The widely discussed "Chat control" proposal has already been withdrawn. What remains is much narrower in scope. For instance, it no longer includes mandatory client-side scanning.
Over time, these kinds of proposals usually get watered down further until they either respect individual rights fully or fade away entirely, as has consistently happened with privacy-invasive initiatives in the past.
The only exception I can think of was the "Data Retention Directive" that was (eventually!) rejected by the ECJ - only for the UK to reimplement it after Brexit...
> For instance, it no longer includes mandatory client-side scanning.
It's still unclear whether it really is removed. They turned scanning into something voluntary, and then said big chat providers must do _something_ to monitor abuse. It seems _very_ likely that the regulatory bodies/courts will decide that the bar they must clear to meet this "something" is client-side scanning.
And I agree that the regulation still has a lot of hoops to jump through to be implemented, and will likely be further tweaked. But it's _very_ important to keep raising our concerns, otherwise there will be no pressure to change the currently problematic legislation.
EVERYTHING is unclear, because they have literally only just received a negotiating mandate to discuss the idea. This isn't even a proposal that will reach parliament in its current form - its undergone near zero scrutiny because it simply hasn't progressed far enough to be scrutinised.
> It seems _very_ likely... client-side scanning
Actually, it seems almost completely UNLIKELY due to the protections afforded EU citizens. The last time legislation was passed that eroded privacy it was repealed by the ECJ (albeit many years later).
> it's _very_ important to keep raising our concerns
And what exactly is that?
The widely discussed "Chat control" proposal has already been withdrawn. What remains is much narrower in scope. For instance, it no longer includes mandatory client-side scanning.
Over time, these kinds of proposals usually get watered down further until they either respect individual rights fully or fade away entirely, as has consistently happened with privacy-invasive initiatives in the past.
The only exception I can think of was the "Data Retention Directive" that was (eventually!) rejected by the ECJ - only for the UK to reimplement it after Brexit...