Short question: how would they enforce that? What if I use some obscure messenger that nobody has ever heard of? What if I simply use telnet or netcat to send messages to other people?
Telnet? Banned. You now need the EUs approval to use networking software. The only apps that any EU users can use that uses the network interface are those whitelisted by the EU.
That's the only way that this is enforceable. And still pretty easy to defeat, or are they gonna Linux too? Since Linux comes with the source code, anyone could recompile it removing the restriction.
I think these things aren't designed to stop everyone, just most people, non-technical people - not people like us who know how to work around limitations etc.
Criminal would just use the communication method that is encrypted, because it will be known as such. Just like nowadays everyone knows that if you want to pirate you use torrent. And if you don't wanna be tracked you use VPNs and tor.
This will hurt the dumbest of criminals and all the non-criminals.
And the reasoning? As always Terrorists, pedophile, criminals, etc. Guess what: If those guys have not learned yet to make a big detour around official chat apps, they deserve getting caught. My bet is, those people already have their own secured means of communication. Maybe they have their own encrypted app, or they have a forum somewhere in the Darknet, whatever. But the chance that this new law will catch anything worthwhile is practically nil.
Two German states are about to attempt introducing a law at the federal level banning all knives with blades longer then 6cm (~~1.5~2.3 in) from beeing carried in publicin public.
Positive news: at least Germany will reject it, let's hope more members follow their lead
According to [German Federal Minister of the Interior] Nancy Faeser, it is appropriate to "hold online platforms accountable so that depictions of abuse are discovered, deleted and the perpetrators prosecuted". However, if the current proposal remains, the representative of the Federal Republic of Germany would have to vote no, said the SPD politician. "Because we must take targeted action and maintain the balance of the rule of law. Encrypted private communications of millions of people must not be monitored without cause.
Unfortunately the court wasn't that strict in it's most recent decision regarding data retention (different lead judge combined with the endless tries from the politics)
The real offenders (except for some stupid rookies) move to the dark web and won't touch the official apps while politicians use this power to scan for political and environmental activists, opponents and critics.
I said the same to a coworker this week. If i were to be part or manage an illegal ring like csam, id make my own protocol/app that just uses encryption. Youre already doing illegal shit, go one further so you dont get caught
No it will be. Having your own XMPP/IRC server doesn't prevent the NSA from spying on your metadata, and that's exactly what will happen. It's just that TOR and I2P will likely see an increase in traffic
Indeed. Protecting the metadata is already a completely different task from protecting the contents. But how would this law in particular change this aspect? It concerns message contents, surveillance of metadata stays the same (aka full). I was saying this about getting back access to encrypted messaging even with a low threat model.
Does this cover all messages sent between me and my teammates about the secret projects we're working on, or are we only fucking over the people, and not the companies?
If you're working on a secret project, you make your own communication tools and protocols. Or if you're lazy you just set up a mail server behind a VPN.
Making your own protocols means vulnerabilities are more likely. Better to use one that's been tested and audited (unless it's following something like this EU thing of course)