The chatcontrol regulation (see here for explanation) has been heavily criticized for various different reasons. In the last few weeks, it was possible to submit feedback to the european comission about the proposal. Many citizens and NGOs used this opportunity to express their objections or approval. I downloaded and analyzed all 414 comments from feedback page. Here's what I found:
A week ago (2022-06-29), netzpolitik.org published a leaked document showing answers from the european commission to the member states regarding the chatcontrol regulation. The leak is mostly in german, very long and was/is mostly ignored by mainstream media (even in germany). In this post, I've translated the parts I personally consider the most relevant and added some thoughts/criticism/relevant context.
We really need to talk about chatcontrol, the EU's next mass surveillance system. Long post, there are some hints to skip over parts of if it's too long for you. Sources are in [brackets] & linked at the end. I tried to simplify a bit to keep the post accessible for people without deep technical knowledge. I've packed a LOT of content into this post - if you have trouble undestanding, it's probably my fault. Ask me and I'll clarify!
Chatcontrol is what critics call the regulation proposed by the european comission [L1]. The regulation aims to reduce the online distribution of Child Sexual Abuse Material (CSAM). It will force messaging services to scan ALL content, including personal messages and photos, to detect CSAM and report detections to a newly established EU centre. The centre will then coordinate with police in EU countries and provide access to detection technologies.
While I doubt anyone will disagree with the aim, the means (mass surveillance) are not only violating privacy rights but also ineffective, for various reasons. This post will explain some of these reasons and what YOU can do to help stop the regulation. Let's start with the most important thing: Chatcontrol completely misses the point, as criminals rarely use messengers to share material - they're too slow to share large collections of CSAM.
Instead, they encrypt the files and upload them to a completely normal filesharing service. Since the files are encrypted, the service is unable to scan the contents, even if it wants to detect CSAM. Criminals can then simply share links to the content whereever they want [C1,4-6] - the scanning can't/won't hinder them! This alone should be enough to scrap the regulation! If that's enough for you, you can click here to learn what you can do.