"Representatives from member states will meet on Friday to consider legislation critics call Chat Control, aka "laying down rules to prevent and combat child sexual abuse," which seeks to require ISPs or messaging app providers to scan user content or backdoor encryption so that intelligence agencies can do it themselves. It's the latest attempt in a three-year campaign by some in the community to allow government agencies unprecedented access to private communications."
"An open letter signed by more than 600 security academics, practitioners, and stakeholders has called on the proposals to be dropped and claimed they are unworkable and highly intrusive. It also points out that the false positive detection rate for such a serious crime is unacceptable and could lead to many people being unfairly smeared. One signatory, Matthew Green, associate professor of computer science at the Johns Hopkins Information Security Institute, told The Register that the plans, if implemented, would be a "national security disaster.""
"He pointed out that if encryption backdoors were implemented, adversarial nations would see it as a "Manhattan Project" which could be used to expose all data, and if client-side scanning was used then it would create a privacy nightmare. The revised legislative proposals call for systems to be set up to find all current "and new" forms of CSAM, but decline to give any guidance as to how this seemingly impossible task would be achieved."
EU representatives will meet to consider legislation labeled Chat Control that would require ISPs and messaging providers to scan user content or implement encryption backdoors to allow government access. The Danish presidency has advanced the proposal after repeated rejections. Security experts warn the measures are unworkable, highly intrusive, and carry unacceptable false positive risks that could smear innocent people. Critics state encryption backdoors would create national security vulnerabilities exploitable by adversaries, while client-side scanning would produce pervasive privacy harms. The proposals call for systems to detect all current and new forms of CSAM but provide no technical guidance. A full vote is expected next month.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]