• @[email protected]
      link
      fedilink
      English
      99 months ago

      No, that was different. eIDAS is certificate based - those that care will just use a VPN to download a non-EU compliant browser build and only surf with the VPN on. At least that’s my plan.

        • @[email protected]
          link
          fedilink
          English
          59 months ago

          But it’s not spyware. The eIDAS law proposes that governments can insert certificates that spoof the originator. A subtle difference.

          I really hope Mozilla don’t comply

          • @NocturnalEngineer
            link
            English
            99 months ago

            Still weakening encryption standards.

            It would force the inclusion of a “trusted root” into browsers & OSs with the purpose of allowing government entities to spoof certificates. As certificate pinning is becoming mainstream, I would assume it’ll require browser & app vendors to weaken those controls too.

            You’d hope ECHR’s prior ruling would block this too. For the exact same rationale.

            • @aelwero
              link
              English
              69 months ago

              No… That’s spyware with less steps… Theres no cracking, hacking, Trojans etc. involved at all, it’s a direct and straightforward addition of the spyware under color of the states authority.

  • Riddick3001
    link
    English
    8
    edit-2
    9 months ago

    " Techradar " is not the best source for legislative journalism, and one could question their credibility about product reviews. Check trustpilot for example; 1 /5 rating.

    Added: Afaik, EU institutions are developing a new legislation for a Euroepean digital future containing biometrics, digital identity and Internet safeguards. The GDPR is a basis for this legislation, so privacy safeguards shouldn’t be an issue. The existing discussion is about the interpretation/ backdoor abuse of the issuing and handling of (root)certificates.of websites, described in art 45.

    Now these certificates are done by businesses and as per 2023 eIDAS EU proposal they should be done by EU and or memberstates. This latter regulation drew the concern of privacy watchdogs. According to the EU itself and the actors involved, it’s rather something more about finding the correct legislative terms, then about the intention to enabling " mass surveillance ". At this moment the new law hasn’t been adopted, as they are still in full discussion mode about the correct version. Also I’m happy about the privacy watchdogs which help contribute to a better legislation . It’s an ongoing discussion and (democratic) process.

    here the new open letter with critique as per nov 2023 towards eIDAS 2.0

    another letter per dec 2023 from the University KU Leuven.

  • Rikj000
    link
    fedilink
    English
    69 months ago

    What would be the best way to oppose / vote against this law proposition?

  • @[email protected]
    link
    fedilink
    English
    49 months ago

    Nonetheless, experts expect the final agreement to be revealed by the end of March as the Parliament is pushing to close all the open legislative processes before the upcoming European elections scheduled in June.

    So basically, the law’s unlikely to change much before being pushed to vote, which considering how stupid it is, it’s likely to be outright rejected like Chat Control by the Parliement.

    Still, it’s good to raise awareness on the issue.

    • Riddick3001
      link
      English
      19 months ago

      According to the EP legislative train digital age:

      "The regulation also clarifies the scope of number of other notions such as the qualified website authentication certificates (used to verify the identity of persons or legal entities behind a website). This identity data has to be displayed in a user-friendly manner. In case of substantiated security concerns, web browsers are allowed to take precautionary measures related to these certificates

      The text still needs to be formally adopted by the Parliament and the Council before it can be published in the EU’s Official Journal and enter into force. "