The EU is not fit for purpose.

Au contraire, it's fit perfectly for the purpose it was intended.

It's just that we, "the great unwashed," weren't deemed worthy of being told what that purpose was.

Just some quotes from a Very Important European:

"We decide on something, leave it lying around, and wait and see what happens. If no one kicks up a fuss, because most people don't understand what has been decided, we continue step by step until there is no turning back."

“Of course there will be transfers of sovereignty. But would I be intelligent to draw the attention of public opinion to this fact?,”

"I'm ready to be insulted as being insufficiently democratic, but I want to be serious ... I am for secret, dark debates"

On French referendum over EU constitution

“If it's a Yes, we will say 'on we go', and if it's a No we will say 'we continue’,”

Brexit may have happened for all the wrong reasons, but it's probably still better it happened.

If that purpose was to divide all the countries in Europe so the UK could remain the 'big dog' then you are correct :-)

When it was the EEC it was fit for purpose. Unfortunately, like Topsy, it just growed - until it became too big to fail.

Overreach is a condition of many a government(ish) organisation.

Incompetence at the top isn't limited to the US.

Poor wages in public sector attract talentless people and some even happily taking a top up from a hostile state.

In the upper echelons of the EU where these schemes are plotted and decisions made I am not sure that poor public sector pay is an issue.......

Salary of European Commissioner is in €25,910.19 per month area.

That might be a lot from a perspective of working class person, but in the grand scheme of things this is chicken feed.

Your month's salary wouldn't cover luxury family holiday, let alone rent, food, cars and other basics.

It is actually more dangerous, because they can see the rich, they can almost taste it, but lifestyle is still out of reach. This makes it even more tempting to get bent a little.

We've been fighting this war for over 30 years now.

We'll probably still be fighting it in another 100, assuming there is anyone human left to fight.

[1]Most encryption is primed to be backdoor'ed [https://xkcd.com/538/] by the user when placed in a not-so-fine situation.

[1] https://xkcd.com/538/

The problem that governments have with that approach is not the ethical one, but that it doesn't scale well.

Correct, but wrenches and drugs do not scale well enough.

You need to apply them on one use at a time and would be quite an effort - even for the EU - to implement mass-surveillance on that basis.

Rule #1 should be that all politicians and diplomatic traffic uses any new system/law first. If they can eat their own dog food then let others eat it.

Remind me how long smoking has been banned in all UK workplaces except parliament?

PI shall equal 3.

No Dedekind cuts here, please.

If "Police can't access data in 85% of cases" that means almost all crime is financial / corporate / etc relying on encrypted data.

That means there is almost no murder, rape, assualt, robbery etc committed in the EU. Ordinary crimes that don't involve encryption must now be varnishingly rare.

Police shouldn't have access to any of the digital data, same as it is for the 'analog' data.

They can access mandatory financial docs that companies must keep and 'data' that alleged criminals left accessible.

It's the same in digital and 'analog' world. They cannot access paper documents that have been burnt or hidden in the same way they cannot access encrypted data.

Sure, all that sweet data is a juicy target, but it's not their data whether it's useful to them or not.

On the other end we, citizens and salary payers for those unelected bureaucrats, should have much greater visibility on their data since it seems that once they are elected they tend to forget who are they working for...

They don't forget, they just keep working for whoever elected them.

Oh, sorry, you're still believing in that old fairytale about elections. I bet you still believe in Santa.

Two things that would happen if the inept make encryption laws

Secure encryption is made illegal, enabling criminals access to pretty much anything.

Possession of any securely encrypted data becomes a serious offence. Files suspected of being encrypted - even if just broken files are used against you.

Suddenly political opposition will be found with encrypted files that nobody can open, and forever be silenced.

"Safety is one of the key prerequisites for open, vibrant societies and a flourishing economy,"

Which we why we value our encrypted communication so much, Ursula...

Keep your hands off.

Relax, the courts will nix anything legislation if it were passed. Any such legislation would invalid a great deal of existing cybersecurity legislation and, in countries like Germany, constitutional protection.

But "won't somebody think of the children" is a perennial crowd-pleaser and vote-winner so we can expect to hear the same arguments brought forward every few years. And another option seems to be to get US politicians involved as they will quite happily hand out any secrets.

In the meantime, encryption schemes will improve, including better encryption at rest.

PS note to Iain: the EU is not a superstate and the EC is just another civil service.

We have a load of stuff that is stored encrypted already with tools that don't have back-doors.

We already have the tools that will encrypt without back doors.

How are "they" going to make us give up on the old tools? Will we have to decrypt and re-encrypt everything - if we even can (eg shaddow credential stores...)

Even if "they" say that all of the communications products have to have back doors (and that they won't talk to "old" versions that don't), then if I can send a file, I can send a file encrypted with the old tools that the authorities won't be able to read.

Even PGP for email has been around since 1991

And even if they completely outlaw encryption without backdoors and all law-abiding citizens would comply, that would not work on criminals and terroists, because by their very definition those are not restricted by laws.

So what gives?

Don't worry, the UK is safe as we've left the EU...

Erm...

https://www.theregister.com/2025/03/05/apple_reportedly_ipt_complaint/

Couple of observations:

- Signal is (very likely) secure WHILE IN TRANSIT.

- But the end users need decryption to understand the message

- So......a compromised end point (see NSO/Pegasus) means that the message is available to someone other than the end user!!

MY SOLUTION

(1) You (and your buddies) develop a private encryption protocol

(2) You (and your buddies) always do encryption/decryption using OFF-LINE processing

(3) You (and your buddies) send encrypted messages using any transport available (including Signal!!)

(4) .....so the snoops (EU and elsewhere) using NSO/Pegasus or similar......will only ever see encryption (either the Signal version....or the private version)

NOTE

(5) PGP uses published static keys (so disclosure is actually possible)

(6) Diffie/Helman schemes use different random keys for EVERY MESSAGE (so disclosure is technically impossible)

(7) ,,,,and of course you and your buddies use multiple pass encryption with different random keys, just to make it interesting for EU and NSA and GCHQ snoops

ASIDE

......but in any case this EU news is just the usual misdirection......"We in Brussels ARE DOING SOMETHING!!"

to come up with algorithms that allow for plausible deniability and the end-user should be the one in charge of the encryption.

Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security and Democracy, is a politician, that has never worked in any technical job and has zero technical education whatsoever. In fact, she's got a degree in arts and another in phylosophy and her whole career consist in hoping between political responsabilites with no connection to technology. Why the fsck do we have such a person in charge? A monkey with guns would do better.

..... into which you can place documents.

Each of these documents appears to be 'garbage' when you open them. But if you XOR two or more documents together you then get the unencrypted document, or even an encrypted document that you then decrypt with an agreed key. The key thing is that you need to know which documents to XOR to get to the document that you want.

When you are going to publish a document you select other document(s) that are already in the store to XOR with before publishing, then just publish away.

The great thing is that people will come along later and use your document as one of the ones they choose to XOR their document, so eventually the documents in the store will have been used multiple times to make up many documents.

Weren't the EU's politicians talking about safety, security, and protecting democratic values a week ago? Guess that rhetoric isn't convenient when trying to reestablish the Stasi thought police.

This is just the latest round of government dumbfuquery. They don't understand something so they make grandiose statements on how to fix it (despite advice to the contrary) until eventually someone either explains it to them using words of less than one syllable, or else they get fired/voted out. As for the anti-EU comments above, you should be proud that a Brit thought of this stupidity first!

Politicians are scum. They keep making noises about not wanting to backdoor E2EE and at the very last moment pass a law that mandates exactly that.

I still remember clearly Labor wanting to introduce RIPA Part 3 in the UK and the Tories blocked it calling it "Orwellian." And what did the Tories do when they came to power? The first thing they did was to pass RIPA Part 3.

I would therefore not surprise me that despite all the supporting noises for E2EE they will enact something like RIPA in the EU. Many countries have been quietly been lobbying for this. Publicly they're against backdooring but when the EU enacts legislation they'll tell their constituents they "had no choice."