germany and the EU, but how (or why) is the rule of law supposed to make it a taboo? Is it thrown in just to sound nicer, or did they skip a few steps in the reasoning?
I heard "rule of law" being used to justify roughly the opposite (Russian laws, including mass surveillance and censorship), and neither that was clear; apparently it worked simply as an universal justification.
The usual definition is that there are written laws that apply to everyone equally, as opposed to a rule by decree and some kind of tyranny, and the laws do not change too often, are not made for particular occasions (so they do not turn into decrees effectively). So I'd think "suspicionless" -- that is, universal -- sounds closer to it, rather than selective/arbitrary surveillance on a suspicion. Unless such suspicion is at least decided by a court, without rubber-stamping.
> how (or why) is the rule of law supposed to make it a taboo?
I'd assume because this means someone has to be officially suspected of a crime, rather than being targeted just because someone didn't like them?
This kind of mass surveillance is already illegal in Germany, and had Germany voted yes, it would have meant that politicians act against the law, which would be the opposite of the rule of law.
I don't think out constitution is fit to protect against much. It doesn't against home searches for example. Don't call a public official a dick.
For surveillance there just has to be the most benign reason to do it anyway as well.
It is not a strong constitution like the US has and the last decade proved that point. Also the frequency with legislative proposals contradicting the constitution, it doesn't seem to be respected much.
> Good for Germany and the EU, but how (or why) is the rule of law supposed to make it a taboo? Is it thrown in just to sound nicer, or did they skip a few steps in the reasoning?
Don't thank Germany too early. The only reason they changed their tune is because a massive number of people reached out to the government representatives in the last few days/weeks.
Without that, it would have gone through.
Case and point, you can look at the timeline of each country's position on https://fightchatcontrol.eu and you will see that Germany went from opposing to undecided to opposing again.
This is the sad state of affairs today. Privacy and rule of law have nothing to do with it.
I personally reached out to many German MEPs and the only ones who bothered to respond and were against CC were from the AFD. Make of that what you will.
For me the Greens responded, confirming they are against chat control, but none from the other parties.
> Don't thank Germany too early. The only reason they changed their tune is because a massive number of people reached out to the government representatives in the last few days/weeks.
Well, thank Germany for that then.
Nope:
The rule of law establishes, first of all, that the Law does not distinguish any kind of person from another. This is why in order to have a true Rule of Law, the three powers (Legislative, Executive, and Judiciary) must be truly separated.
Decrees are exactly one way to subvert it: the executive acts as the legislative.
Also, in tyrannies (vid. Venezuela, Iran, etc.), the Judiciary is a slave to the executive.
The rule of law states, first of all, that people in Government are subject to the same laws as any other citizen.
It is obviously an unreachable optimum (like true "democracy" is), but that is the basic principle. Not that "Laws" govern the place.
Chat Control (and see especially the Danish Minister who said "common citizens should not expect to be able to use cryptography" or words to that effect) is suspicious under the rule of law because it differentiates ipso iure between "ordinary citizens" and "the executive".
Edit: whether you agree with him or not, reading "The road to serfdom" should enlighten you a lot about this topic.
What is "nope" about? I understand "people in Government are subject to the same laws as any other citizen" to mean the same as "written laws that apply to everyone equally". The sort of thing Aristotle and Locke advocated for.
As for the separation of powers, it is a related concept, but still a distinct one; not sure if bringing it up helps here.
Added "The Road to Serfdom" into my book queue, thanks for the suggestion.
Just my personal, not fully conceived opinion:
ChatControl cannot exists without criminalizing cryptography (crypto with backdoors is not crypto).
When the act of uttering sufficiently complicated mathematics is a crime, we entering the territory of absurdity.
Such laws cannot be enforced. Enforcement can only be arbitrary.
> Such laws cannot be enforced. Enforcement can only be arbitrary.
I am against criminalizing cryptography and largely agree about it being infeasible given the extent of proliferation and ease of replicating it/am playing devil's advocate:
Laws banning math related to manufacturing nuclear weapons can and has been enforced. It's important to take legal threats like ChatControl seriously and not just dismiss it as absurd/unenforceable overreach, even if that's likely true.
Banning math in relation to nuclear weapons was typically very specific and most often involved hardware export controls.
The key note with what the previous poster said was 'arbitrary', meaning the laws will end up a nonsensical mess because the maths have huge amount of industrial, commercial, and personal uses and suddenly one range of use is banned leads to situation where law enforcement tends to go after particular groups for who they are, not what they've done.
> Such laws cannot be enforced.
Tech companies can certainly be forced to build surveillance into their chat applications and operating systems. This doesn't have to be about backdooring crypto.
> Enforcement can only be arbitrary.
Sure, but it would be forced upon the vast majority of the population. Tech-savvy people will find ways to circumvent it, so will criminals, but that doesn't make mass surveillance of all others any less scary.
I also think the public generally doesn't understand much of cryptography. It's thought of as some sort of dark art. And to be reliant on computers. But some dice and basic arithmetic will suffice -- though you still shouldn't roll your own crypto system.
Ha, a lovely new meaning for “rolling your own crypto”
Alright, please now add this to your constitution. Hopefully other countries will follow.
Germany doesn’t have a constitution, but surveillance without grave suspicion is already illegal, hence the references to rule of law.
What do you mean, they don't have a constitution (Ger: Verfassung)?
It more or less a constitution. It is not effective though. It proposes your home is protected against state access, but that privilege is lost if you call a public official a dick.
Such a constitution is empirically useless. No constitution is perfect, but the US one is probably still more or less the top spot.
How do you make sure that "suspicion based" Chat Control can't be exploited? All client side scanning must be explicitly banned. The EU had an opportunity to do just that with their AI Act.
You lose some civil rights when you decide to become a criminal (or join the Army). ;-) One of the things courts are allowed to do to a criminal is force them to wear a GPS tracker on their ankle, as a method of enforcing that they are not within some distance of an elementary school. It would not be so different to force them to install software on their phone, and the analogy to forcing everyone to wear a GPS tracker is clear. Your civil rights include not being told where to go, something you also lose as a criminal (or a soldier, obviously). It is how civil rights work in our society. Authoritarians want to turn everyone into criminals or permanent soldiers.
We have infrastructure and precedent for it, you should need a warrant.
Warrants do not justify backdooring everyone's encryption or everyone's devices.
That would require trust in the same governments that try to pass this mass surveillance law again and again. Needless to say I don't share that trust.
You have to trust something though. There are people out to get you - maybe not you personally, but there are evil people. We need to handle criminals, letting them go free isn't not a good answer.
You seem to be saying that letting them go free is the best answer we have. This may be correct - it is something we as society need to debate in great depth. However it still isn't a good answer.
Yes, we should be willing to accept a certain level of crime if it means privacy and security for hundreds of millions of regular people. Even more so when their cure is worse than the disease.
Note that other threads in this post have said "with a warrant" which is different from general lack of privacy. These are things we need to debate as a society and it means understanding details not making two sentences on a discussion board with less than 15 minutes of thought... (I of course have no idea how much thought you may have put into this before this topic came up, I only see the time stamps on our comments... This is why I hate debates - you don't have time to make a well thought response to something new and so you can lose to a bad idea if you don't come up with the right counter)
We would need massive improvement of these mechanisms with secondary audits to even consider that. Because in reality these mechanisms are broken as well. Fixing that first is a necessary requirement.
Currently there is simply no capacity for warrants to be seriously vetted. Hence they become arbitrary.
> Note that other threads in this post have said "with a warrant"
I think there's some confusion and people talking past each other there.
With a warrant, LE can extract messages from devices, request and receive data dumps from service providers, and attempt to crack encrypted data. In many places they can also insert backdoors (server or client side) with a warrant. We see some people pointing this out as being sufficient.
This is different from every device and citizen (except politicians) preemtively having their devices backdoored with access granted after a warrant (which you seem to be arguing for). Most of us agree that this is unacceptable and is already unconstitutional in several EU countries.
I don't understand where the obligation to trust something, aside from the intended recipient, with my private communications comes from. It seems to me there is no such obligation and giving into surveillance is not a requirement, but a choice, and a poor one in my opinion.
What kind of boogiemen do you mean?
There are hundreds of options. Some are imaginary, some are very real. The real ones often feel imaginary until they affect you (or someone close to you) and suddenly you realize how real they are.
I agree but can you name some? As justification for surveillance like this?
If everyone cooperates, you can catch more criminals, but if you force them to cooperate, that's authoritarianism.
"Why don't you want a government camera implanted in your eyeballs? Do you want to let criminals go free?"
Any backdoor fundamentally breaks the promise of any end-to-end encryption.
This isn't a problem of process like requiring warrants and just cause. Even if said process is designed to be perfect and is executed flawlessly, it is still hinged on a fundamental breakage of the security model a given chat software is built on. If a trusted government has a magic password that can read anybody's encrypted text messages, then it must be assumed more nefarious actors can figure out that password and use it themselves.
It creates a single point of failure that would compromise literally everyone.
By requiring a court warrant for installation of a backdoored app update (or OS update). This is analogous to tapping a phone line.
A lot of negative comments here, many of which I agree with, but Germany opposing this is a net-good thing given how influential they are within the EU.
Yes but this sort of wording might suggest they want just small changes. We must keep the pressure.
Also it would mean that the politicians and lobbyists would be subject to that surveillance by default. Can't have that.
Surveillance is the occupation of the mental space and results in modification of behavior. Default mass surveillance, or in other words suspicionless surveillance, then leads to the end of mental sovereignty and, therefore, freedom.
That is not a state governed by rule of law, but instead, a peoples being ruled by the power of surveillance.
Never seems to matter how many horror stories are written or have actually happened regarding totalitarian states, people just seem drawn to them, like they can't help themselves.
What absurd news to be hearing in 2025, that "western liberal democracy" states are discussing whether to have the power to listen in on everyone's conversations - something Nazi Germany and Stalinist Russia could have only dreamed of.
What can we do to make sure any kind of ChatControl, not just "suspicionless", doesn't come to pass?
Where should I send my money?
Keep up the pressure. Write to your representatives. Write and inform the public. Never think somebody else will do it for you. Vote for the right party.
https://edri.org/
https://noyb.eu/en
https://www.eff.org/
The state of exception wants what it wants, unfortunately.
> in a state governed by the rule of law
we got any of those? please tell me so i can move there
You will not find perfection, but Canada, anything in EU, Japan, the US, New Zealand all come to mind (and several more that I am not confident I can spell) as places where rule of law happens. Countries like Brazil and India probably belong on the list despite some faults.
As a romanian, I must tell you that "anything in the EU" is overly optimistic.
Maybe anything in Western Europe...
The EU varies a lot. However they do have some standards and so even the worse is pretty good on the world stage. (Though Romania is not the only country in the EU with issues, and so if I was to list all countries you would probably be closer to Brazil - but understand I'm don't have much insight into the state of your country)
The "rule of law" like the "rules-based order" in geopolitics, in the net result. is a facade for the rule of the powerful who are usually corporations and oligarchs whom are protected by the gov because they control the politicians. We all heard about the E[stein files, and who is being protected. And we heard about the pedophile who was arrested in Las Vegas then allowed to flee. We all know that the law does not apply if you hold power. It's all about power.
[dead]
I am an information totalist. The web/world would be a better place if ALL information was free and available to all. You could actually make informed decisions for yourself without being played by anyone.
Until the state itself makes an informed decision on you, based on you religion, political ideas etc, and you are no longer free to make any decision any more, informed or not.
But more than that, even if you had all the information available, it will still be drowned in order of magnitudes higher amounts of counterfeit information, propaganda, lies.
Feel free to share all your personal information if that is your preference. You don't get to have mine.
I thought the emphasis on ALL was pretty obvious in my initial comment.
And I thought the refusal was pretty obvious in my reply.
You made it personal while my statement is everything but.
I'm not making it personal. In general, people who believe that all private information should be shared are free to make that decision for their data but not other people's data.
If you won't be the change you want to see by going first it doesn't seem like a sincere position.
How can I get read-access to your home directory? Do you have an open sftp or want to set one up?
Please post your IP and port here so we can take part.
Please enumerate some of the benefits that would come from a world where such radical transparency was realized.
So you have a camera in your bedroom, streaming all the time.
All information? Including private thoughts?
I'm glad I will be long dead when this becomes possible. They WILL try no doubt.
All of it. I believe the concept of private would vanish pretty fast. It would feel more like one consciousness.
I can agree that this is interesting as a thought experiment, and indeed could form an amazing foundation for an ambitious work of fiction. But the only way to bring about such a world IRL would be by force, meaning that many people in such a society would perceive it as a highly oppressive state.
To get the paradigm shift you're after, and a collective consciousness, you'd have to have buy-in from every member of such a society, and to raise children in the same principles. Perhaps it could be a civilization on an island, or the founding principle of a generational starship or something.
The Borg were supposed to be a cautionary tale, not something to aspire to.
How much information exactly do we need to make people stop believing the Earth is flat?
No amount will suffice, to convince people to not believe what they want to believe.
Question to Chinese citizens on HN: do you feel oppressed by your government? Do you feel that rule of law exists in China?
The notion of encrypted private communication didn't exist a couple of decades ago and people are talking about it as necessary for rule of law.
There's a missing logical link in there somewhere.
One of the founders of the United States Thomas Jefferson was a pretty big encryption enthusiast. He invented[0] his own disk cipher that is on display in the National Museum of Cryptography. The concept of Americans sending encrypted messages had been normalized since before the United States existed. People have always been able to send each other handwritten letters securely encrypted with OTP's / etc.
0: https://en.wikipedia.org/wiki/Jefferson_disk
Yeah, they could.
--
You've changed the contents of your comment.
I don't adhere to the American Civil Religion, so I don't need to consider opinions of the founders of the project.
And still can.
I think you are mixing two separate things: rule of law vs privacy.
Sure, we didn’t have encrypted communication a couple decades ago, but we did have an expectation of privacy: letters, phone calls, even in-person conversations.
Encryption is just the modern way of preserving that same right in a digital context.
Am I mixing it, or is Germany's Minister of Justice?
> The notion of encrypted private communication didn't exist a couple of decades ago
Nor was pervasive monitoring of our every action, nor were our actions and daily lives conducted on a digital system that makes data storage trivial.
This comment is an irrelevant distraction. Why should the feelings of Chinese citizens have any relevance for a discussion of the democratic values of EU policy? China is a de facto a dictatorship. Xi Jinping's thoughts have been made part of the Chinese constitution.
People in China have every packet inspected and injected with a malicious payload if it doesnt suit their government. They may get a knock at the door if they say something bad. It also restricts free access to information.
They dont just “feel” oppressed, they are.
Feel vs is oppressed is a two-by-two matrix and people exist in every square.
China is a country with a population of 1.4 billion people. Where is their Stasi to enforce this surveillance state?
Many people use VPNs and use overseas services. The primary purpose of the "Great Firewall" appears to be erecting a technological barrier to entry, protecting the culture of average people who don't require that sort of access for business.
If ICE is going over everything I post online to see if I'm making fun of Trump and I'm gonna get a visit for not being white enough, I'm not sure we're not also on the way to being oppressed.