hckrnws
Article was already discussed on HN[1]. I can only again express my hope that germany gains some influence in the EU one day.
I think it's the first time I've heard someone say that. Who has more influence than Germany? France is not far behind, but more influent than Germany might be a stretch. Unless you meant that they should be "the" leaders of the EU?
What are you on about? Germany has way too much power in the EU. They might be right this time but that doesn't make it right for them to have the power they do. Smaller countries need more power here, not Germany (or France)
The only reason why this problem for those that want to see this happen, is exactly because Germany has so much influence in the EU.
The difference between what's on the "client" vs what's on the cloud has been virtually diminished in the last few years with everything doing a cloud backup by default. Active content scanning and reporting to authorities been there for nearly a decade at least with several high profile cases every year since.
https://www.businessinsider.com/police-say-a-google-tip-abou...
https://cbs4indy.com/news/indycrime/muncie-man-arrested-on-c...
https://www.nytimes.com/2022/08/21/technology/google-surveil...
I can assure you 99% of my data/files never see the cloud other than as encrypted containers for backup. That's good practice for most business is it not?
What do you have to hide? This makes us very suspicious. /s
I know you're /s but it's not even about privacy, it's the cost of mitigation after $cloud_service_x has a data breach and we then have to assign resources to account for _our_ clients data etc.
this is a terrible argument. Would you enjoy going to the toilet when a certain group of people (like your neighbours) could watch you doing your "business"?
Perhaps you missed the /s or didn't know it means "I am being sarcastic." A terrible argument made sarcastically is a good argument.
thanks for the clarification
-> /s
I can assure you that 99% of people and businesses do not operate that way, and that people you communicate with, buy from, and sell to, are all sending your data effectively unencrypted to the cloud.
Gdpr means data out of my control is someone else's liability. If they want to play fast and loose, that's their look out.
People engaged in this debate often say "content scanning has been ubiquitous on private data for years", as though this is true for all cloud content since 1776, 1990, or even 2008. I want to stress that cloud content scanning is extremely new and opinionated decisions about scanning private content are actually more recent (and much less unanimous than implied above.)
Microsoft publicly released PhotoDNA only in 2009, and even at that time its use was very limited. A few cloud services adopted it for cloud-uploaded files, which (back then) tended to have a clear UX distinction from private content (in the sense that users either knew they were making a public post, or at least had to make an affirmative decision to upload each piece of content.) Even during this time, some providers only enforced CSAM detection on content explicitly shared with others, while some were more vague about their policies. Still others refused to scan much at all. As an HN reader you may have known this scanning was in place, but in reality it was sporadic and very few platforms made public efforts to engage with customers and explain whether or what they were actually scanning. (For a contrasting example, see Apple's very public messaging efforts around CSAM scanning from 2021.)
Today's big private messaging platforms like Facebook Messenger, WhatsApp, WeChat and iMessage didn't really come on the scene until around 2011. Excepting Chinese platforms, most of these messaging platforms do not employ content scanning for private messages. Perhaps the major exception to this rule is Facebook Messenger, which made the (IMHO thoughtless) decision to add CSAM content scanning across its entire network, and didn't bother to make a distinction between "public" and private messaging. But even Facebook has clearly reconsidered this hasty decision, given that they're planning to deploy default E2E encryption for Messenger (as they already do for WhatsApp), and have publicly opposed adding content scanning to that system. Meanwhile transparent smartphone backup systems like iCloud Photos are even newer, and have not always scanned private backup data. (See again Apple's public attempt in 2021 to deploy this scanning, which failed due to customer pushback.)
TL;DR: content scanning is a relatively new technology that only had relatively limited deployments, sometimes only on public data or data explicitly uploaded. It was deployed relatively quietly so that "society" never really had the opportunity to have a public debate about whether or where it should be deployed. For better or worse, we are now having that debate. I think it is very unhelpful to imply that this is some long-deployed technology that all providers have always used on private data, because that's (1) not really accurate, and (2) short-circuits the debate and implies that we've already made an important decision.
I would add that, even if it was true that those tecniques were used already for a long time, it doesn't mean that we have to be ok with them or that we can't change our mind about them. It would like saying "this minority has always been discriminated, so let's keep discriminating them".
No it’s saying “people didn’t make a that much of a fuss and the world didn’t end when people started scanning cloud documents and so the same will probably be true of client scanning.”
Like I don't like this plan but I also have to be realistic that my reaction as someone who values privacy is way overblown.
We live in a very different world in 2023 than we lived in back in 2008. For one thing, smartphone adoption has gone from (approximately) zero to well above 90% in most Western nations, and the use of transparent cloud smartphone backup has increased from 0% to nearly 100% of all smartphone users. Private messaging in 2008 meant niche networks like MSN and AOL on desktops. Mobile communication was done mainly by voice. In 2023 desktop messaging and phone calls are fading technologies. Mobile text (typically app-based messaging) is literally how the non-elderly communicate.
The way we engage with data is also very different. Back in 2008 I kept most of my photos and private papers in hard-copy form inside my house, or (perhaps) on a local hard drive. Today nearly all of my private papers and photos live in my phone, and for most people a duplicate copy lives on an Apple or Google server somewhere. Having your phone's data stolen is literally a life-altering event for many people, one that is mostly avoided through local data encryption. This is leaving aside the societal implications of ubiquitous scanning, which would effectively undo two centuries of limited policing.
This was also a time before massive data breaches and ransomware and revenge porn and data extortion were routine. The big high-profile leaks of celebrity nudes wouldn't happen until 2014. Indeed, the very notion of having cloud-backed smartphone photos stolen was hardly a thing, because cloud backup mostly didn't exist and routine use of phones to take private, explicit imagery was not a thing most people engaged in. In our time, sextortion has become so routine that it's a major category of child abuse. To deal with this changed landscape, security has been massively upgraded across cloud and messaging services. Part of that upgrade is the default use of user-controlled encryption for local data as well as the default use of E2E encryption for most messaging.
You can't say "everything was fine" because by and large most things were not fine. From a security perspective things were actually fairly bad! We've made a lot of progress since the time when photo scanning was first launched, including the launching of widespread encryption as a means to prevent breaches. Client-side scanning implies at least weakening some of those measures, and possibly eliminating others.
What the hell is the cloud of 1776 ?
An appeal to heaven?
True, but we should have fought “cloud scanning” then as well.
Governments have no right to compel companies to engage in policing activities like this.
> Governments have no right to compel companies to engage in policing activities like this.
It's called privatization of tyranny and it's been going on forever.
Companies like to do it to get closer to the government to get less regulation or government contracts.
After experiencing first-hand German copyright cease and desist bullying and being forced to deal with Schufa, I put zero trust in any of "privacy" initiatives coming from them. All their EU-level initiatives are biased by various domestic "privacy" practices ranging from weird to creepy.
It bothers me to no end, the goodwill Germany gets online.
A bastion of freedom, leader of the free world and all sorts of similar appellatives.
But living there you start to realize how creepy everything is.
The Netherlands is also infamous for its tough privacy laws but at the same time has the most phone taps per capita in the world. Your every move in traffic (both by car and public transit) is tracked and tied to your id. The police can see the balance of your bank account. UK is the same with CCTVs on every street.
There are practically no privacy laws for the government, they know everything.
I guess it’s an European thing…
> UK is the same with CCTVs on every street.
There really isn't though, maybe in a built up area, in the middle of a city. But even then it's selective IME, and they are not all part of the same network.
It's the same problem you allude to, everything discussed online is quantised into 0 or 1, by humans.
The only way to make sense of anything is to remind yourself the truth in what you are reading is invariably more grey and nuanced, writers' unconsciously colour everything to fit their narrative.
> UK is the same with CCTVs on every street.
This claim appears continuously on HN, but it really isn't backed by reality. The UK is no more covered by CCTV than most major countries and in fact, per capita, has fewer cameras than the US.
https://www.precisesecurity.com/articles/top-10-countries-by...
How is being in the top 5 or even top 3 of the statistics[1] a false claim? Yes, there are some which are worse, just, it's 2 or 4, not 100.
[1] https://www.tooltester.com/en/blog/the-worlds-most-surveille...
Who owns the cameras and what is their purpose?
The Netherlands are quickly becoming the Mexico of Europe, a virtual narco state. The amount of organized crime related to or financed by drug empires there is insane.
Can you elaborate? I feel like any information about this country is carefully curated and you don't normally hear anything of this sort.
Well, it is nowhere near as bad as Mexico, but the Netherlands see their fair share of trafficking, money launderng and assorted organized crime. By virtue of having Europes biggest container port and liberal drug laws.
Netherland has had pretty permissive drug policies for quite some time now, and this seems to have lead to it becoming increasingly important in international drug trade. A couple of years ago there were some serious concerns about this getting out of hand. I have no idea what the current situation really is.
It's not happening with the kind of violence that you sometimes hear about from Mexico, though.
> Netherland has had pretty permissive drug policies for quite some time now, and this seems to have lead to it becoming increasingly important in international drug trade.
That's bordering on propaganda. The problem the Netherlands have is that Europe's biggest seaport is in Rotterdam - that means a lot of ships that come from South America unload their freight there, and there is an extensive network of rail and highway lines that connect it to the rest of Europe. And that combination attracts drug smugglers like a pile of poo attracts flies - and wherever you have large scale drug smugglers, no matter the country's drug policy, which is only relevant for marijuana anyway, you will get absurd amounts of money luring in corruptible officials.
Can you explain how the dutch permissive drug policies (which are exclusively related to recreational use) have any influence on importance in international drug trade? Smuggling hard drugs carries a sentence of up to 16 years in prison in the Netherlands and is also frequently enforced.
People create drugs here and then smuggle it abroad. That's pretty much it, I think. We've got several major ports and tons of excellent infrastructure with no border checks to the rest of the EU, so I'm sure that helps.
I think there has been a period that the Dutch authorities were a bit naive about this, but they seem to be taking it more seriously now. But I'm no expert and not remotely up to date on what's really going on.
> People create drugs here and then smuggle it abroad.
That's only valid for some chem-drugs (mostly LSD) and marijuana. The real issue is cocaine imported from South America, it's by far the most important drug in the Dutch trade.
You could enlighten us with some explanation and sources. We're mostly not Germans after all.
For one, you can't get a phone number in Germany without showing strong government ID.
Phone number requirements in apps mean that you basically can't use consumer apps without doxing yourself.
I had to show an ID to get a local sim in Tunesia as well...
Also, what is a "strong" "government" ID? Are there weak, non-government ones, like library cards?
Comment was deleted :(
That's a strange conclusion, what does the fact that you show the ID to operator have to do with doxxing yourself in relation to apps running on your phone? They didn't get the ID.
Probably means doxxing against the state. You do something sketchy, like spreading hate speech on a social network via your smartphone, and the got you. And hate speech can mean, posting something really awful, or just something harmless, like calling a politician a penis (which was a real case actually, though I don't think they got him through his smartphone).
The state literally knows where you live though?
How should that work, If you don't link your identity to your phone number?
[not the gp]
For one, Germany is not a state of law, given that the public prosecutor's office is bound by instructions (not sure if that's the correct translation). It is up to politicians to decide wether state attorneys can go through with lawsuits. I didn't know this until I was close to 30. This came to somewhat public attention because our current chancellor was the superior to the prosecutor while being in the senate of Hamburg, which is why he wasn't prosecuted in the causa cum ex. It's the whole "one big club" thing, but legal.
If you haven't heard of "cum ex", its a fun read of how bad things can go (well, could, so far).
Most recently, the data privacy officer of Hamburg said this:
Principles for avoiding and minimizing the processing of personal information, which are enshrined in the General Data Protection Regulation (GDPR), among other things, "will be unable to be upheld."
Read his job title again :-)
Another prime example is how anything related to the future is compromised in favor of legacy industrial groups. We used to be leading in solar tech, but political support for the related industries was gutted in favor of drum roll coal jobs.
I could go on for a long time.
I don't know why this is getting downvoted, all of this is true. Prosecution in Germany is 100% a political decision. Policing (below this level) is supposed to be "automatic by law", but in practice, that of course also is not the case. All state bureaucracy is of political, always, but in the case of German prosecution, it's openly legal.
Any country is creepy, especially if you don't understand the reasoning for certain aspects of it.
And even more creepy when you do.
Depends. Most creepiness comes from the unknown, the things that might happen. But if you understand the country, know how things work and which real impact they have, the creepiness can disappear.
Care to share examples?
Not saying you're wrong, genuinely curious about specifics.
Not German, but a few things that have creeped me out about Germany's lack of privacy after hearing from people who live there are:
[edit: As pointed out by various commenters below, some of these might not be technically true, or have outs, such as being able to go back home to show your ID. My hypothesis is that common official workflows lead to these perceptions from the outside, e.g. As a foreigner in a country, if an official asks you "Where is your anmeldung?", you are not very likely to challenge them back and say "Actually, it's not required, please use the workflow that allows for absence of one."]
- You have to register your current address with the local authorities (anmeldung) after moving into a new place. By itself this seems fine, but it also seems to bea prerequisite for a lot of life necessities like getting health insurance and a mobile phone number.
- If you are in Germany and run a website, you need to have an Impressum on your website that states your address. So you are pretty much auto-doxxed every time you decide to maintain a personal website or blog. I am not sure how much this is enforced.
- There is a "Stop and Identify" law (Personalausweisgesetz) that requires you to be in possession of an identity document, and hand it over when asked to by any authorities, with substantial fines for noncompliance.
- From my own experience as a visitor, Wi-Fi portals always seem to have a great deal of personal data entry before you can get on the Internet. Apparently there were previously laws that put a great deal of liability on whoever ran a Wi-Fi network, which meant that businesses were naturally loathe to offer one.
It would be interesting to me as well to hear from Germans who grew up with these, and how they perceive their impact on privacy.
Laws 1-3 are pretty standard across central Europe and I don't think anyone really gives them a second thought (and make things in many cases easier - like anmeldung making sure that voter registration and other important correspondence finds its way to people automatically).
The one about carrying an ID card at all times is creepy, but it also shows how the concept of "privacy" is a very personal thing for which different people have different tresholds.
This is an ages-old hoax: You don't need to carry an ID card. If you don't carry one but a police officer requests you to identify yourself, they can decide to accompany you to the place you keep your ID card at (at home, for example).
> a lot of life necessities like getting health insurance and a mobile phone number.
For the mobile phone number you must identify yourself, the pretext is terror-prevention, not sure how true this really is. But usually they just check the passport, the address is not really relevant.
> If you are in Germany and run a website, you need to have an Impressum on your website that states your address.
You need an Impressum if you run a business, meaning you earn money with it. This could already be the case if you have ads. For a purely private site, an Impressum is unneccessary.
> There is a "Stop and Identify" law (Personalausweisgesetz) that requires you to be in possession of an identity document, and hand it over instantly when asked to by any authorities, with substantial fines for noncompliance.
This is a bit misleading. You need to be able to identify yourself, but not instantly. You can have your documents at home, and they either will ignore you, or drive you home, depending you their reasons and the moonphase, and so on.
German living in Germany
> - You have to register your current address with the local authorities (anmeldung) after moving into a new place.
Yeah. I do not see a problem with that. In fact, I like the idea of an identity being linked to a location, it makes scamming harder.
> - If you are in Germany and run a website, you need to have an Impressum on your website that states your address. So you are pretty much auto-doxxed every time you decide to maintain a personal website or blog. I am not sure how much this is enforced.
1. That is not entirely true: purely personal websites do not need an Impressum. 2. This is not enforced by the state, but by competitors (not having an Impressum is considered bad competitive practice). 3. The Impressum makes sense once you understand we treat websites like we treat newspapers (which have similar requirements), or flyers (which also have such requirements).
> - There is a "Stop and Identify" law (Personalausweisgesetz) that requires you to be in possession of an identity document, and hand it over instantly when asked to by any authorities, with substantial fines for noncompliance.
This is not true.
You must own an ID document (either a personal ID card, or a passport). Nowhere does it say you need to carry it around with you. When stopped, you can be held until your id can be verified (which takes about 5 minutes without an ID document, or 3 with one).
> - Wi-Fi portals always seem to have a great deal of personal data entry before you can get on the Internet. Apparently there were previously laws that put a great deal of liability on whoever ran a Wi-Fi network, which meant that businesses were naturally loathe to offer one.
Hm, whenever I am abroad (UK, France, Spain, Morocco), public WiFi seems to be a lot more restrictive and a lot more nosey than German public WiFi, so YMMV...
Some corrections so:
- you have to be able to identify yourself within 24 hours, usually at the nearest police station. As a matter of convenience, most people just carry their ID with them.
- registering your address also serves as registering for stuff like voting. As a matter of fact, you need some kind of address, wherever that is. Apparently you can register somewhat generically, e.g. digital nomads travelling in their vans ehich are registered in Germany, just don't ask me how
- most hosting companies offer generic impressum addresses for websites to avoid exactly that, I know because I used those. As soon as you run a company, the company address as well as the name of the managing director become public record. Again, ome can use a "letter box" address, say your tax advisor, as a work around.
You make it worse than it really is, and simultanously miss all the bad stuff going on...
> You make it worse than it really is, and simultanously miss all the bad stuff going on...
I am sure that I am making it seem worse than it is, which is why I asked for views from people who grew up with these laws. As a first-generation immigrant American, a lot of things that shock me about laws and culture in the US are quite natural to people who grew up here (the most obvious example being guns) -- so I'm sure that the case in Germany would be similar.
I am curious though, what do you view as "all the bad stuff going on" with regards to privacy?
The Bavarian police law, latest edition, comes to mind.
> - You have to register your current address with the local authorities (anmeldung) after moving into a new place. By itself this seems fine, but it also seems to bea prerequisite for a lot of life necessities like getting health insurance and a mobile phone number.
True. However, this is the case at least in CH and IT as well (in IT you will probably have also a visit from the local police to check that the place is up to some standards), I grow up thinking this was common in EU - isn't it?
> If you are in Germany and run a website, you need to have an Impressum on your website that states your address.
Kinda: if you run a _commercial_ website. My blog doesn't have my address.
> - There is a "Stop and Identify" law (Personalausweisgesetz) that requires you to be in possession of an identity document, and hand it over instantly when asked to by any authorities, with substantial fines for noncompliance.
There is no mandate to have the ID card with you in Germany. In Italy there is. You must provide your identity to the authority over request, but you can also have your ID at home.
> - Wi-Fi portals always seem to have a great deal of personal data entry before you can get on the Internet. Apparently there were previously laws that put a great deal of liability on whoever ran a Wi-Fi network, which meant that businesses were naturally loathe to offer one.
True and incredibly annoying. Things have slowly improved, but a lot still request too much data.
1) Since there is Freedom of Movement and no border checks in the European Union, the only way to determine where someone is actually resident is if they register it. Health Insurance is mandatory in Germany. I am would have thought an American health insurance provider would also want to know someone is actually resident in America before they signed them up.
2) Only for businesses. It seems pretty sensible to me that someone who is taking money in return for the future delivery of a product or service should have some legally watertight method of contact, and not just an e-mail address which might bounce, or a contact form. You also only have to identify the person who is willing to be the legal contact for the content, it doesn't have to be the actual owner/author.
3) As said by others, you only have to produce it later, not on the spot. In some countries the idea of a mandatory ID is anathema, but as I see it modern society is not really possible without proof of ID, and countries which insist on not issuing ID documents effectively end up with an poor unofficial substitute. In the US the driving license and SSN is effectively the mandatory form of ID, it just isn't very good at it since it wasn't designed to be one.
The registration to local administration has to do with taxes, voting, social security stuff, etc. Isn’t it the case everywhere? I lived in 3 different countries across Europe and Asia (and in Germany since a while now) and that has always been something I had to do. I’m not sure how else your local administration can do its job without knowing who live there.
Same with ID cards, you’re expected to always be able to prove your identity if asked by the police.
The impressum is only for businesses.
I don’t really see what that has to do with privacy laws.
There is no address registration in the UK, for instance. It works OK for most people. British people are very opposed to it or to ID cards, despite that fact that it being OK to live in there with no ID whatsoever makes it attractive for illegal immigrants, which they are also opposed to.
- You have to specifically register your address on a special list for voting purposes. If you don't, you can't vote.
- Payroll taxes are for almost all people done automatically and there is no benefit to doing an individual tax return. Your employer handles the tax communication and informs the tax authorities of your address.
- Property taxes get sent to the address, regardless of who lives there.
- The health service is not insurance based, all residents are automatically covered, so they don't need your contact details.
- For anything else(pension, driving license etc.) you have to notify them individually and if you don't, that's your problem. There are no restrictions like having to take the driving test in the city you live in.
Regarding the payroll taxes, that sounds more or less similar to what you have in Germany, but instead of the employer giving your address to the tax office, you register yourself to the local administration and provide your personal tax ID to the employer, and you’re taxed at the source. Effectively the result is the same, the government knows your address for administrative reasons.
So basically it's just bunch of extra work for everyone while also functioning as voter supression just like in US?
Seems like Germans do a good tradeoff.
Comment was deleted :(
You can start by pulling the thread on who runs Germanys' intelligence services ..
Who does? Sorry, but I can't really learn anything from such a vague reply.
The US' intelligence agencies do.
So looking at the history of (West) Germany post WW2 with the country entering NATO, significant US military presence and essentially being the border country to the Soviet block, I think it's reasonable that there is a veritable historical root for a significant US intelligence agency influence on the structure of Germany's intelligence service as well as lenient laws towards US intelligence services operating within Germany.
Not really surprising given the Cold War history in my book.
I also think it's credible that some of these close ties were kept way past "expiration", who likes to give up privileges, esp. as an intelligence service.
As a matter of fact though, looking at the long list of intelligence service scandals, there has been more and more light shed on these tricks by parliament and a free press since the 2010s [0].
Also, there was a law past in 2016 after the NSA revelations increasing control and limiting capabilities of the BND [1].
So while going back 30+ years I am inclined to go with your statement, I can't find objective evidence, hints, whatsoever, that this is still true.
With all that being said, as a German citizen, I'd much rather be allied with US intelligence services than Chinese or Russian ones.
Yes, it's a dragnet, yes it's a hassle to protect your privacy effectively, yes intelligence services are no lambs and always play by the books.
But let's not kid ourselves, both Germany and the US are pretty free countries for their citizens?
[0]: For example for a critical opinion of the NSA <> BND relationship, which is also being itself critized by other experts https://de.wikipedia.org/wiki/Globale_%C3%9Cberwachungs-_und...
[1]: https://de.wikipedia.org/wiki/Gesetz_zur_Ausland-Ausland-Fer...
>But let's not kid ourselves, both Germany and the US are pretty free countries for their citizens?
Julian Assange has entered the chat. Oh no, wait, he hasn't, because he's being chemically lobotomized by the very criminals whose crimes he revealed to the world ..
And your source for this statement is which Telegram group?
It seems the source sits on the management board of the BRD GmbH...
In all fairness, knowledge is power, and most people in government are in government because they want power. Invasion of privacy is the goal of most governments.
The Stasi did not vaporize in 1990
Kinda, but I would say that the Stasi were so reviled by the German population that the reaction by the latter against the former is why Germany tends away from the surveillance common in e.g. the UK.
I think it's fairer to say that the German population is opposed to the idea of surveillance, especially when it happens in public. It's also worth pointing out that "opposition" in this case is extremely tame. The most intense and prolonged protests (not counting the recurring riots surrounding events like G20 or the yearly Mayday protests) Germany has seen in recent history were over COVID measures and even those were pretty mild and didn't do anything. Germans like to complain, but protests usually just fizzle out or lead to delays at best.
I think even interest in privacy is waning. Ever since companies have been dragging their heels and making users run through (often outright illegal) cookie consent popups I've been hearing people complain more about privacy protections than about privacy abuses. The attempts to portray these laws as "red tape" have been very effective.
And your source for that is?
Its members and their knowledge lived on for another day, another chance.
None of the fromer Stasi agents got any job in Government, by virtue of being communists. Feel free to provide proof to the contrary. Most did go to private industry so.
Edit: In fact, post WW2 German intelligence started as "Organisation Gehlen", as in Gehlen, former head of Fremde Heere Ost of the Wehrmacht (none of the anti-Nazi Abwehr people). Quite an ibteresting choice, picking a Nazi intel officer that was wrong basically all the time to head the new German intelligence service. To be fair so, the Russians staffed the East German coubterparts with former Gestapo and Abwehr people as well.
What has a "German copyright cease and desist" to do with privacy, or the lack of privacy? And who is "them"? A few sources and details instead of just ranting would be useful.
If I recall correctly, some of these "cease and desist" cases involved tricking people into sharing specific copyrighted material, then asking the internet providers to identify users who violated copyright, and sending them cease an desist letters together with an invoice (which seems to be peculiarity of the German legal system).
If people had stronger privacy, these sorts of things wouldn't work.
[flagged]
Hi there, could you be more specific, or could you provide any sources related to your claims?
Not him, but what I assume he's referring to is the usual cases in Germany where if you torrent a book, a movie, or an mp3 without a VPN, you'll instantly be served a threatening letter from the likes of GEMA, Axel-Springer, or some independent law firm who have your info from your ISP who tracks you, and they'll ask you to pay a fine for your illegal copyright violation or they'll threaten to take you to court on behalf of the film & record companies, where some 80 year old boomer judge who doesn't understand how the internet works, will instantly side with Axel-Springer because they're an old, big, rich, respected German corporation with reputable lawyers who have a history with the judge, and you're not.
Reddit is chock full of expats in Germany who got burned by this. And also the locals, but rare because they know how the system works.
In Germany it's difficult to defend yourself in court against copyright bullying from big corporations if you don't have deep pockets for a top lawyer, as there's no jury trials, nor double jeopardy, like in the US, so you're at the mercy of a major corporation with unlimited money and an old judge who has read about the internet in the newspaper, so people will instantly fold and stop what they're doing and pay whatever bullshit fine they're issued even when they do nothing illegal because paying the fine is cheaper than battling in court.
Honestly, Americans take for granted some of the freedoms they have online and in their justice system.
Look up the case of Axel-Springer suing the company that created AdBlock. Luckily Axel lost the first round[1], but it's scary how bold these companies are in Germany as many private individuals don't have the means to defend themselves in curt against such an entity.
[1] https://digiday.com/media/axel-springer-reinvigorates-legal-...
> Honestly, Americans take for granted some of the freedoms they have in their justice system.
Torrenting is a weird example to argue, but I definitely agree with the quoted sentiment. Americans tend to (perhaps justly) complain about the costs of standing up to big corporations (or the government) in courts, but in continental Europe there is absolutely no option to have a case against a corporation judged solely on its merits as the judge will be immensely biased to favour the larger, more "respected" entity.
> but in continental Europe there is absolutely no option to have a case against a corporation judged solely on its merits as the judge will be immensely biased to favour the larger, more "respected" entity.
Your sweeping generalization is especially ironic here, as the parent finished their comment with the example of Axel Springer losing to AdBlock plus...
>the example of Axel Springer losing to AdBlock plus...
Because AdBlock is a company who luckily had the means to defend themselves in court. Small time individuals don't have that luxury, so the likes of Axel-Springer will use their massive war-chest for lobbying and to abuse the copyright system again and again until they get their way. Even if they're in the wrong and they end up loosing a court battle, it's still a very powerful intimidation tactic.
Look up newer articles. Axel-Springer was still pushing for the AdBlock ban in 2022 and lobbying for it despite loosing a court battle. They're playing the long game.
So from comment to comment, you're changing your focus.
That's not really a fair debate.
Parent's author, whom I quoted, did not focus on copyright cases as you did and do in this comment.
Hence I called him out on his generalization.
Now you are going back to "small time individuals" in the context of copyright and how that seems to be an unfair system to you.
I won't debate the merits or unfairness of copyright.
I just disagree with the general notion that all of continental Europe is a corporation paradise and all citizens are oppressed and all judges rule with corps.
It's frankly ridiculous.
As a sibling comment said, you're completely ignoring that torrenting a movie, a book, or any other copyright-protected media is plain and simply illegal. You may not like having to pay for stuff, but that's how the economy works.
If you break those laws, it's not really the judges fault, but yours? In Germany you can at least expect a fair trial that isn't overturned by the lawyer that is better at manipulating the jury's emotions...
> In Germany you can at least expect a fair trial that isn't overturned by the lawyer that is better at manipulating the jury's emotions.
Man, I'd love to see the first jury that sides with the evil megacorp and not the 19 year old who downloaded an mp3, like every member of the jury who had a childhood. I'd pay to see that.
Sounds like my experience in the US. I haven't had the desire to pirate anything since the rise of streaming, but there was a time where getting "caught" was never a concern. Then around 2010 I think, you would get a threatening letter from your ISP saying they would ban you from their service, which included the content you downloaded. Considering the monopoly these ISPs have on their service areas that effectively meant a total ban from internet access.
This is the wrong example. The fact is that there is a whole industry in Germany that whose only purpose is to find out something illegal you did and then sue you doesn't change the fact that piracy is still illegal in Germany.
According to German, and many other law systems, piracy is stealing, it's just that in Germany they are enforcing it strictly thanks to those private firms.
There's no such thing as "downloading an mp3 or a book" by an accident. You know that you are downloading something illegally.
And that 80-year-old judge understands something you don't, that the internet is a neutral medium which doesn't make local laws void just because "you downloaded it from the internet".
> There's no such thing as "downloading an mp3 or a book" by an accident
Dude, you can install software fully hijacking your device by clicking or tapping a link. You have mobile and computer operating systems by default displaying "news" with links to ads and scams.
"It really isn't my fault Mr. judge, this evil virus downloaded the second volume of 50 Shades of Grey totally against my will!"
Are you actually being serious?
Yes you get it! The humiliation factor. If it's related to sexuality, the victim can be pushed and squashed even further. One doesn't even have to download the movie, it's enough to share 32kb of it!
For what it's worth, a recent court opinion suggests that the Schufa credit score may be in violation of EU law.
Do you have a source? That would be fantastic
It seems to be an expert witness assessment in the active course case, not the opinion of the court itself, apparently, but the reporting here and elsewhere seems optimistic: https://www.t-online.de/finanzen/ratgeber/verbraucher/id_100...
Schufa already had to cut their storage duration for data regarding private bankruptcy so there's definitely blood in the water.
Not a big change. Schufa uses data from the last [period], court said [shorter period]. I don't recall the details of the two periods.
That sounds like complete bullshit. Why would the German government bully you? And if it was some random German lawyers (which it sounds like) what does that have to do with anything related to this article?
> After experiencing first-hand German copyright case and desist bullying
So you got caught pirating content? How is that an argument for or against anything or proof of anything?
but what would Schufa have to do with it?
Guessing: GP did something, lost a copyright case in court, had to pay, didn't pay, and that's a "did not pay debts" entry in the Schufa database.
Double negative. Ticked the "bugger off" answer to the yellow envelope and Schufa simply infinitely pisses me off. With omnipresent requirement for Schufa report and how they upsell their useless predatory subscriptions on attempt to obtain the free report.
[flagged]
TV license is basically just another tax, right?
And what do you mean by the second part? As far as I understand private data in Germany is _very_ private, or it would be a violation of the "Datenschutz" (data protection) laws.
> TV license is basically just another tax, right?
Technically it's not, which is why there is private company collecting it.
> As far as I understand private data in Germany is _very_ private, or it would be a violation of the "Datenschutz" (data protection) laws.
Yes and no. The company is infamous for doing sketchy things, buying addresses here and there, including getting them from public sources, and this is not even illegal to some degree.
> Technically it's not, which is why there is private company collecting it.
Technically it is a "öffentlich-rechtliche, nicht rechtsfähige Gemeinschaftseinrichtung", and not a private company.
You register at Meldebehörde, the letter from Rundfunkbeitrag arrives. Then another one. Increasingly apeshit letters. To every person in the household.
Calling public media cunts already gives me an idea what kind of person you are.
Rundfunkbeitrag has to be paid by every household by law and is meant to ensure independent reporting by the public media, especially independent from political parties or corporations.
We can argue how well this works in Germany, but there are quite a lot of examples around the world where it's way worse.
https://www.rundfunkbeitrag.de/datenschutz/datenschutz_beim_...
There are laws that govern this. It's not some shady business.
Well... that's kind of the deal with public broadcast fees in Germany. I also think the way it's collected is pretty weird, but that doesn't make the Rundfunkbeitrag a bad thing in general.
You seem to be rambling about a lot of different things here, conflating some of them entirely unrelated to privacy laws: If you get caught torrenting a torrent poisoned by a private law firm, that hasn't got anything to do with German legislation. Schufa, on the other hand, claims to operate under existing DSGVO/GDPR law (even though that may be invalidated eventually); and other than the Rundfunkbeitrag, I'm not aware of any data sharing between the Meldebehörde and "public media", whoever that is.
[flagged]
"I got caught doing illegal things" is not really an argument. You can argue that piracy shouldn't be illegal but the fact that you got caught doing it isn't at all an argument against anything.
They only go apeshit on the owner of the internet subscription, they don't catch anyone on doing anything.
I still don't understand what you're getting at? If you get into a speed trap they also contact the person who registered the car, not the person driving. I don't see how this is any indication of hypocrisy here.
Yes I would download a car. I would download it so hard that the connection would turn red and swollen.
This is basically just someone either misunderstanding how the German government works, or deliberately misleading.
A committee of the parliament held a hearing where the invited experts said that it's a bad idea.
That's it. Parliament didn't vote on it. The government didn't publish a guideline that they'll oppose EU decisions.
Please stop upvoting this stuff. It's content marketing that pretends "experts say" means "Germany opposes".
It should be noted that Tutanota is a German-based encrypted communications company. I fully believe that they stand behind privacy and other such values, but they're not exactly a neutral party here.
If Germany would get the image of being a privacy hellscape, their business could get in trouble.
The best source on all things digital privacy in Germany (and possibly the EU dealings) is Netzpolitik.org: https://netzpolitik.org/tag/client-side-scanning/
They're independent journalists, no product other than info and have been at this for over a decade.
CCC is another extremely informed one.
Great to see some opposition on this issue. As a swede, I have been baffled by the silence from Swedish media about this. Mullvad VPN has been bringing up this issue a lot, most notably in the swedish newspaper SvD [1], but also by advertisements in the Stockholm subway, but that's about it. Understandably the ongoing NATO process takes up a lot of headlines, but most of the other headlines are just about murders, unfortunately.
[1]: https://www.svd.se/a/76mlxW/jan-jonsson-stoppa-forslaget-om-...
"For the safety of our children" has been the rationale behind some of the most horrific crimes humans against humanity.
A lot of that mass surveillance stuff deems from an inability or unwillingness of police forces to do human intelligence work.
It is much easier to cast a broad net and become a surveillance state than do traditional police leg work.
Аnd also, power is addictive, and investigators are not immune to this.
nice article. great to see them fight surveillance
Germany already spies on its citizens on a larger scale than what EU proposes
It's a bit complicated.
Germany still has living memory of the DDR and Stasi, and the revelation of their extensive surveillance is very much a culturally formative event in Germany and its sphere of influence.
Gestapo, DDR, Stasi and ALG II/Hartz4 ;)
Germany's intelligence services answer to the CIA. They do not answer to the German people or their representatives.
You keep claiming that. And it is plain wrong.
Any credible references?
You are going back in time, to the origins of the BND, post WW2 and into the Cold War.
Does it seriously surprise you that Germany as the aggresor that lost the war, became a border country to the Soviet block with a large US military presence was influenced by the CIA or other US intelligence services?
It does not surprise me to the least.
I don't think your argument is particularly strong though if all you present to make your point are well documented historic facts going back 50-70 years.
You're missing a whole lot between those times and today.
Last reference to the CIA in your first link is that the German gov. expelled several high ranking CIA officers post the mid 2010s NSA leaks.
So where are you deriving the notion from that, today, the CIA controls the BND?
Give us facts, posts, experts, discussions, anything. And recent.
Not just an opinion.
Follow the money:
https://www.cia.gov/readingroom/docs/CIA%20AND%20THE%20ORIGI...
There's a lot more weird shit, like the Rosenholz files mysteriously ending up with the CIA.
GDPR is basically the German privacy law, EU-ified.
IIRC GDPR is even weaker than the German law. EU-regulations usually only define the lower ceiling, and it's up to countries to go with it, or improve it even further.
Germany already intercepts and decrypts all private messages?
Source: "trust me bro"
Might be unrelated, but there is one that could pass as conspiracy theory, well-sourced.
This is a 30 year old story?
How is this relevant at all?
> On 11 February 2020, The Washington Post, ZDF and SRF revealed that Crypto AG was secretly owned by the CIA in a highly classified partnership with West German intelligence
It was defunct on 2018. That is not 30 years ago.
User telmo wanted a source for spying on citizens. I provided an example of that. It is not exactly what he asked for, but it is not nothing.
> The company was secretly purchased for US $5.75 million and jointly owned by the American Central Intelligence Agency (CIA) and West German Federal Intelligence Service (BND) from 1970 until about 1993, with the CIA continuing as sole owner until about 2018.
Literally the second sentence of the link you posted.
So no relevance in the context of Germany and BND.
Fair enough. Germany's BND involvement ended in 1993 it seems. Not so relevant anymore.
tell more
We live in a dangerous and scary world, give me more power and I will take away your fears. Don't take the bait.
'twas 'bout time some large country from the EU opposed this crap.
Like they need to break the encryption to snoop in...
come on...
Crafted by Rajat
Source Code