Half-good new Danish Chat Control proposal

Denmark, currently presiding over the EU Council, proposes a major change to the much-criticised EU chat control proposal to search all private chats for suspicious content, even at the cost of destroying secure end-to-end encryption: Instead of mandating the general monitoring of private chats (“detection orders”), the searches would remain voluntary for providers to implement or not, as is the status quo. The presidency circulated a discussion paper with EU country representatives today, aiming to gather countries’ views on the updated (softened) proposal. The previous Chat Control proposal had even lost the support of Denmark’s own government.

“The new approach is a triumph for the digital freedom movement and a major leap forward when it comes to saving our fundamental right to confidentiality of our digital correspondence”, comments Patrick Breyer (Pirate Party), a former Member of the European Parliament and digital freedom fighter. “It would protect secure encryption and thus keep our smartphones safe. However, three fundamental problems remain unsolved:

1) Mass surveillance: Even where voluntarily implemented by communications service providers such as currently Meta, Microsoft or Google, chat control is still totally untargeted and results in indiscriminate mass surveillance of all private messages on these services. According to the EU Commission, about 75% of the millions of private chats, photos and videos leaked every year by the industry’s unreliable chat control algorithms are not criminally relevant and place our intimate communication in unsafe hands where it doesn’t belong. A former judge of the European Court of Justice, Ninon Colneric (p. 34-35), and the European Data Protection Supervisor (par. 11) have warned that this indiscriminate monitoring violates fundamental rights even when implemented at providers’ discretion, and a lawsuit against the practice is already pending in Germany.

The European Parliament proposes a different approach: allowing for court orders mandating the targeted scanning of communications, limited to persons or groups connected to child sexual abuse. The Danish proposal lacks this targeting of suspects.

2) Digital house arrest: According to Article 6, users under 16 would no longer be able to install commonplace apps from app stores to “protect them from grooming”, including messenger apps such as WhatsApp, Snapchat, Telegram or Twitter, social media apps such as Instagram, TikTok or Facebook, games such as FIFA, Minecraft, GTA, Call of Duty, and Roblox, dating apps, video conferencing apps such as Zoom, Skype, and FaceTime. This minimum age would be easy to circumvent and would disempower as well as isolate teens instead of making them stronger.

3) Anonymous communications ban: According to Article 4 (3), users would no longer be able to set up anonymous e-mail or messenger accounts or chat anonymously as they would need to present an ID or their face, making them identifiable and risking data leaks. This would inhibit, for instance, sensitive chats related to sexuality, anonymous media communications with sources (e.g. whistleblowers), and political activity.

All things considered, the new Danish proposal represents major progress in terms of keeping us safe online, but it requires substantially more work. However, the proposal likely already goes too far already for the hardliner majority of EU governments and the EU Commission, whose positions are so extreme that they will rather let down victims altogether than accept a proportionate, court-proof and politically viable approach.”

Lawsuit Claims Meta Can See WhatsApp Chats in Breach of Privacy

https://t.me/DDGeopolitics/172957

An Israeli spyware firm built to operate in secrecy has inadvertently exposed how its surveillance system works.

Paragon Solutions, the Tel Aviv-based company behind the Graphite spyware platform, briefly revealed a live government surveillance dashboard in a LinkedIn post by its chief compliance officer.

The screenshot was not a demo interface but an active control panel, showing unredacted victim details — including a Czech phone number and an Israeli contact — along with monitoring toggles for WhatsApp, Signal, and Telegram.

The leaked dashboard indicated full remote access capabilities, including the ability to read encrypted messages through device compromise, deploy zero-click exploits, activate microphones and cameras, and extract data without user interaction.

Graphite is marketed as an “ethical” tool sold exclusively to governments. However, Citizen Lab has linked it to zero-click iMessage exploits and documented cases of targeting journalists, activists, and political opposition figures. Reports indicate the spyware has been deployed in Australia, Canada, Europe, Israel, Singapore, and the United States. US Immigration and Customs Enforcement (ICE) reportedly holds a $2 million contract connected to monitoring anti-ICE protests.

Paragon, which was acquired in a $900 million deal and is now US-owned, quickly deleted the post after the exposure. Screenshots, however, circulated widely online. The company has not issued a public response

Edited February 16Feb 16 by eumeswil

https://www.politico.eu/article/european-civil-servants-new-messaging-services/

BRUSSELS — European governments are getting WhatsApp and Signal out of their system.

Governments in France, Germany, Poland, the Netherlands, Luxembourg and Belgium have started rolling out in-house messaging services for officials to exchange sensitive information, in an effort to stop staff from using popular encrypted apps and switch to local alternatives they can control. Defense alliance NATO also has its own messenger, and the European Commission plans to make the switch by the end of the year.

The move toward government-controlled messaging apps is part of Europe's search for alternatives to American technology, sparked by fears of being strategically dependent on Washington. WhatsApp is owned by U.S. tech giant Meta, while Signal is run by a U.S.-based non-profit and managed by a large community of open-source software enthusiasts.

The effort to unplug from American companies also reflects growing recognition among governments of the vulnerabilities of mainstream messaging apps for sharing sensitive information between politicians.

“Our communication currently often takes place via platforms over which we have no control,” Willemijn Aerdts, the Netherlands’ digital minister, told POLITICO in a statement. “In a world where technology is increasingly being used as a tool of power, that poses a risk.”

Brandon De Waele, the director of Belgian Secure Communications, the Belgian federal government agency in charge of its new secure app, said: “Everyone in Europe is getting more and more awake on sovereignty ... For us it’s data sovereignty.”

WhatsApp and Signal have faced cybersecurity challenges in recent weeks. Last month, dozens of cybersecurity agencies warned that Russian hacking groups were targeting political and government officials on the messengers with high-level phishing attacks.

The risks also became painfully apparent in Brussels: The European Commission told some of its most senior officials to shut down a group on messaging app Signal, POLITICO reported this month, and the EU was the victim of a string of cybersecurity breaches affecting, among other things, its mobile devices management system.

Edited April 22Apr 22 by eumeswil