Tadeu Bento

Chat Control 1.0: What Might Happen Next

Many people see the recently approved Chat Control 1.0 as a win for privacy because it excludes end-to-end encrypted (E2EE) messaging services from the mandatory content scanning, however I don’t believe this is the full story.

I believe this exemption simply means providers like Signal can’t be forced to scan messages on their servers. That would require implementing a backdoor, fundamentally breaking end-to-end encryption – something these services are unlikely to do and even the EU doesn’t seem to be very comfortable with.

However the proposal doesn’t rule out a different approach: scanning messages before they’re encrypted on the user’s device or after they’re received and decrypted.

This approach creates a different problem, the EU has close to no leverage over most messaging applications and forcing them to implement their own scanning solutions is technically expensive and difficult to enforce.

Why Apple and Google Matter More Than Signal

Rather than forcing every app to implement client-side scanning, regulators could require Apple and Google to provide a system-level content scanning API and make its use mandatory for apps distributed through their app stores.

Apple already has the technology, its called the Sensitive Content Analysis framework and it performs on-device content analysis:

Apple’s Sensitive Content Analysis Framework

Its existence shows how operating systems can provide efficient and secure on-device content analysis through a centralized system service. The technology already exists, the policy and legalities surrounding it can change at any point (Chat Control 2.0, 3.0?…).

Think about it, if app stores required messaging apps to submit messages to such APIs before encryption, users would have no choice and no alternative. Signal could continue using all the E2EE they would like to but every message would still be inspected before encryption ever happens.

The current proposal essentially prevents mandatory server-side scanning of encrypted chats. It does not necessarily prevent future device-level scanning.

That’s why I don’t see the E2EE exemption as a win. This is certainly better than requiring encrypted services to introduce server-side backdoors, however it simply a shift in where and how the scanning happens.

Exit mobile version