The European Commission lost the Chat Control 2.0 battle over access to end-to-end encrypted data. By the summer 2026, they will be back with their next attempt: Going Dark. This time some EU member states want to include VPN services.
The Going Dark initiative, or ProtectEU as the Commission now calls it, wants to “enable law enforcement authorities to access encrypted data in a lawful manner”. This is a Chat Control 3.0 attempt.
They really keep trying to ratchet further and further to taking full control over what should be private, with all the negative consequences it has for democracy.
We should push ratcheting in the opposite direction. Start with various levels of crazy and sensible ideas. Make privacy a human right anchored in law with no exceptions, it should not even be possible to propose laws that weaken privacy. Make it a punishable crime to come even close to violaring privacy, put the CEOs and people making the technical implementations in jail. And require encryption to the point that if data is leaked, the data hoster is guilty if the data is readable. If any data is leaked, then the data of the leaker becomes public property. Etc.
If they can go crazy with the proposals to remove any semblance of privacy, then backtrack a little, but not completely, when there’s opposition, then so can we.
One more: criminalize data brokers, make it hard to combine data from different sources, make it impossible for one single entity to have access to all your data and create a complete picture of your life.
They really keep trying to ratchet further and further to taking full control over what should be private, with all the negative consequences it has for democracy.
We should push ratcheting in the opposite direction. Start with various levels of crazy and sensible ideas. Make privacy a human right anchored in law with no exceptions, it should not even be possible to propose laws that weaken privacy. Make it a punishable crime to come even close to violaring privacy, put the CEOs and people making the technical implementations in jail. And require encryption to the point that if data is leaked, the data hoster is guilty if the data is readable. If any data is leaked, then the data of the leaker becomes public property. Etc.
If they can go crazy with the proposals to remove any semblance of privacy, then backtrack a little, but not completely, when there’s opposition, then so can we.
One more: criminalize data brokers, make it hard to combine data from different sources, make it impossible for one single entity to have access to all your data and create a complete picture of your life.