Unfortunately the only answer that I know of is eternal vigilance, which is the price of liberty.
I decided to look up who that saying is attributed to, and apparently it's John Philpot Curran, not Thomas Jefferson. But I like Orwell's saying better, because it shows why all of you are just as ineffectual at steering government policy as I am:
https://www.socratic-method.com/quote-meanings-and-interpret...
After a quick search - and ignoring Google's helpful clanker who tries to point you to the _wrong_ Orwell text - it's not hard to find a clean source:
https://www.telelib.com/authors/O/OrwellGeorge/prose/RoadToW...
If your Member of European Parliament supports chat control stop voting for their parties and politically support their opposition
The key point to make is that once you're spying on your own people, you've created the single weakest point of entry for your geopolitical opponents spying on you and manipulating the population as well. It's such a dumb political move, it seems like it could only come from extreme fear, greed, or manipulation. Switch it around and make them afraid of the alternative.
Maybe it is a result of sending the biggest idiots off to the EU when they failed in national politics, but the problem remains.
For better or for worse the EU itself is about as much of a democracy as some of the European empires were back in the in early 1900s with their sham parliaments which had very little real power.
Like when the Irish electorate rejected the Lisbon Treaty, and then was then harangued into accepting a reheated version. Opponents of the treaty reasonably asked if it could be best-of-three.
- https://en.wikipedia.org/wiki/2005_Dutch_European_Constituti...
- https://en.wikipedia.org/wiki/2005_French_European_Constitut...
After receiving concessions.
That sounds exactly like you'd expect it to work, and yet people seem outraged by it.
Why?
They circumvent the accountability of nation states, it is a development catastrophe since people cannot have a reasonable influence on policies anymore.
The bad thing about the EU is that it opens up views like yours, trying to absolve your own nation of any culpability, when that is just not true.
If you don't like the direction of the EU, vote in a government and MEPs who will steer it in a different direction. If enough people do this, then the EU changes, as happens in every democracy.
What you're seeing is simply democracy in action. You think these things are going against the majority, but the reality is, the majority of citizens are ok for this to happen at the nation state level, and by extension at the EU level.
Stop blaming the EU. It is lazy and makes the problem worse. Look closer to home.
Your use of this then would translate to the governments wanting to read all the mail to constantly stay informed would be the bad guys where the other actors only have to get lucky once by having a mission complete would be the good guys?
Cops vs robbers? Christians vs lions in Rome?
Or, we're merely fish in a barrel and trying to convince ourselves we have any control over whether we get shot?
Rules for thee but not for me. You can bet the MPs private messages will not be included.
https://european-pirateparty.eu/chatcontrol-eu-ministers-wan...
The EC of yesteryear preferred issuing book-long regulations about how everyone needs to respect privacy.
The EC of today prefers burning those regulations [1] and writes legislation about how everybody should scan all private messages.
No more surprising than the In 1998 Conference of Anglican bishops rejecting any sort of homosexual practice as incompatible with Scripture, and the 2023 one approving the blessing of same-sex unions.
[1] https://www.politico.eu/article/eu-gdpr-privacy-law-europe-p...
The privacy laws you talk about all also have carveouts for governmental, intelligence and military work. No matter the hand wringing here, most EU governments (and even citizens) don't consider privacy legislation to require equivalent footing for governments and for private corporations. A lot of EU citizens are fine with laws like GDPR not holding for law enforcement and other similar institutions. Despite the risks and history.
yea, no idea ¯\_(ツ)_/¯
If not, how are EU politicians so disconnected from their citizens? How did this state of affairs come to be? Is it reversible?
In the US, our politicians don’t diverge quite as much, but when they do, the reason is money, and when it gets bad, we throw the bums out and elect populists. It’s not pretty and it’s messy but it self corrects with the next election if it doesn’t work out how people wanted.
At least in countries where the terrorism emerged recently, I'd say...
And unlike the US, very few people are going to push back based on "freedom" and "my rights" which is unfortunate in my opinion. This lack of pushback is why those types of proposal even come to be.
Most actions taken by this administration have > 65% disapproval ratings, and according to historical norms, if the size of current protests double, the people will overthrow the government.
The last time I checked, the ongoing ICE raids against civilians were one of the more popular policies.
Demonstrations against are small.
Only few people write to their government and their MEPs.
This is probably sourced in not understanding it and not having enough information, but for as long as those three factors remain those are the results of democracy.
(Democracy in the EU is complex topic in itself, as EU isn't a state, but a union of independent states where states are primarily represented by their government and the directly elected parliament plays a smaller role ... but given the little protest that's the smaller issue in this case)
The moderators of r/denmark are also currently blocking any submissions of this story to the subreddit.
Can you shed more light on situation in Denmark? Why is this happening?
In short: fault of the nation states, not the EU. Most EU people won't even be aware of this, the same in other countries around the world. We here care, most people don't. Sadly.
People continue to misrepresent what the EU is and how it operates, which is actually harmful if you care about stuff like this. You're basically trying to send the message to everyone that they're powerless "because EU". The reality is that nation states are pushing this. If you want to signal your disapproval, write to your politicians, vote for different ones, both national and MEPs.
Unfortunately, this is simply a reflection of democracy. Most people are just not informed enough about this topic to care. We think it is a big deal here on reddit, but most of the population just ignore it.
I suspect that most here will agree with you. However in the interests of encouraging a sober analysis: https://www.villagenews.com/story/2025/06/20/opinion/is-trum...
It does not need to be particularly secure—the messages are still E2E encrypted so long as nothing trips the client-side scanner.
I think you are letting your ideological alignment (against surveillance state) push you into irrational standpoints ("more surveillance would not catch additional criminals").
I'm 100% with you on opposing legislation like this, but it is very important to not delude oneself about its likely effects, and to pick the right hills to die on, figuratively speaking.
It's a good model for identifying and closing gaps (especially if one is not, oneself, prone to think like a criminal), but like all other human population groups, half of all criminals are below average.
This is not some wild hypothetical, the recent explosion in VPN use by every country that has implemented an age restriction law should be sufficient to display this effect in place. In a world without weird country restrictions (whether that be intellectual property restrictions or content restrictions), VPNs would be a niche technology for business. Instead unbelievably large amounts of the general population are now not only using it, but paying for it.
I think the assumption that criminals would not learn how to use one of the many free E2E encrypted messengers is the deluded and naive position.
Yes, this proposal has been around since long before those parties got as big as they are now, but even back then the quadrants were roughly similar, and as such the level of support (including now looking to pass, unlike before) has also roughly been in step with the growth of those parties.
I don’t think this is a fair explanation of what’s going on.
That sounds worst to me.
That would make illegal any non official Signal client for example. Or worst does that mean it will be outside of the messaging app in the OS itself?
In the end, we need to take a step back and look at the situation:
- We know since at least Snowden the US listen to whatever they want
- China and Russia probably have advanced capabilities like this but maybe more limited geographically
- The EU is so incompetent they haven't figured it out. So now they are gonna force us to have some back channeling malware that is gonna slow and crash my phone every hour?
How low can we go?
And there's really no way to enforce this unless you mandate locked-down devices with attestation.
Then again, that's likely the long-term plan here.
I pity whoever is going to be the first false positive guinea pig for this csam process. Functionally a guilty (as decided by algo) until proven innocent logic
> The man... took pictures of his son’s groin to send to a doctor after realizing it was inflamed. The doctor used that image to diagnose Mark’s son and prescribe antibiotics. When the photos were automatically uploaded to the cloud, Google’s system identified them as CSAM. Two days later, Mark’s Gmail and other Google accounts, including Google Fi, which provides his phone service, were disabled over “harmful content” that was “a severe violation of the company’s policies and might be illegal”... He later found out that Google had flagged another video he had on his phone and that the San Francisco police department opened an investigation into him.
> Mark was cleared of any criminal wrongdoing, but Google has said it will stand by its decision.
Less "guilty until" and more "guilty despite innocence."
If you know your not a theif having your bags checked after paying is an annoyance
Does its prevention even help anyway? The adult porn industry is regularly criticized for seeing people choose it over real sexual relationships. Conceivably the same could hold true for CSAM. As in, if you can't access it, you're going to go get the real thing instead.
The narrative that it prevents child abuse sounds good in theory, but what does the data actually tell us?
That said, not sure that draconian, ubiquitous surveillance is the correct (or even effective) solution to the problem.
Not always but often. You think the amount of Pea Dough would go up with abolition. Doubts from me.
Take your CSAM apologia somewhere else.
The anecdotal evidence is that most child abusers started with CSAM and continued escalation from there; not that they would have been abusers except for CSAM.
While it has never been proven to be a casual link, Ted Bundy, Brian Mitchell, Mark Bridger, Jeffrey Dahmer, and now Bryan Kohberger all accessed violent pornography before taking their actions. Dahmer stated it was his ritual - consume violent pornography before finding the next victim. Bundy meanwhile stated it was the tipping point for him psychologically, more than any other known factor, even describing it as his "fuel."
Meta made 1.8M CSAM reports to authorities in 2024 Q4 alone. An awful lot of these people aren’t taking any steps at all to avoid detection – they are posting it to social media.
You can argue the ethics of this scanning all you want, but if you’re arguing that it won’t be effective then you’re wrong.
If it were of real value they'd be touting arrests, not reports.
The full accepted amendment reads: "Disseminating pornographic content online without putting in place robust and effective age verification tools to effectively prevent children from accessing pornographic content online shall be punishable by a maximum term of imprisonment of at least 1 year."
[1] https://www.europarl.europa.eu/doceo/document/TA-10-2025-011...
The case for is "catch child abusers".
People opposing it are talking in abstractions like privacy and right to use encryption. Which are important but you need to identify concrete harms that ordinary people identify with. You can't oppose a harm people can visualise and feel emotional about with an abstraction.
Opponents need to say "if this passes your kids might be taken away because of a bot looking at your photos" . "Even if you send a picture of your own kid to your own mum, you will have to think about whether it could be mistaken for child abuse by some minimum wage worker at G4S from a completely different culture, who has to process 20 pictures a minute"
The opposition mostly sounds butthurt that politicians are making tech decisions. And I say that as someone who genuinely thinks chat control is a terrible idea.
- Keep casual conversations on mainstream crap to be reachable by the masses and give the appearance of being monitored.
- Send friends to a tiny URL that redirects to a tiny ephemeral private anonymous chat instance running entirely in RAM with an IP certificate [0] once available to remove domain name ownership from the picture. When done with that chat edit redirect to be something benign and wipe the chat instance. Block most crawlers using Anubis [1] and some other tricks. Chat crawlers that validate URL's are usually very obvious.
I would wager HN could come up with 1000% more clever ideas.
[0] - https://letsencrypt.org/2025/07/01/issuing-our-first-ip-addr...
Another - funnier way - would be to send the image as a file, and the recipient should convert it back to an image. Of course this could be automated as well on the scanning side, but if the regulation only talks about images, it should be safe. Not that I would do this if chat control happened and I would need some way to secure the content
Would be great if regulators understood that serious criminals will have a way of communication that is not traceable with this regulations.
During peace time I would agree but when the screws are tightened enough and one makes a zero-friction anonymous chat instance it might just get some use. Zero friction or near zero meaning click a URL, enter a temporary name and hit the "Start" button. [1] Channels do not really matter in this example as private chats would be the primary use case.
Set up a simple IRCD on the backend that cloaks IP addresses. ngIRCD [2] takes 5 minutes to set up and one second to mask all IP's. There are many web front-ends [3] to make it happy-clicky. All of this can run from a ram-disk and deployed with automation and/or containers to low memory and low CPU servers.
CloakHost = temp.chat
CloakHostModeX = temp.chat
CloakUserToNick = yes
MorePrivacy = yes
The issue is that the EU courts are easy to predict. I'm not afraid of this law for itself because I know how the EU works and this will be challenged. I'm afraid of this because once again the 'center right' (i.e liberals) and the traditional right manage to move power away from courts.
'Les irresponsables' should be translated asap in German, English and any other language in the EU, and hopefully politicians will find a mirror in this book and stop worsening everything.
So, a literal malware?
In the UK a massive surge in using VPNs happened in the last 2 weeks and the adoption only keeps rising.
Call me Nostradamus but if this legislation gets passed I can see how a lot of people will become familiar with the Privacy and Security aspects of the tech world (comms in particular).
ChatGPT thinks it was 'spook', but can't find any references.
Anyway, it seems we need such things again for messages, to overload any system the EU would have.
That said, I wouldn’t be surprised if this turned into a European version of the Patriot Act — where the state takes advantage of the fact that people have become desensitized, and everyone ends up being monitored 24/7. In the end, every citizen would be under surveillance, while criminals would simply download an app that doesn’t comply with this absurd requirement.
Now we are policing speech?
Why wouldn't it be feasible to implement? Sadly, I don't share your optimism.
Maybe I'm delusional and I'll be severely disappointed I'm my country and the EU, but I don't think so. Who knows, time will tell.
I'd say in general people are more concerned about The Bad People than about privacy. Probably because they mostly trust their governments, certainly more than they trust Big Tech.
Then why would they want big-tech employees to look at their nudes flagged by automated dumb scanning and unbeknown to them sent for human verification?
And gladly Telegram does not cooperate. That is a feature.
>Telegram founder Pavel Durov warned that France risks societal collapse if it continues down a path of political censorship and regulatory overreach. Durov was arrested in France in August 2024 after being accused of failing to moderate his app to reduce criminality
Telegram is the messenger of choice for cybercriminals (not signal, interestingly). Most stealers and many other malware families use telegram to exfiltrate data and stolen credentials. It's also used as public announcement channels for criminal groups. Telegram ignores all reports about known malicious chats, despite it being easily provable, not to mention it's not e2e encrypted.
At this point this is not resisting censorship but knowingly profiting from crime. Continuing the analogy, it's like post office was sending mails for terrorists, despite police staying in the hallway and begging them to stop that.
(my job is related to anti-malware and cybercrime prevention)
The same applies in the physical world. Police has no right to enter your house. Except when they have a warrant, because you are already known to be guilty.
>The criminals will just move to another operating scheme.
Great! This is not an excuse to do nothing. They would use e2e if they were smart anyway. But they don't, because they like telegram and e2e is annoying to use (no channel history etc).
I will oppose any government that outlaws encryption and privacy. There are numerous accounts of peoples personal info being misused for crime. More than there are proven cases of encryption being used by criminals.
I neither have nor want to have the capability to spy on telegram users. But criminal groups use telegram as infrastructure all the time - for example telegram webhook used as a exfiltration method for stolen credentials.
Telegram refuses to cooperate in any way, for example to close the group chat exfiltrated credentials go to, or even to disable the webhook.
This is analogous to Facebook knowingly letting ISIS use it for terrorist attack coordination. You can't just operate a company and ignore every abuse report.
My point (which I probably explained badly) was that telegram ignores all abuse reports. As a company operating in the first world you can't really do that legally.
You probably don't want to die on the hill of defending telegram. If they really cared about privacy, they would push everything to e2e. Instead they absolutely know what people talk about. Even if they're 100% pure hearted and really never take a peek, three letter agencies from all over the world are probably less honorable.
I literally don't know, that's my whole point. Telegram ignores abuse reports and law enforcement and that's why CEO got into trouble.
I never suggested spying on telegram users or extrajudicial powers, and i abhor the idea.