[THREAD] Will be updated until the law is passed[Status, 9th May]: Waiting on the Publication and Evaluation of the consultation results
-
[THREAD] Will be updated until the law is passed
[Status, 9th May]: Waiting on the Publication and Evaluation of the consultation results.
As it is not a new law, but an update of an existing Federal law, the process is shorter and it doesn't have to pass through the parliament. The Federal Council will decide about the next steps.An update of the surveillance law in Switzerland is currently being discussed.
In the proposed text, content and end-to-end encryption are *explicitly* excluded from surveillance.
They want to go after metadata, being able to identify users of the different services and have better real-time capabilities.
We'll see how this evolves and how the final proposal will look like in the coming months. -
[THREAD] Will be updated until the law is passed
[Status, 9th May]: Waiting on the Publication and Evaluation of the consultation results.
As it is not a new law, but an update of an existing Federal law, the process is shorter and it doesn't have to pass through the parliament. The Federal Council will decide about the next steps.An update of the surveillance law in Switzerland is currently being discussed.
In the proposed text, content and end-to-end encryption are *explicitly* excluded from surveillance.
They want to go after metadata, being able to identify users of the different services and have better real-time capabilities.
We'll see how this evolves and how the final proposal will look like in the coming months.Adding this post under the thread.
-
Adding this post under the thread.
A lot of discussions are happening regarding the proposal to adapt/update the existing Swiss surveillance law, and that's a good thing.
Without going through the law's details, critics rightfully point to the following problematic aspects:
- economic:
-- increased financial and administrative burden (esp. for SMEs)
-- massive loss of competitiveness compared to countries without comparable laws
-- loss of business model for services mainly built around anonymity (Proton/Threema only marginaly impacted by this, IMO)
- legal: the proposal could conflict with existing laws setting limits to such "existing-laws-updates" (for example, a law update should not profoundly modify or extend the existing law + other technical/legal considerations) - if the proposal were implemented as is, its legality would likely be challenged in court
- privacy:
-- communication service providers would have to ID their users by requesting a copy of either a passport, id card, residence permit or driving license. (art. 20a).
Multiply this by the number of service providers and you quickly see the problem. Without a robust privacy preserving identification method, maybe such as a digital-ID (i.e. no PII hold by the providers), requesting service providers to ID their users, puts the whole population at risk of getting their personal information leaked. And this WILL happen, 100%. - excuse my french, but this is almost as fucking stupid as Chat Control.
-- (if I understand the proposal correctly) massive increase in volume and duration of storage of user metadata for services such as Proton and Threema (among others)We will soon see the results from the public consultation that ended a few days ago. But there's already been a lot of backlash, from the right to the left.
The good point of the proposal is the exclusion to access encrypted content. I can also live with having to provide an ID (Signal has my phone number, PM my CC) - as long as it's done securely and in a privacy preserving way.
IMO, the most problematic part of the proposal, is the non-targeted aspect and duration of storage of collected user metadata + the economic/admin burden on these service providers.
Should such communication service providers really be subjected to a similar level and breadth of surveillance as the network operators? This would be a serious hit to the privacy they offer now, with their minimal metadata collection.Let's see how it will move forward.
* I also believe that having to provide an ID to use online services is coming to other countries near you.
-
A lot of discussions are happening regarding the proposal to adapt/update the existing Swiss surveillance law, and that's a good thing.
Without going through the law's details, critics rightfully point to the following problematic aspects:
- economic:
-- increased financial and administrative burden (esp. for SMEs)
-- massive loss of competitiveness compared to countries without comparable laws
-- loss of business model for services mainly built around anonymity (Proton/Threema only marginaly impacted by this, IMO)
- legal: the proposal could conflict with existing laws setting limits to such "existing-laws-updates" (for example, a law update should not profoundly modify or extend the existing law + other technical/legal considerations) - if the proposal were implemented as is, its legality would likely be challenged in court
- privacy:
-- communication service providers would have to ID their users by requesting a copy of either a passport, id card, residence permit or driving license. (art. 20a).
Multiply this by the number of service providers and you quickly see the problem. Without a robust privacy preserving identification method, maybe such as a digital-ID (i.e. no PII hold by the providers), requesting service providers to ID their users, puts the whole population at risk of getting their personal information leaked. And this WILL happen, 100%. - excuse my french, but this is almost as fucking stupid as Chat Control.
-- (if I understand the proposal correctly) massive increase in volume and duration of storage of user metadata for services such as Proton and Threema (among others)We will soon see the results from the public consultation that ended a few days ago. But there's already been a lot of backlash, from the right to the left.
The good point of the proposal is the exclusion to access encrypted content. I can also live with having to provide an ID (Signal has my phone number, PM my CC) - as long as it's done securely and in a privacy preserving way.
IMO, the most problematic part of the proposal, is the non-targeted aspect and duration of storage of collected user metadata + the economic/admin burden on these service providers.
Should such communication service providers really be subjected to a similar level and breadth of surveillance as the network operators? This would be a serious hit to the privacy they offer now, with their minimal metadata collection.Let's see how it will move forward.
* I also believe that having to provide an ID to use online services is coming to other countries near you.
So #proton states that it is divesting partially from #switzerland (for #germany and #norway) due to the uncertainties related to the proposed update on the surveillance law.
The current status is: the gov is reviewing the comments on the proposed text. All Cantons support it (few express some reservations), while it was massively and very strongly rejected by economic circles and civil society.
It's a smart move to put some heat on the gov, shortly before meeting with the justice minister.
-
So #proton states that it is divesting partially from #switzerland (for #germany and #norway) due to the uncertainties related to the proposed update on the surveillance law.
The current status is: the gov is reviewing the comments on the proposed text. All Cantons support it (few express some reservations), while it was massively and very strongly rejected by economic circles and civil society.
It's a smart move to put some heat on the gov, shortly before meeting with the justice minister.
Talked to a politician of the National Council who is strongly involved in digitalisation questions. They expect that the proposed revision of the surveillance law will be dropped.
-
R AodeRelay shared this topic
