The report you're referring to by the European Commission [1] shows that the mass surveillance of Chat Control 1.0 is probably not very proportional. They even note themselves that "The available data are insufficient to provide a definitive answer to this question".
However, the "13-20%" that you're quoting is a dishonest propaganda number itself. It's the false positive rate that a single small company (Yubo) reported. The reported false positive rates of other companies are between 0.32% and 1.5%, which is still a high error rate in absolute numbers.
Just to be clear: the report itself is full of uncertainty, convenient half truths and false causality. They for example completely rely on Big Tech platforms themselves to count false positives when a moderation decision was reversed. Microsoft apparently even claims that no user ever appealed against a decision ("No appeals reported"). There is no independent investigation into the effectiveness of the regulation at all, while it is in direct conflict with fundamental rights and required to be proportional to its goals.
The section about "children identified" is also a complete mess where most countries can't even report the most basic data, and it isn't clear if mass surveillance contributed anything to new cases at all. But somehow they still conclude "voluntary reporting in line with this Regulation appears to make a significant contribution to the protection of a large number of children", which seems extremely baseless.
So just a recap of what happened between the European Commission and the European Parliament and why the regulation has expired (it's a long story, I'm probably missing many nuances):
- In 2021 the European Parliament voted in favor of a temporary regulation that allowed companies to (i.e. voluntarily) scan private communications. Let's call it Chat Control 1.0. They chose to enact this because US companies were already scanning private messages in violation of the ePrivacy Directive which had come into force in the previous year. Instead of enforcing this directive, they chose to (temporarily) legalize the scanning of private messages while preparing more permanent legislation.
- In 2024 Chat Control 1.0 was extended for another 2 years. An amendment was adopted that explicitly noted that after this time "[the regulation] shall lapse permanently".
- From 2022 to 2025 the European Commission (together with member states) has proposed mandatory scanning, later updated with a proposal for client-side scanning (defeating end to end encryption), AI classification of image and text content, age verification and a lot of other invasive measures. This is what is known as Chat Control 2.0. The European Parliament has again and again voted against this proposal.
- In 2025/2026 the European Commission finally (temporarily) backed down from Chat Control 2.0 and instead proposed to extend Chat Control 1.0 for another 2 years, but has completely failed to negotiate with parliament to adopt a text that explicitly puts fundamental rights up front, something that a majority of the European Parliament had asked for since 2021.
- In response to this, the Civil Liberties Committee of the European Parliament tabled amendments [1] that explicitly limits the regulation to the subject matter and prevents it from being used to weaken end-to-end encryption. Many of these amendments were adopted.
- Consequently, many conservative members of the European Parliament voted down the entire extension of the regulation. They apparently felt that it was better to let the regulation expire so that they gain more negotiation power to adopt a version of the regulation that the has less safeguards or contains measures like in Chat Control 2.0.
I think your recap is missing a pretty large step at the very beginning, which is that AFAIR, the EU Parliament put together this temporary regulation to a posteriori allow the scanning that was already being done, outside of the law, by those US companies on EU citizen messages ; and the temporary regulation was put in place until a proper framework could be agreed upon.
Yes indeed, thanks for the correction. It has been a complex story, and I already forgot that chapter. I edited it into my post (also modified a wrong date of the first derogation), although I'm probably missing more nuances.
Basically the EU had voluntary scanning, but that wasn't enough for "child safety" idiots who wanted to spy on everyone, all the time. They got greedy and tried to go full authoritarian by targeting encrypted messaging. The resulting backlash has resulted in these wannabe authoritarians having nothing, which is pretty funny.
It also seems conceptually wrong to refer to a process of ordering and cleaning up notebook facts as 'dreaming'. If I collect and clean up my notes of the day, that's a very conscious task. Actually dreaming seems more analogous to a training or fine-tuning step where you modify the model weights.
(while hallucinating the events of the day in a very weird way; it would be fun to 'wake up' the agent in the middle of such a session and commit the 'dream' to a notebook again)
I use Big-AGI [1] as selfhosted open source LLM workspace, and it's quite telling that when adding API keys for Anthropic, it presents a note inbetween reading "Experiencing Issues? Check Anthropic status" that it doesn't for any other model provider.
> OpenCloud is the "open-source" fork but they are already in legal trouble with OwnCloud due to industrial espionage claims.
Can you expand on this or source this? I'm quite interested in OpenCloud, and haven't heard anything about this. I searched for a few keywords (espionage, legal, lawsuit), which only lands your comment on top.
They seem to avoid openly discussing and comparing products to avoid further action. Apparently some of the former members of OwnCloud have switched to Heinlein (the maker of OpenCloud) and Kiteworks isn't happy about this.
I briefly scanned the paper. The above summary is garbage.
For a biologist, a summary might be like this: pcr fragments are generated with short reverse complementary sequences added to the end of one fragment that match that at the begining of the next to-be-joined fragment.
These will anneal to create a cross-shaped DNA molecule. The short arms of the cross being the complementary sequences. Like so:
======∥=====
The short arms can then be processed-off to leave behind the now-longer fragment. The process can be repeated using different reverse complementary sequences between each fragment, the "page numbers" referred to.
So do the complementary sequences naturally bind to their neighbors? So you just mix the “pages” in a soup for a while until they all find their friends. And then the custom enzyme (or what is it) just slices off the three way junctions?
"...You are licensed to use the source code in Admin Tools and Configuration Files (server/templates/, server/i18n/,
server/public/, webapp/ and all subdirectories thereof) under the Apache License v2.0...."
The counterpoint is that three sentences away, there's a clear "You are licensed to use the source code" for the non-server parts. It can certainly be argued that there's an intentional difference. Extended court cases have been fought over mere punctuation. In any case, the FUD that this creates is enough to make anyone think twice about reusing the server code, especially as they have refused to clarify for many years now.
Also, the ambiguity is not only in the "you may be" part, but also in the "to create compiled versions" part. Open source is more than creating compiled versions of source code.
You may be licensed to use source code to create compiled versions not produced by Mattermost, Inc. in one of two ways:
1. Under the Free Software Foundation’s GNU AGPL v3.0, subject to the exceptions outlined in this policy; or
2. Under a commercial license available from Mattermost, Inc. by contacting commercial@mattermost.com
My read:
We provide you with two options, either:
1. Follow Apache License
2. Pay us and you don't need to follow Apache License terms
This really seems like a dual license situation where they are saying "Let's encourage Open Source, but if you want to just use our work to make yourself rich and not even acknowledge you're using us then fuck you, pay us."
I expect this to become more common as companies routinely infringe on OSS licenses while simultaneously many companies are hesitant to use OSS because of licenses. This at least gives an out for the good actors and allow devs to make money (other than being reliant on donations, because... that's worked out...).
But maybe I'm misunderstanding? If so, I don't know what I'm missing
> But maybe I'm misunderstanding? If so, I don't know what I'm missing
You're apparently missing the two points I made in the post you are replying to, or at the very least you're not responding to them. By which I don't mean to say they are necessarily valid points.
My bad, I was confused given the context of the comment you responded to. Maybe I should quote the next line instead?
You are licensed to use the source code in Admin Tools and Configuration Files (server/templates/, server/i18n/, server/public/, webapp/ and all subdirectories thereof) under the Apache License v2.0.
So I read
Apache (OSS):
|- server/
| |- i18n/
| |- public/
| |- templates/
|- webapp/
Not Apache (pay us/not OSS):
|- api/
|- e2e-tests/
|- server/
| |- bin/
| |- build/
| |- cmd/
| |- enterprise/
| |- scripts/
| |- Makefile
| |- path.go
| |- this is not a complete list but you get the point
|- tools/
Part of the code is open source. Part of the code is source available (source visible).
Again, I am open to misunderstanding but that's my read.
However, the "13-20%" that you're quoting is a dishonest propaganda number itself. It's the false positive rate that a single small company (Yubo) reported. The reported false positive rates of other companies are between 0.32% and 1.5%, which is still a high error rate in absolute numbers.
Just to be clear: the report itself is full of uncertainty, convenient half truths and false causality. They for example completely rely on Big Tech platforms themselves to count false positives when a moderation decision was reversed. Microsoft apparently even claims that no user ever appealed against a decision ("No appeals reported"). There is no independent investigation into the effectiveness of the regulation at all, while it is in direct conflict with fundamental rights and required to be proportional to its goals.
The section about "children identified" is also a complete mess where most countries can't even report the most basic data, and it isn't clear if mass surveillance contributed anything to new cases at all. But somehow they still conclude "voluntary reporting in line with this Regulation appears to make a significant contribution to the protection of a large number of children", which seems extremely baseless.
[1] https://www.europarl.europa.eu/RegData/docs_autres_instituti...
reply