In the EU, there are discussions for a new law to fight CSAM, namely:
“Proposal for a Regulation laying down rules to prevent and combat child sexual abuse”
But I think, that it would be very harmful for the privacy of people in the EU and open source software with the arguments stated here:
TLDR comes up every so often, yes it is an invasion of privacy because how do they hope to achieve that for conversations which are E2EE. You can’t without a backdoor, sidedoor, ghost door, whatever they want to call it.
I don’t think it matters that much, a lot of things are banned in China, but you can find a way how to keep using it relatively safely.
So there will be “natural selection” of people that give up on privacy element, with slightest obstacle/friction, and won’t care, the rest that care more, will put more effort into it, and keep using it.
The issue of privacy is complex and nuanced, and it’s not accurate to reduce it to a binary choice between those who care about it and those who don’t. People have different motivations, values, and circumstances that influence their stance on privacy, and it’s unlikely to be a straightforward decision for many individuals. Additionally, the level of effort required to maintain privacy can also vary greatly, and the “obstacles/friction” you mention may present different challenges for different people.
There are so many things wrong with that “natural selection” comment, but the one that makes more noice to me is that OP appears to underestimate the among it actually take to keep privacy now of days when you literally can’t search for a job without the internet. Or communicate without some messages/social media apps.
You can search for jobs using Tor, not sure if it will rise an eyebrows, of the employer, if you will submit your application, from Tor node, most people wouldn’t care, unless the government, would make them to report, if someone does this, or if it’s in a field where your identity, and information about you should be as transparent, as possible, like if you would apply for a police man, for example. If that person protects their data, as much as possible, but it’s viewed by the employer, as a criminal who wants to hide something, then it becomes a problem, but if it’s not commanded by the government, to report this stuff, for most people it should be fine.
Your points are valid for the most amount of privacy, but for someone who just wants to reduce the data shared, like IP address, and your Internet provider spying on your traffic, and what you are doing.
Yeah, it’s not that much of a reduction, but I guess it’s better then to use Chrome, without VPN, or anything else.
Also if you are in Europe, everyone has to comply with GDPR laws, and I request each time, I give away information to follow these laws, or to delete it within 30 days.
If you are not in Europe, you can find some lawyer, get on a 10 min call for 20 $ ~ and send you some paper (PDF), that takes advantage of the laws that are in favor of your privacy, then you can just copy it in each email you send.
yeah, at least here in Portugal no one gives a crap about GDPR. I mean, everyone will have cookie banners and great privacy and data retention policies but its just for show unless youre a huge company and thus a valuable target for prosecutors and regulatory agencies
While I agree there is still a lot of battles to go through, I do not agree with the negativity of this comment. The GDPR has moved things massively. Europe has drawn a new line in the sand of what can and what can’t be done. The regulation has moved many companies to overthink their policies and made several provacy preserving changes for all citizens. We gotten more better defendable rights and this has put a stop to the increasing lack of privacy offered by big tech. The GDPR is also not a finished product and new regulations are in the pipeline as well as better policing.
It is unreasonable and unfair think that something like this will be acted on immediately and always be implemented right.
A new line on the sand, sure, by eroding the constitutional rights over our data that we had here in Portugal. How so? By introducing the concept of “legitimate interest”. Before GDPR anyone could request that their data be deleted and the recipient of the request would have to comply except for specific types of data under specific circumstances for which there was a law mandating a minimum retention period. The only “legitimate interest” that existed was the one codified in law. Now its open for interpretation, its open season on making up creative justifications as to why certain types of data are of “legitimate interest”.
Having said that, it did greatly shorten the periods after which data is automatically deleted, a shame that it did so while curtailing the power of explicit data erasure requests. I can no longer, for example, change internet providers and tell the one I just changed from to erase all info they have on me. Why? Because they have a “legitimate interest” in keeping this for x amount of time and that for y amount of time
We’ve teamed up with the Global Encryption Coalition to fight back against the latest version of Chat Control. You can find our joint open letter here.