1. Forum
  2. FidoNet
  3. CONSPRCY

  • VPN industry speaks out a

    From Mike Powell@1:2320/105 to All on Fri Sep 12 13:33:39 2025
    "A major step backwards for privacy" The VPN industry speaks out against
    Chat Control

    Date:
    Fri, 12 Sep 2025 15:50:22 +0000

    Description:
    While opposition grows, the majority of EU members currently support the mandatory scanning of private chats. The next EU Council meeting is set for October 14.

    FULL STORY

    EU lawmakers should reject any regulations that mandate encryption backdoors, weaken encryption standards, or impose insecure technical requirements.

    That's the pledge from the VPN Trust Initiative (VTI) , a consortium that includes some of the best VPN providers on the market, as EU members are sharing their final positions on the Danish version of the Child Sexual Abuse Regulation (CSAR) proposal in the Council.

    Nicknamed Chat Control by its critics, the bill seeks to introduce new obligations for all messaging services operating in Europe to scan user chats
    even if they're encrypted in the search for both known and unknown child sexual abuse material (CSAM).

    Although virtual private network (VPN) software is outside the law's scope
    for now, at least VTI's members are worried that this so-called client-side scanning would irrevocably ruin the very technology VPNs are built on.

    "Encryption either protects everyone or it protects no one," said Emilija Beranskait, Co-Chair of the VPN Trust Initiative.

    "Governments worldwide and especially in Europe this week must lead from an informed position and defend strong encryption as a cornerstone of privacy, digital trust, and democratic values."

    How Chat Control could break encryption?

    In its current form, the Danish CSAM scanning proposal would force the likes
    of WhatsApp, Signal, ProtonMail , and other messaging services to perform indiscriminate scanning of private messages.

    Crucially, the mandatory scanning is expected to occur directly on the device before messages are encrypted, targeting shared URLs, pictures, and videos. Only governments and military accounts are excluded from the scope of the
    bill.

    Despite the proposal mentioning the commitment to preserve end-to-end encryption protections, experts believe that client-side technologies simply cannot do that.

    "Chat Control's client-side scanning provisions create a false choice between safety and security," Laura Tyrylyte, privacy advocate at NordVPN , a member
    of the VTI, told TechRadar. "Solutions should not be transactional. We cannot solve one problem, even as serious as child safety, at the expense of
    creating systemic security vulnerabilities that expose everyone to greater risks."

    NymVPN 's CEO, Harry Halpin, has also spoken out against Chat Control,
    deeming it "a major step backwards for privacy."

    "Scanning everyones intimate conversations is a disproportionate response
    that normalises surveillance," he explains. A measure that could be easily repurposed to target journalists, activists, or political opponents. Such a backdoor will also create a vulnerability that criminals and hostile governments could exploit.

    "The better approach is targeted, warrant-based investigations, rapid
    takedown of illegal content, clear industry reporting routes, and properly resourced specialist teams," Halpin added.

    How likely is Chat Control to pass?

    On the eve of today's (September 12) meeting, Luxembourg and Germany joined
    the opposition , bringing the list of countries opposing the bill to eight.

    The latest rumors shared by the former MEP for the German Pirate Party and digital rights jurist, Patrick Breyer, also indicate that Slovenia has passed from the undecided to those against.

    If that's true, only three EU members remain undecided (Estonia, Greece, and Romania), and we'll need to wait and see if these governments will eventually take a definite position in the Council. Do you know? (Image credit: Getty Images) On Tuesday (September 9), over 500 cryptography scientists and researchers signed a letter to warn the EU Council of the risks of agreeing
    to the proposal in its current form. This is the third time since 2022 that experts have urged against mandatory chat scanning.

    However, support remains stronger, with 15 countries (including France,
    Italy, and Spain) being in favor of the bill, as per the latest data .

    According to the Senior Director for European Government and Regulatory
    Affairs at the Internet Society, David Frautschy, that's "a bad outcome" for privacy and secure communications in the EU.

    "It's not over, but the window is closing quickly. The process will be over
    by October 14th. So, we encourage citizens to convince their policymakers
    that the right way forward is supporting strong encryption, not weakening or undermining it by client-side-scanning surveillance," Frautschy added.

    What's certain, however, is that Chat Control is only one of the proposals
    that could endanger encryption protections for Europeans and VPNs could also become a target as some EU experts explicitly mentioned them as "key challenges" to investigative work.

    Commenting on this point, Tyrylyte from NordVPN told TechRadar: "Once
    deployed, client-side scanning infrastructure can be trivially reconfigured
    to expand surveillance beyond its original purpose. This directly contradicts the EU's own cybersecurity goals, including the Cyber Resilience Act and post-quantum cryptography initiatives. We can't have one policy weakening security while others are trying to strengthen it."

    ======================================================================
    Link to news story: https://www.techradar.com/vpn/vpn-privacy-security/a-major-step-backwards-for- privacy-the-vpn-industry-speaks-out-against-chat-control

    $$
    --- SBBSecho 3.28-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)