Hello. Is there anyone here who could help me with bringing my hackers before the Justice?

As text says, I would like to see a site like this, where there are many topics represented, with a wide variety of users, and which follows GDPR so I can control how much data they retain about me or what others can see about me.

If you don't know, reddit has in the past "undeleted" the posts of some people who deleted their posts in protest at reddit policies, and it's impossible to know what data they're tracking about you so I don't think they are GDPR compliant.

As mentioned in the title, here is a template I found for Belgian and or Dutch citizens to contact their MEPs and make them understand that mass surveillance is never the answer.

https://docs.google.com/document/d/16pvU5OKQnZ_foW7SU5M0cY0ntF_Y13zc04zcfOyly6g/edit

If you're Dutch or from any other European country, you can find your members of parliament and their email address here:

https://www.europarl.europa.eu/meps/en/home

and use this version adapted into English to email your MEPs:

https://docs.google.com/document/d/1E_XG99nk0mMXi7CPo3wJSeZvvGvE92VynVelUUu0X68/edit#heading=h.9w6bfe2mz6lh

STAND UP FOR YOUR RIGHTS!

On Wednesday the EU council will vote on Chat Control and it would be great if people especially from France wrote a letter (eMail) to their Permanent Representatives Committee: https://op.europa.eu/en/web/who-is-who/organization/-/organization/COREPER/

Original post on Mastodon: https://chaos.social/@quincy/112630111659090465

Hi all,

So, I just recently discovered what a Browser Fingerprint actually is.

I don't know if anyone can answer this:

If I used an account in let's say 2017, used my email address etc, but deleted that account. Then in 2018 I made a new account, on the same device, but different email address, would the browser fingerprint be the same?

Now the website say that they delete email address and all that data when you delete your account.

Also, if you had multiple accounts, but deleted them, would they be able to like search their database for a browser fingerprint to tie them all to one person?

Thanks!

So I know GA collects data like browser info, device info, geolocation etc.
Let's say a website or app, like Discord or Reddit uses GA to collect this information, and a user has multiple different profiles, can they tell, if they looked at the data, that it's all the same person?
Or does it not work like that?
As GA say that it does not create user profiles, just collects data to show how users are interacting with the site/app.
Thanks!

Hello,

I was looking for a Signal alternative, and saw in this spreadsheet

https://docs.google.com/spreadsheets/d/14r1sLT0SSU2kKFlsi7BWGj65zPdcC4x-LfjAoKUQxNA/edit#gid=0

That Skred might be a viable option. I did find one user on Reddit saying:

"It looks sketchy at best.Claims that the encryption used is open sourced... So not the whole application then I assume. No link on their site to any source code. Would not use personally."

And indeed I couldn't find a link to the source code, I checked in GitHub.

So it's not actually open source? The app description mentions:

"All exchanges are encrypted from start to finish, from mobile to mobile. They are not stored on any server. The encryption technologies are open source and based on the work of hackers and hacktivists of the Guardian Project

Skred originated from the Skyrock Group, which in turn came from the free radio movement in France. It defends the freedom of expression on the air and on the internet. With Skred, you are free!"

Would you trust it?

Thanks.

Alexey Pertsev, one of the developers of Tornado Cash, was convicted after being arrested in 2022. According to Dutch judges, the developer is guilty of facilitating money laundering through the development of the Tornado Cash software.

Tornado Cash provides the technical capability to hide the act of money laundering, and therefore, in the Court's opinion, Tornado Cash cannot be seen as a mere tool for the user (but isn't that the very definition of a tool?).

This argument is extremely bold, especially considering that in the European Union, as well as in the United States, laws are in place specifically designed to exclude any liability for telecommunications and hosting service providers for the content that passes through their platforms.

If it applies to platforms and communication services that HAVE control over the information, it should apply even more so to a service like Tornado Cash, which does NOT have control over the same.

Due to the way Tornado Cash was designed and built, there is no other option — say the judges — but to consider its creators as accomplices in money laundering activities.

It follows, therefore, that if this argument prevails, anyone who develops privacy tools will be guilty of knowingly aiding criminals who use them. At the same time, anyone who chooses to use these tools will be considered a potential criminal.

More on this week's article here (it's free to read).

Many people believe that the European Union is a happy oasis where one can move freely without any limits.

But if we look at some new laws, we get a very different picture, describing instead an increasingly pervasive and systematic physical surveillance system ready to follow our every step within the European borders.

There are two main areas where the European Union operates this surveillance: air transport within the EU borders and the new Entry/Exit system, which mostly concerns those coming from outside the EU.

It all starts with the Passenger Name Record (PNR), the passenger code to which all data related to air travel and more are linked (including hotel and car rental information if applicable).

The PNR became a surveillance tool with the EU Directive 2016/681, which regulates the use of booking code data (PNR) for the purposes of prevention, detection, investigation, and prosecution of terrorist offenses and serious crimes.

This surveillance does not only apply to those already suspected but to anyone, as also stated by the legislator:

Such controls are developed through the analysis of the information that each passenger provides to air carriers when booking the flight. It is a particularly extensive set of data that allows for significant analysis activities, at the outcome of which individuals who are not necessarily already known to the authorities may be identified but, due to the characteristics of the journeys made, appear worthy of further investigation for terrorism and other serious forms of crime...

More on the topic here, if you want to know more. I write weekly about such topics in my newsletter. It's free to subscribe!

A leaked documentation shows that the Council intends to leverage the Chatcontrol regulation to create a sort of scoring system for online services and platforms. Privacy friendly platforms and services that enable users to be anonymous or pseudoanonymous, or that even offer end-to-end encrypted communications by default will score lower and therefore will be considered high risk. This is a quote directly taken from the documentation:

If a privacy-friendly platform cannot or does not collect data on users (to monitor their behavior or metadata), it will score worse. Services through which users “predominantly engage in public communication” (i.e. instead of private chats) will score better and thus be less likely to receive detection orders.

[...] Making design choices such as ensuring that E2EE is opt-in by default, rather than opt-out would require people to choose E2EE should they wish to use it, therefore allowing certain detection technologies to work for communication between users that have not opted in to E2EE.

This obviously goes against any "privacy by design" principle but of course governments have been fighting privacy and encryption for more than 30 years now and it doesn't come at a surprise. Of course data protection laws like the GDPR won't protect europeans.

These are the attacks with which, little by little, governments count on demoralizing entrepreneurs and users, leading them to voluntarily give up any “privacy enhancing” technology, for fear of reprisals.

I write about privacy and mass surveillance weekly on my newsletter. Follow me and subscribe (it's free) if you want to delve deep into the global crypto war!

Hello everyone,

I'm currently working on my master's thesis in Law and I'm in the process of narrowing down potential research questions. My area of interest is European regulation concerning data protection, AI, and medical devices (GDPR, AIA, MDR, respectively) in its interconnection with neurotechnology for medical and non-medical purposes, and I was hoping to explore something that hasn't been extensively studied yet.

If anyone has any suggestions or ideas for a research question, I would greatly appreciate your input! Feel free to share any topics you think are interesting or gaps in the current research that could be explored further.

Thanks in advance for your help!