Chat Control is back

The end of privacy will be voted by UE Council October 14th, 2025.

Democracy needs you !

Regain your privacy! Adopt /e/OS the deGoogled mobile OS and online services

This is concerning. Are there any messaging, email or cloud apps left that are reliable, private, encrypted and are based in countries other than UK, US or EU? It feels like we are running out of options?

This is why we need to start hosting things ourselves. That is why I suggested you take a look at Yunohost. Your own XMPP or Matrix server can be hosted quite easily. It also makes your own Jitsi Meet server quite easy. The latter is quite straightforward using Docker Compose but its weakness compared to the former two is the need to initiate out of band (e.g. sms or email.)
Both XMPP & Matrix are federated and offer end to end encryption. In the case of XMPP this is not by default but is trivial to set up in a decent client. The weakness of Matrix is that all conversations are copied to every server which hosts the user accounts of the participants. XMPP is also much faster and the one I prefer.
No phone numbers or email addresses are required to be tied to accounts for either if you own your server.

Threema, I’d say - but that’s the problem, every messenger that is officially available in the EU would be forced to either implement client-side scanning of images or not allow sending images and weblinks. (Apart from that, messages would still be encrypted.)
EDIT: Correct remark by @linux_fangirl, I have to be more precise: If a messenger is available in the EU, its EU version has to implement scanning or not allow images and weblinks. Its other (international) versions are not forced to implement Chat Control, but are not officially allowed in the EU.

However, this entire current proposal is even more idiotic (sorry!) than just outlawing encryption.

1. If I really wanted to share something illegal, I could still send messages like: “Login to OneDrive with someone@example.org with the following password. Decrypt the illegal material stored there with the following (different) password,” and it would still be encrypted and not be scanned.
2. It would create the infrastructure to easily extend the scan technology to every messaging available.
3. It is questionable anyway whether the entire Chat Control legislation would withstand any appeal in court.
4. Threema and Signal have already threatened in the past to leave the EU market if chat control becomes law - there will (finally) be some public outcry when this happens.
5. Finally, to (maybe) answer your question: There are decentralized messaging techniques. I could just set up a chatserver or use Delta Chat that relies on the email infrastructure… I just cannot see how any chat control legislation could block its usage, unless they want to outlaw emails.

To add another information source, there is also the webpage https://www.chatcontrol.eu .

Thanks for this additional information. I will read through it thoroughly. I guess, here in the UK, we are really only affected by our own governments surveillance plans. So, if Signal cease offering their service in the EU, we will only be affected if the UK government try to enforce ChatControl here, voluntarily (which they may well do). I wonder what the 3 countries who are against this will do, if it gets passed?

Yes. I have not had time to investigate this yet due to holidays but, am planning to install Yunohost, in September and test it. I have watched some youtube videos on this and may need to take you up on your offer of assistance, if I encounter any issues - thanks. I am hoping to test it with messaging and email, so that I have an alternative to my current services, if they become unavailable to me here or have to comply with the installation of a back door.

Another alternative which looks interesting is SimpleX. Apparently created by a British registered company with plans to make money in the future by offering as yet unspecified services. But currently open source, distributed and without user IDs. Briar is also interesting as it can work over Bluetooth if the internet is cut off. But it doesn’t do voice/video calling and is Android only.

This would suck so badly.
Even without client side scanning on my device, the other person’s device would be scanned, including with my messages sent to him/her.
Should get more people aware about this.

My real concern is that this law is going to be voted without beeing presented to all UE citizens.
But also national media is not informing citizens about this law proposal.

All who have concerns and are willing to learn should have a look at the self hosting solution FreedomBox (freedombox.org), similar to YunoHost mentioned in this post. I am very happy with FreedomBox. I was able to set up my own cloud and e-mail server. It has caldav and carddav which works perfectly with /e/OS. Actually you have all the apps you need for privacy. FreedomBox runs on Debian, all goes perfectly together with /e/OS! I really gained freedom over my IT and data.

I tried Freedombox several years ago and settled on Yunohost as, at the time, Yunohost had a larger app catalogue and required less manual configuration. Things might have changed by now but I’d certainly recommend people look at both and choose what they prefer. Both make self-hosting easier than doing everything from scratch.

Discussing alternatives for self-hosted solutions is largely pointless, as it will only be accessible to a very small part of the population.

Even if we all self-host our solutions, installing them will become difficult. If politicians find out that custom ROMs allow to circumvent this and a few bad actors take advantage of it, a ban on bootloader unlocking will soon follow (see the recent targeting of Graphene OS users by law enforcement), and with Google restricting sideloading, using self-hosted solutions will become difficult.

The ultimate consequence would be that we are all forced to run a big-tech OS with US clouds and the black-box chat control code on it, both with more or less a direct integration into Palantir.

We should be discussing ways to stop this legislation before it is too late instead of hoping that it won’t affect us tech-savy.

We should be doing this while also looking at technical methods of circumvention. Grassroots movements often fail but they have sometimes succeeded.

My point is, if this goes through, there will be no way to circumvent it because what little control we currently have left over our devices will be taken away, and foreign big tech will be trusted with enforcing it.

It is obvious that the proponents of these bills trust foreign companies like Google, Apple, Samsung, Xiaomi, Thorn and Palantir more than the people who elected them.

I’m not sure there is any trust involved from either part.
They both (tech and politicians) have interests that overlap. Thats it.

Only if we comply. Admittedly the non-techies will have little choice but if they know any techies and finally start listening to them…

You have to believe we can win or there’s no point fighting. Such defeatism would have had Europeans living under absolute monarchies until today.

Of course we can win, but only if we act on a political level, not just on a technical one.

A bunch of us hosting our own stuff is not going to achieve much agains an army of well-paid lobbyists in secret closed-door hearings.

We have to write to representatives (see links above), actively inform people around us, and contact mainstream media in our countries asking them to cover the subject more.

In my more simplistic way, this is what I think.

Using tech that is less mainstream / popular has for a long time been a good way to bypass what the large tech companies have been doing by providing popular, ‘easy to use’ services to the general population and thereby taking control of their data. This is one of the reasons that I have been using Linux exclusively for years. Also, the fact that fewer users made it less of a target for bad actors. As it is starting to get more popular, that is starting to change. I have for years been trying to encourage others to use it too. Those (Windows users) who I have successfully convinced never went back to Windows, as they all prefer Linux for various reasons. But, there are many more people who I have been unable to convince to make this change, even while the Windows system has been becoming more problematical and generally unpleasant for them to use - I could give you a long list of the problems but, I suspect that you already know them.

I think that, in the same way, the majority of people would not be convinced by arguments about the loss of data encryption and privacy. Many will not understand and most will want to keep using these popular, convenient services, regardless. Certainly, life is extremely busy and stressful for most working age people and they simply don’t have the time or head space to understand what is happening and make the sort of changes necessary, to protect themselves against what is happening now and what may well happen in the near future. Of course, that is not a reason for not trying to make people more aware of all of this - we should still try. But, I think that we have to accept that our efforts may not be successful.

So,I think that, at the same time as making the general population more aware of these issues, we should be also be considering more secure and private means for ourselves to retain the services that we also value but, not to the extent of sacrificing the last dregs of privacy that we still have. And this is why I will be trying out Yunohost and possibly other self hosted options.

I realise that this is going to be an ongoing battle with the authorities in our countries as they try to shut down or de-activate anything we use to bypass their data grabbing efforts but, I still think we should try.

Also, I think this is a really important discussion that is right at the heart of why we are using e/os phones and other more privacy friendly systems. So, I thought it might be a good thing if this thread could be kept open for longer?

Write to your national media and MePs, tell Thema to oppose it.
Idealy via Mail, if thats not possible E-Mail.
But of course you can also tell them in Social Media or in YT comments etc

I second that. Mail-in letters and direct action also allows regular folk to participate. Do both, politics and tech, in that order. Nerds will always find a fallback for themselves.

Imo https://fightchatcontrol.eu/ has the most current links atm