By making a minor concession EU governments hope to find a majority next week to approve the controversial „chat control“ bill. According to the proposed child sexual abuse regulation (CSAR), providers of messengers, e-mail and chat services would be forced to automatically search all private messag
imo E2EE includes the environment in its scope as a complete product, and I don’t see how this can be executed without weakening the environment’s security.
I’m deeply against this ridiculous proposal.
But scanning of messages already happens, tbf, for spell checking, emoji replacement, links to known infectious sites.
Photo copiers do client side scanning to prevent copying of money.
There are precedents.
I hate this proposal. But let’s be straight about the facts: The phone has full access to everything you send and receive already. This isn’t the same as having an encryption back door.
There are precedents, but we can forego these if we want. I don’t have to use Google’s keyboard. I can even degoogle my phone with Graphene OS. Some black boxes remain of course but they are small and relatively secure. Meanwhile a client-side scanner is adding an unavoidable increase to the attack surface. That’s a weakened security environment. And not just for your cat videos, but for journalists and others dealing with sensitive materials.
I can’t wait to see how many horrible implementations devs come up with because this feature provides no value for their employers.