• Martin@feddit.nu
    link
    fedilink
    English
    arrow-up
    203
    ·
    9 months ago

    “While indiscriminate backdoors might be cheaper for the State than alternative investigative measures, they were expensive for society at large on account of the security risks they produced,” EISI told the ECHR.

    It’s great when someone with some sway actually gets it.

    • hydroptic@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      50
      arrow-down
      9
      ·
      9 months ago

      EU institutions are pretty great, but sooner or later they’re going to lose the fight against the technofascist nightmare that’s constantly getting pushed on us

      • maynarkh@feddit.nl
        link
        fedilink
        English
        arrow-up
        34
        ·
        9 months ago

        Luckily this is not an EU institution, this is an international treaty above the EU. For example, Azerbaijan is a signatory.

        Point is, you can’t easily get it through EU legislation to overturn this, as it would need to cross the ECHR, which it won’t do.

        • sunbeam60@lemmy.one
          link
          fedilink
          English
          arrow-up
          15
          ·
          9 months ago

          Can’t wait to see the brexiteers’ faces when they realise Britain is still a signatory.

        • hydroptic@sopuli.xyz
          link
          fedilink
          English
          arrow-up
          5
          ·
          9 months ago

          Ah duh, I guess I mixed up the ECJ and ECHR and the “EU court” in the headline didn’t help

        • rottingleaf@lemmy.zip
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          9 months ago

          For example, Azerbaijan is a signatory.

          And doesn’t really care, because there’s no punishment for, say, being a member of something with “human rights” in the name and Azerbaijan simultaneously.

          They even occasionally pay fines for torturing someone to death or things like that. Those fines are not that big.

  • GiddyGap@lemm.ee
    link
    fedilink
    English
    arrow-up
    87
    ·
    9 months ago

    I feel like Europe is the only place actually making an effort to protect personal privacy these days.

    • abhibeckert@lemmy.world
      link
      fedilink
      English
      arrow-up
      81
      arrow-down
      1
      ·
      edit-2
      9 months ago

      That’s because Europe has actual experience with having their privacy invaded and it wasn’t just to show you relevant ads. During the war my grandparents burned letters and books after reading them. And they had nothing to hide either - and all of the ones they burned were perfectly innocent and legal… but even those can be taken out of context and used against you during a police investigation.

      The UN formally declared privacy as a human right a few years after the war ended. Specifically in response to what happened during the war.

      A lot of the data used by police to commit horrific crimes was collected before the war, for example they’d go into a cemetery home and find a list of people who attended a funeral six years ago, then arrest everyone who was there. You can’t wait for a government to start doing things like that - you have to stop the data from being collected in the first place.

      Imagine how much worse it could be today, with so much more data collected and automated tools to analyse the data. Imagine if you lived in Russian occupied Ukraine right now - what data can Russia find about you? Do you have a brother serving in Ukraine’s army? Maybe your brother would defect if you were taken hostage…

      • GiddyGap@lemm.ee
        link
        fedilink
        English
        arrow-up
        21
        arrow-down
        2
        ·
        9 months ago

        Well, it defers a lot from country to country.

        For example, populations in the Scandinavian countries have high trust in their governments and let them collect a lot of private data. They have personal identification numbers that contain lots of personal information that many institutions (e.g. banks) have access to unless you ask for privacy protection. All of this also makes interaction with institutions very streamlined and easy, but it comes at the cost of less privacy.

        In Norway and Sweden, for example, anyone can access personal income data about anyone living in the country. Full transparency, more or less.

        On the other hand, a country like Germany does not issue personal identification numbers because the population is highly skeptical of data collection and registration, a remnant from the wars. Germany is much more bureaucratic and its government less efficient, but Germans prefer the arm’s length approach to government data collection and almost no data is publicly accessible.

        • Aceticon@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          arrow-down
          1
          ·
          edit-2
          9 months ago

          In Germany you have to show some kind of ID - which gets registered in a system - to buy a SIM card, something I never had to do in other countries I lived in, in Europe.

          There is no other point in having such a requirement for stores to record people’s ID when they buy SIM cards than to associate phone numbers with people for surveillance.

          The UK too doesn’t have ID cards or ID numbers for people and yet has the biggest densitity of surveillance cameras in Europe, automated license plate reading cameras in major roads and highways and, as shown by the Snowden revelations, has an even more broad civil society surveillance system in place than the US and, by the way, when that came out the political response was simply to retroactivelly make legal any part of it which weren’t.

          ID numbers are just one big “look over here” distraction from what’s really going on.

          • GiddyGap@lemm.ee
            link
            fedilink
            English
            arrow-up
            5
            ·
            edit-2
            9 months ago

            I didn’t say that Germany doesn’t collect data for basic protection of its citizens and for terrorism prevention (or, some may see that as surveillance). It does. It’s just not shared in a big central system that other institutions and private companies can pull from like it is in the Scandinavian countries or the Netherlands.

            E.g. if you move from one place to another in Germany, the government institutions in the two locales don’t talk to each other about that. So, for tax and social benefits purposes, you have to tell each one that you moved. The federal government is also not involved.

            Edit: spelling

            • Aceticon@lemmy.world
              link
              fedilink
              English
              arrow-up
              4
              ·
              edit-2
              9 months ago

              Somehow the rest of Europe doesn’t need to get people’s IDs when SIM cards are sold “for basic protection of its citizens and for terrorism prevention”. Further, the idea that “terrorists” won’t just buy their SIMs in a different country and bring them over and using them in Germany is laughable (the only reason I did so for the couple of months I lived in Germany is because I was a heavy data user).

              Also from what I’ve seen in Britain, having government entities unable to properly share data AND having a disproportionately high level of civil society surveillance are not at all incompatible.

              I would’ve tended see the same association between no-IDs and no-crossing of data with low-surveillance that you seem to be making here if I hadn’t seen first hand how that is not at all linked (or maybe it’s actually inverselly correlated) during the time I lived in Britain.

              • GiddyGap@lemm.ee
                link
                fedilink
                English
                arrow-up
                3
                ·
                9 months ago

                You’re not right about the rest of Europe not needing ID for a SIM. In Denmark, you need ID. In Sweden, you need ID. In Norway, you need ID. I’m sure you need in many other countries as well.

                In the US, you also need an ID to open an account.

                • Aceticon@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  edit-2
                  9 months ago

                  Right, I’ll grant you that - can only really speak for countries were I actually bought SIMs.

                  I know for sure you don’t need an ID in Portugal, Spain, The Netherlands, the UK and Canada, or at least you didn’t back when I did bought a SIM card over there (either because I lived there or stayed there long enough that it was worth it to get one for cheaper mobile data).

                  Funny enough, the countries you listed (except Germany) are ones were somebody else was pointing out that people trust the authorities and are more ameanable to the authorities having lots of information about them. (I just checked back and it was actually you who said that ;))

                  Personally I was quite shocked that Germany, the country which had both Nazism and in some parts Communism, and were one would expect people to shy-away from anything with even the slightest wiff of Gestapo/Stasi to it, to have very explicit and obvious laws in place to make sure the authorities knew who had what mobile phone line were in place and accepted by the population.

          • RedFox@infosec.pub
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            9 months ago

            @GiddyGap@lemm.ee

            Since I also appreciate EUs privacy mindset, and you guys actually mentioned interesting things about the various populations, I’m going to post devil’s advocate question:

            Is there anything to allow privacy invasion we should do for law enforcement and CSAM? Since that’s all political excuses for it?

            Here’s a story I heard recently that talks about it from a technician cyber crime podcast: https://darknetdiaries.com/episode/131/

            Disclaimer: I cried while on a run in the middle of a populated area.

            My emotions on the topic go from shock and sadness to the punisher style rage, and what vigilante justice.

            There’s also apps like kik, where apparently this shit is unchecked.

            So my question is, can we all have our no data collection privacy, but still give law enforcement a way to hunt these pieces of shit into extinction without them overreaching?

            • Aceticon@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              edit-2
              9 months ago

              As with everything, there has to be Proportionality (are the gains from mandate backdoors on everybody’s software or mandatory taps on every phone out there so great they justify the high risk of massive loss of privacy and security of the general population) and ther has to be Independent Oversight, as in, it has to happen with a Court Order which is the result of a Judge having examined the case of the police and determined that there is sufficient reason to break somebody’s privacy, same as is necessary for the Police to break into somebody’s house to conduct a search, and we’re not talking about “special” surveillance courts with secret proceedings that even the defense attorneys can’t attend such as the US’ FISA courts and the UK’s equivalent (whose name now evades me) - though in the UK there are even surveillance systems which, by Law, the Police does not need a Court Order access as they see fit.

              Given that the smart criminals - read big, dangerous ones - don’t use phones they bought when showing their ID and where they have a contract that they pay from their bank account, and in some cases even use proprietary comms apps rather than the ones common people use (it’s not as if it’s hard to make an encrypted comms app for anybody with even just a bit of mobile development experience: I can make you one with unbreakable cryptography in a week, but it does require periodic transport of harddisks filled with random bytes because the key is as long as the message) things like mandated backdoors on widelly available comms apps only provide a mild improvement in Police effetiveness whilst openning a massive attack vector on millions, tens of millions, or even hundreds of millions (for the whole of the EU) of law-abiding citizens, hence are a massivelly dispropotionate solution versus other options, such as bugging the devices, direct surveillance of the suspects and so on.

              Also for me personally, having lived in the UK, you cannot at all in any way or form trust the Authorities with such power as they will with absolute certainty abuse it. Also even if a country’s authorities are squeaky clean, prim and propper today (most definitelly not so in the UK, were they even had surveillance on the Green Party, but most of Europe is better), there is no guarantee the next ones will still be so (remember, most of Europe was at some point under Fascist or Communist dictatorships), and in this day an age stuff once recorder exists forever and can be later fished out and used against you even when back in the day when you said it or wrote it, it’s was totally legit.

              So it’s the balance of pros and cons (i.e. the fail in Proportionality) that makes mandated backdoors on everybody’s comms apps for the purpose of surveillance, even under proper oversight by a Court of Law in a country with trustworthy Authorities and proper Laws rather than “funny” surveillance Courts, still be an unacceptable option.

              Yeah, you’ll always find cases were you’re told “if only we had backdoors in every comms app we could have stopped it”, same as you would for “mandatory taps in every phone” or “mandatory cameras in every person’s home” (though, “curiously”, they never mention the problem that with so much data it’s way harder to spot those single instances of lawbreaking), but having such things for every single person in a country is still an incredibly disproportinate solution for what it solves.

              • RedFox@infosec.pub
                link
                fedilink
                English
                arrow-up
                1
                ·
                9 months ago

                These are good points, well said.

                I agree. Insert great power/responsibility saying.

                They always seem to go off the rails.

                I would be in favor of mandatory disclosure (though, this would be extremely difficult and costly). I imagine anytime a government privilege was used, especially when behind closed doors, and reviewed by “…the proper oversight officials…”, whoever that means, I would rather like the governments to prove it.

                I would support an idea that by law, it all has to be documented, and after a reasonable amount of time after the prosecution is complete, they have to disclose everything they did, all the snooping, etc. With redacted private information of course for unrelated people.

                This is fairly unreasonable/unrealistic. But for me, if you could see all the cases where a government invaded privacy and link it to all to nothing but legitimate uses, it might help restore some faith/trust in officials.

        • rottingleaf@lemmy.zip
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          4
          ·
          9 months ago

          For example, populations in the Scandinavian countries have high trust in their governments and let them collect a lot of private data.

          And that’s very stupid.

          But psychologically this may be a good thing - people learn to not be ashamed of saying “yeah, you can get all this information about me, but it’s simply not your concern, so fsck off” from the very beginning.

          • GiddyGap@lemm.ee
            link
            fedilink
            English
            arrow-up
            7
            ·
            9 months ago

            And that’s very stupid.

            It may feel stupid to you, but Scandinavia is a very different world than, for example, the US. They’ve never had a reason to not trust their governments. They are among the happiest countries in the world and their economies are outstanding and have been for a long time, and the standard of living is second to none. They feel like their governments work for them.

            Same can be said of Germany, but they’ve obviously gone through different historic events and their approach to government is different.

            • rottingleaf@lemmy.zip
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              9 months ago

              They’ve never had a reason to not trust their governments.

              From how people actually from those countries (and not approving Americans) seem to me, the main reason their governments function well is exactly that they don’t have too much power or bureaucratic depth to brew something bad, and because people don’t trust them or respect them too much.

              I’d say that’s the reason these are “among the happiest countries in the world”.

              That they don’t “trust” the government (the way approving Americans would want to), they just don’t fear it or treat it as magic. And I think most people elsewhere willing to live “like in Scandinavia” would push things into the opposite direction, if given their way.

              • GiddyGap@lemm.ee
                link
                fedilink
                English
                arrow-up
                1
                ·
                9 months ago

                I’ve lived in several Scandinavian countries for many years. You’re wrong.

                • rottingleaf@lemmy.zip
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  3
                  ·
                  9 months ago

                  Oh. Well, then we’ll see that trust erode, because that’s what happens to trust always. Nature has feedbacks to compensate for disturbances. And Scandinavian countries’ good government is a relatively new thing historically.

      • Schadrach@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        And they had nothing to hide either - and all of the ones they burned were perfectly innocent and legal… but even those can be taken out of context and used against you during a police investigation.

        If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.

        Cardinal Richelieu

    • platypus_plumba@lemmy.world
      link
      fedilink
      English
      arrow-up
      14
      ·
      9 months ago

      Finally, good news. I can’t believe we need to go to court just to be allowed to have encrypted conversations. It’s MY conversation and MY data.

  • squirrel@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    60
    ·
    9 months ago

    This is incredibly funny for people who followed this. Everybody and their grandma told the European Commission that there was no way that breaking end-to-end encryption was compatible with the law. Yet they constantly pushed for it anyway and now look at this mess.

    I am almost certain that the European Commission will claim that there are still ways to break end-to-end encryption, only to defeated in court yet again. Like they tried with data preservation for law enforcement purposes. They just can’t stop themselves.

    • Kilgore Trout@feddit.it
      link
      fedilink
      English
      arrow-up
      50
      ·
      9 months ago

      Never idolise. Courts simply apply the laws, and good laws were likely written by inspired people and approved in a good political climate. These two conditions are not static.

      • moitoi@feddit.de
        link
        fedilink
        English
        arrow-up
        25
        ·
        9 months ago

        In this case, the title is misleading. It’s not the ECJ, it’s the ECHR. The ECHR isn’t part of the EU even if the EU and the EU members recognize it.

        The ECHR rules according to the ECHR and not the EU regulations. The court can overturn EU regulation when violating the Human Rights.

        • Kilgore Trout@feddit.it
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          9 months ago

          I didn’t open the article before, and you are right. The author of the article lives in Chicago; I think that Ars has no European writer to really understand what they are talking about.

        • Aceticon@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          Well, European Union member states have as a criteria of membership to also be members of the European Convention of Human Rights (which is the one the ECHR rules on), but that’s about it.

      • THE MASTERMIND@feddit.ch
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        9 months ago

        I know i guess i wanna support so they have motivation to go forward. But yes you are absolutely right.

        • Kilgore Trout@feddit.it
          link
          fedilink
          English
          arrow-up
          9
          ·
          9 months ago

          We are always on the brink of ruining everything nice that we have been slowly building.

          You can read here about the plans of the European Commission to enable service operators to mass scan all the users’ private messages in search of illegal materials.

          The Commission is the same super-government body that signed privacy-oriented things like the General Data Protection Regulation.

          • THE MASTERMIND@feddit.ch
            link
            fedilink
            English
            arrow-up
            3
            ·
            9 months ago

            Yeah i kinda did hear about it and was suprised. But figures can’t have anything nice nowadays anyway

    • erwan@lemmy.ml
      link
      fedilink
      English
      arrow-up
      12
      ·
      9 months ago

      Move to EU and pay taxes there. Or buy European products, they pay taxes and some of it go to the EU.

      • uis@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        ·
        edit-2
        9 months ago

        Moving to EU is better option if you can afford it. You’ll also get healthcare and other stuff.

    • Alex@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      ·
      edit-2
      9 months ago

      They fund their political campaigns via taxes and put limits on spending and campaign seasons, just buy european-made instead if you’re a fan.

    • lemmingrad@thelemmy.club
      link
      fedilink
      English
      arrow-up
      14
      arrow-down
      3
      ·
      9 months ago

      Trust me, the UE have enough money. Please donate to your local homeless shelter instead :3

        • lemmingrad@thelemmy.club
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          5
          ·
          9 months ago

          I say that because, well, I live near Brussel, I intimately know the insides of the european parliament. Corruption is rampant. Maybe not to the point of the US, but look up lobbying in the european institution and you will see what’s up. The UE might seem progressive on the IT front but they are also the ones that forces us to sell public services to banks.

    • nexusband@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      7
      ·
      9 months ago

      Don’t. They already get way to much taxes and while these are the shining examples of what the EU should be and are beacon of hope…there are other utterly ridiculous laws and stupid regulations we have to deal with. Don’t get me wrong, I’m proud to be European and so on, but it’s not the bright haven some people make it to be…

      • GoodEye8@lemm.ee
        link
        fedilink
        English
        arrow-up
        11
        ·
        9 months ago

        Can you name any ridiculous laws or regulations that negatively affect you? I have a hard time recalling any EU law or regulation that directly affects me without a good reason.

        • Rinox@feddit.it
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          2
          ·
          9 months ago

          Also, can you name a nation without laws that negatively affect you or could be considered stupid?

        • nexusband@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          2
          ·
          9 months ago

          https://www.autoexpress.co.uk/news/103530/eu-demands-speed-limiters-all-new-cars-know-rules-and-how-they-work

          One of the most prevalent examples that affect me - it’s a horrible system and most car makers are not able to do it properly, because the camera systems are not cheap enough to be good enough. Mercedes, BMW and so on do it relatively decent, but they’ve gotten so expensive, even the base models are out of my reach now.

          This could go on for a while, but to make matters short: The basic idea is cool, but mandating it like they have makes it a nuisance and will make most people turn it off. All of the people I know that have a car that has that system turn it off immediately starting.

          • GoodEye8@lemm.ee
            link
            fedilink
            English
            arrow-up
            5
            arrow-down
            1
            ·
            9 months ago

            That doesn’t seem like a stupid or ridiculous regulation, you even agree that the basic idea is cool. The issue here isn’t the idea of the regulation, but the implementation by manufacturers. It will take time to get the implementation right and when it does the manufacturers will optimize the solution and the price will also come down. I don’t think anyone goes “ABS makes cars so expensive”, because the cost has been optimized.

            • nexusband@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              2
              ·
              9 months ago

              The difference is, ABS was only mandatory after it was fully developed and actually safe. Same goes for the airbag. This is horseshit, same goes for the AI Rules, EU Cloud initiative, unified power grid and so on.

              • Gabu@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                1
                ·
                9 months ago

                Airbags are STILL not safe, my guy – they can take your thumbs clean off.

                • nexusband@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  edit-2
                  9 months ago

                  What kind of ridiculous argument is that? You can pinch your dick in a zipper - are zippers unsafe? You can chocke in a tomato, are tomatoes unsafe? Just because something designed to safe you, can also kill you, doesn’t make it unsafe. You can get seriously injured from a seat belt - if you consider seat belts unsafe, you should probably not leave you home ever again.

  • Clent@lemmy.world
    link
    fedilink
    English
    arrow-up
    46
    ·
    9 months ago

    Pity we don’t have any of those human rights in America. Maybe we should join the EU.

    • rottingleaf@lemmy.zip
      link
      fedilink
      English
      arrow-up
      16
      ·
      9 months ago

      People from Russia and other ex-USSR states sue their governments in ECHR all the time. Sometimes those governments even pay the fines.

      I mean, glad that you’re glad.

      • febra@lemmy.world
        link
        fedilink
        English
        arrow-up
        13
        ·
        edit-2
        9 months ago

        Yeah, we in Romania sue our own government quite often in the ECHR, and we win, and then the government goes like “well what is another fine to us, we’ll just make the taxpayers pay it” or “look the EU is bad for telling us it’s not okay to discriminate < insert minority > !”.

  • Minotaur@lemm.ee
    link
    fedilink
    English
    arrow-up
    43
    arrow-down
    1
    ·
    9 months ago

    Maybe one day, the land of personal freedom and Liberty can have a small amount of the personal freedom and Liberty often declared by the “globalist big government” EU.

    • littletranspunk@lemmus.org
      link
      fedilink
      English
      arrow-up
      16
      ·
      9 months ago

      EU: “This violates human rights”

      US: “Human rights? What are those? Are they in the constitution?”

      Yeah, I wish the US could get some of those mysterious rights

      • abhibeckert@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        edit-2
        9 months ago

        US: “Human rights? What are those? Are they in the constitution?”

        There actually are strong privacy rights written into the constitution. Unfortunately they don’t fit well with modern data collection creating loopholes big enough to drive a truck through.

        And nothing is being done to close those loopholes. In fact the opposite… end to end encryption, for example, would close most of the loopholes. Legislators are using “think of the children!” arguments to try to stop companies from upgrading services to use E2EE.

  • zaphod@feddit.de
    link
    fedilink
    English
    arrow-up
    23
    ·
    edit-2
    9 months ago

    The ECHR is not an EU court, it’s a Council of Europe court, different organisation.

    Edit: To make things more confusing, the EU is in negotiations about joining the Council of Europe.

    • CashewNut 🏴󠁢󠁥󠁧󠁿@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      1
      ·
      9 months ago

      I tok great pleasure in making my Brexiter dad look a tit by asking what he disliked about the EU. “Well I’m sick of their human rights court telling us what to do! So I’m voting we leave the EU!”

      Me: “But we’d still be covered by the ECHR. Are you thinking of the ECJ?”

      I don’t speak to him anymore cos he’s a cunt*.

      *Not politics - he’s just a cunt who doesn’t approve of my ‘lifestyle choices’ (childless, gay and mentally ill).

      • RedFox@infosec.pub
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        9 months ago

        lifestyle choices

        lol, you should have made better choices with the ? thing you can control of those.

        /s