Sunday, July 6, 2025

Polaris of Enlightenment

Loophole in Chat Control 2.0 compromises information security

Mass surveillance

Published 14 October 2023
– By Karl Emil Nikka
5 minute read

The controversial mass surveillance proposal, Chat Control 2.0, is plagued by several technical and information security-related issues. The biggest problem is the requirement that even end-to-end encrypted communication services be included. This requirement exists despite it being technically impossible for service providers to scan the contents of properly end-to-end encrypted conversations. It has always been this way, and it always will be.

The face of the mass surveillance proposal, EU Commissioner Ylva Johansson, initially believed that such scanning was possible (see for instance Many inaccuracies around Chat Control 2.0 in the ‘Aktuellt’ interview). She likened the process to how a drug-sniffing dog can sniff for drugs in closed bags. This analogy is completely incorrect because properly end-to-end encrypted conversations never leak any sniffable traces of their content. It doesn’t matter how advanced future scanning technology becomes because there are never any traces to scan (“sniff”) for.

Proponents of the proposal, therefore, want to bypass the function of end-to-end encryption by implementing a technology called client-side scanning. This means that service providers have to equip their apps with backdoors, allowing them to scan the content before it is sent (before it’s encrypted) and after it has been received (after it has been decrypted). This is the technology that the UN’s Human Rights Commissioner literally advises against, partly due to the dangers it poses for vulnerable children and adults in totalitarian states. (The imminent risk of data leaks and the obvious risk of self-censorship are two other reasons highlighted by the UN’s Human Rights Commissioner.)

The loophole in the definition

From a strictly technical perspective, client-side scanning could be implemented without either prohibiting end-to-end encryption or weakening the encryption. Technically speaking, the client-side scanning itself doesn’t affect the encryption. Client-side scanning merely causes the encryption to cease serving its purpose. With implemented client-side scanning, conversation participants continue to send messages end-to-end encrypted to each other, but both parties simultaneously have a spy looking over their shoulder, seeing everything they write and hearing everything they say.

This definitional loophole is now being exploited by several parties. The parties and their EU Parliamentarians claim that they want to allow end-to-end encryption, yet at the same time, they demand that the content in end-to-end encrypted services can be scanned. In this way, their permission of end-to-end encryption becomes irrelevant. This loophole argument was, incidentally, precisely what I feared when I expressed my skepticism in an interview with Dagens Nyheter at the end of April (see comment in Possible EU turnaround on chat control law – must not weaken encryption).

On our theme website, chatcontrol.se, we have a monitoring database with over 400 Swedish articles written about the proposal. I’ve reviewed these articles as well as the amendment proposals that Swedish parties’ EU Parliamentarians have put forward. Based on this, I’ve been able to identify which proposal advocates are trying to mislead the public by allowing end-to-end encryption while simultaneously demanding that end-to-end encryption be bypassed.

The Tidö agreement parties and the Green Party

The governing parties have presented a proposal for Sweden’s position in the Council of Ministers. The proposal contains the following text which paradoxically wants encrypted messages to be protected while also needing to be scanned:

A tracing order must ultimately be executed without being impeded by a service being encrypted, for example, through machine scanning before the message is encrypted and sent. At the same time, information security must not be jeopardized; encrypted messages should be protected against unauthorized access”.

(From an appendix to a document from the EU Committee 2023/24:4F1902, 2023-09-18)

In the European Parliament, neither the Moderates nor the Christian Democrats share the stance of the Swedish government. Both the Moderates and the Christian Democrats are clear that the function of end-to-end encryption must never be undermined. This is evident in amendment 389 signed by all EU Parliamentarians from the Moderates and the Christian Democrats (Arba Kokalari, Jessica Polfjärd, Tomas Tobé, Jörgen Warborn, David Lega, and Sara Skyttedal).

“End-to-end encryption is an essential tool to guarantee the security, privacy, and confidentiality of the communications between users, including those of children. Any weakening of the end-to-end encryption’s effect could potentially be abused by malicious third parties. Nothing in this Regulation should therefore be interpreted as prohibiting or compromising the integrity and confidentiality of end-to-end encrypted content and communications. As compromising the integrity of end-to-end encrypted content and communications shall be understood the processing of any data, that would compromise or put at risk the integrity and confidentiality of the aforementioned end-to-end encrypted content. Nothing in this regulation shall thus be interpreted as justifying client-side scanning with side-channel leaks or other measures by which the provider of a hosting service or a provider of interpersonal communication services provide third party actors access to the end-to-end encrypted content and communications”.

(Amendment 389, 2023-07-28)

The Sweden Democrats have not criticized the government’s line domestically. However, in the European Parliament, the Sweden Democrats have clarified that they are opposed to the proposal. SD Parliamentarian Johan Nissinen has signed the same amendment as the Moderates and the Christian Democrats (amendment 389).

The Green Party, which was previously opposed to the proposal, has now chosen to support the government’s line, even though the Green Party initially said they did not want to support “the parts that involve mandatory scanning of private communication as it is formulated in the Commission’s proposal right now” (2023-04-18). The change is evident from the minutes of the Justice Committee’s meeting on 2023-09-14 and is confirmed by Rasmus Ling in an interview with Syre (2023-09-22).

The Social Democrats

The Social Democrats in Sweden support the Presidency’s (Spain) compromise proposal. This is reflected in the minutes of the Justice Committee meeting on September 14, 2023.

In addition, in the European Parliament, three Socialist MEPs are trying to use the same loophole to advocate for scanning of end-to-end encrypted services without banning end-to-end encryption.

Heléne Fritzon and Carina Ohlsson first want to introduce an amendment to allow for end-to-end encryption. They want to add the following point to Article 10’s list of technologies and safeguards.

“[The technologies shall be] not able to prohibit or make end- to-end encryption impossible”.

(From Amendment 1161, 2023-07-28)

In the introductory recitals, they also stress, together with S-Parliamentarian Evin Incir, that nothing in the proposal should be interpreted as prohibiting full-spectrum encryption.

Nothing in this Regulation should therefore be interpreted as prohibiting end-to-end encryption or making it impossible.

(From Amendment 385, 2023-07-28)

However, Heléne Fritzon and Carina Ohlsson also want the following addition to Article 7 (Issuance of tracking orders).

For the scope of this Regulation and for the sole purpose to prevent and combat child sexual abuse, providers of interpersonal communications services shall be subjected to obligations to prevent, detect, report and remove online child sexual abuse on all their services, which may include as well those covered by end-to-end encryption, when there is a significant risk that their specific service.

(From Amendment 1049, 2023-07-28)

Other parties

The Left Party and the Center Party have, unlike the other parliamentary parties, chosen not to use the definitional loophole. Both the Left Party and the Center Party instead side with the children and distance themselves from the mass surveillance proposal that violates the Convention on the Rights of the Child.

 


This article is published under the CC BY 4.0 license, except for quotes and images where another photographer is indicated, from Nikka Systems.

The position of the Swedish parties

More information on the positions of all parties and MEPs can be found on the thematic website chatcontrol.se. The information on these positions is also updated on a weekly basis.

TNT is truly independent!

We don’t have a billionaire owner, and our unique reader-funded model keeps us free from political or corporate influence. This means we can fearlessly report the facts and shine a light on the misdeeds of those in power.

Consider a donation to keep our independent journalism running…

RFK Jr wants health trackers on every American within four years

Mass surveillance

Published 26 June 2025
– By Editorial Staff
"We think that wearables are a key to the MAHA agenda", Kennedy claims.
3 minute read

US Secretary of Health and Human Services Robert F. Kennedy Jr. has presented a plan for all Americans to wear body-monitoring technology that tracks their health in real time.

The measure is described as a crucial part of the national initiative MAHA – Make America Healthy Again – which aims to reverse America’s widespread public health crisis using modern technology.

During a hearing before the House Energy and Commerce Committee on Tuesday, Kennedy revealed that the Department of Health and Human Services (HHS) will launch one of its most extensive campaigns ever – to get Americans to wear so-called wearables, body-worn technology that collects health data around the clock.

– We’re about to launch the biggest advertising campaign in HHS history to encourage Americans to use wearables, Kennedy said.

Products mentioned in the initiative include FitBit, Oura Ring, and Apple Watch – popular devices that can measure heart rate, movement, sleep, and in some cases even blood glucose.

– It’s a way people can take control over their own health. They can take responsibility. They can see, as you know, what food is doing to their glucose levels, their heart rates, and a number of other metrics, as they eat it, he explained in a statement also published on the X platform.

“Key to the MAHA agenda”

Kennedy emphasized that he sees the technology as a crucial part of his vision:

– We think that wearables are a key to the MAHA agenda of making America healthy again and my vision is that every American is wearing a wearable in four years.

The Secretary, who belongs to the influential Kennedy family, often emphasizes individual responsibility for health but also links the issue to national security. During his Senate hearing, he described America’s obesity epidemic which now affects about 40 percent of the population as a threat to military readiness.

“Reduce global metabolic suffering”

One of the leading advocates for this type of technology is also President Trump’s nominee for Surgeon General, Dr. Casey Means. She is co-founder of Levels, a company that develops and sells Continuous Glucose Monitors (CGM) sensors attached directly to the skin that send blood glucose values to an app in real time.

Means claims in a blog post that “these small plastic discs” can “reduce global metabolic suffering” and provide much-needed help to the “93.2 percent of people” suffering from metabolic issues.

The food industry is also affected by MAHA. Kennedy recently revealed that Starbucks will make changes to its menu in line with the agenda – even though the company already avoids several common additives such as artificial colors, flavors, and high-fructose corn syrup.

Earlier this year, Kennedy implemented a ban on artificial colors in U.S. food production one of his first major interventions as Secretary. Critics have questioned both methods and priorities in the MAHA policy, but Kennedy sees it as a first step toward a healthier and more responsible nation.

Concerns about mass surveillance

The use of wearable health technology has raised questions about users’ right to privacy. Most health trackers collect large amounts of sensitive information including heart rate, sleep patterns, movement, and blood glucose levels stored in apps connected to companies.

Critics argue that there is a lack of clear transparency in how this data is used, shared, or sold, and that state-encouraged collection of health data risks blurring the line between voluntary health monitoring and systematic surveillance.

While Kennedy emphasizes voluntariness, some analysts warn that large-scale campaigns and technology adaptations by major companies may create indirect pressure to participate.

As more institutions such as employers, schools, or businesses adapt to health tracking, there is a risk that those who opt out may be seen as deviant, receive worse conditions, or be excluded from parts of society.

AI surveillance in Swedish workplaces sparks outrage

Mass surveillance

Published 4 June 2025
– By Editorial Staff
In practice, it is possible to analyze not only employees' productivity - but also their facial expressions, voices and emotions.
2 minute read

The rapid development of artificial intelligence has not only brought advantages – it has also created new opportunities for mass surveillance, both in society at large and in the workplace.

Even today, unscrupulous employers use AI to monitor and map every second of their employees’ working day in real time – a development that former Social Democratic politician Kari Parman warns against and calls for decisive action to combat.

In an opinion piece in the Stampen-owned newspaper GP, he argues that AI-based surveillance of employees poses a threat to staff privacy and calls on the trade union movement to take action against this development.

Parman paints a bleak picture of how AI is used to monitor employees in Swedish workplaces, where technology analyzes everything from voices and facial expressions to productivity and movement patterns – often without the employees’ knowledge or consent.

It’s a totalitarian control system – in capitalist packaging”, he writes, continuing:

There is something deeply disturbing about the idea that algorithms will analyze our voices, our facial expressions, our productivity – second by second – while we work”.

“It’s about power and control”

According to Parman, there is a significant risk that people in digital capitalism will be reduced to mere data points, giving employers disproportionate power over their employees.

He sees AI surveillance as more than just a technical issue and warns that this development undermines the Swedish model, which is based on balance and respect between employers and employees.

It’s about power. About control. About squeezing every last ounce of ‘efficiency’ out of people as if we were batteries”.

If trade unions fail to act, Parman believes, they risk becoming irrelevant in a working life where algorithms are taking over more and more of the decision-making.

To stop this trend, he lists several concrete demands. He wants to see a ban on AI-based individual surveillance in the workplace and urges unions to introduce conditions in collective agreements to review and approve new technology.

Kari Parman previously represented the Social Democrats in Gnosjö. Photo: Kari Parman/FB

“Reduced to an algorithm’s margin of error”

He also calls for training for safety representatives and members, as well as political regulations from the state.

No algorithm should have the right to analyze our performance, movements, or feelings”, he declares.

Parman emphasizes that AI surveillance not only threatens privacy but also creates a “psychological iron cage” where employees constantly feel watched, blurring the line between work and private life.

At the end of the article, the Social Democrat calls on the trade union movement to take responsibility and lead the resistance against the misuse of AI in the workplace.

He sees it as a crucial issue for the future of working life and human dignity at work.

If we don’t stand up now, we will be alone when it is our turn to be reduced to an algorithm’s margin of error”, he concludes.

Dutch opinion leader targeted by spy attack: “Someone is trying to intimidate me”

Mass surveillance

Published 1 May 2025
– By Editorial Staff
According to both Eva Vlaardingerbroek and Apple, it is likely that the opinion leader was attacked because of her views.
3 minute read

Dutch opinion maker and conservative activist Eva Vlaardingerbroek recently revealed that she had received an official warning from Apple that her iPhone had been subjected to a sophisticated attack – of the kind usually associated with advanced surveillance actors or intelligence services.

In a social media post, Vlaardingerbroek shared a screenshot of Apple’s warning and drew parallels to the Israeli spyware program Pegasus, which has been used to monitor diplomats, dissidents, and journalists, among others.

– Yesterday I got a verified threat notification from Apple stating they detected a mercenary spyware attack against my iPhone. We’re talking spyware like Pegasus.

– In the message they say that this targetted mercenary attack is probably happening because of ‘who I am and what I do’, she continues.

The term mercenary spyware is used by Apple to describe advanced surveillance technology, such as the notorious Pegasus software developed by the Israeli company NSO Group. This software can bypass mobile security systems, access calls, messages, emails, and even activate cameras or microphones without the user’s knowledge.

Prominent EU critic

Although Apple does not publicly comment on individual cases, the company has previously confirmed that such warnings are only sent when there is a “high probability” that the user has been specifically targeted. Since 2021, the notifications have mainly been sent to journalists, human rights activists, political dissidents, and officials at risk of surveillance by powerful interests.

Vlaardingerbroek has long been a prominent voice critical of the EU and has become known for her sharp criticism of EU institutions and its open-border immigration policy. She insists that the attack is likely politically motivated:

– I definitely dont know who did it. It could be anyone. This could be name a government that doesn’t like me. Name a organization that doesnt like me. Secret services, you name it.

– All I know for sure right now is that someone is trying to intimidate me. I have a message for them: It won’t work.

“There must be full transparency”

The use of Pegasus-like programs has been heavily criticized by both governments and privacy advocates. The tools, originally marketed for counterterrorism, have since been reported to be used against journalists and opposition leaders in dozens of countries.

In response, Apple sued NSO Group in 2021 and launched a system to warn users. However, the company claims that the threats are “rare” and not related to common malware.

The Vlaardingerbroek case is now raising questions about whether such technology is also being used in European domestic political conflicts, and the organization Access Now is calling on authorities in the Netherlands and at the EU level to investigate the attack.

– There must be full transparency. No one in a democratic society – regardless of political views – should be subjected to clandestine spying for expressing opinions or participating in public discourse, said a spokesperson.

Neither Apple nor the Dutch authorities have commented publicly on the case. Vlaardingerbroek says she has not yet seen any signs that data has actually been leaked, but has taken extra security measures.

Swedish government proposes wiretapping children without criminal suspicion

Mass surveillance

Published 1 May 2025
– By Editorial Staff
The government's own investigator proposed that only the Swedish Security Service (Säpo) should be allowed to eavesdrop on children without criminal suspicion - but this is not enough, according to the government.
2 minute read

Gang crime continues to plague Sweden, with recurring bombings, shootings and contract killings spreading fear in society, without those in power managing to get a grip on crime.

Criminal gangs often use minors to carry out serious crimes. For this reason, the Tidö parties (the center-right coalition government) want to give police the authority to wiretap children under the age of 15 – even in cases where there is no specific suspicion of a crime.

During a press conference the government stated that the social trend is bleak, that “serious crime is penetrating lower and lower down the age scale” and that children are increasingly “playing central roles in the commission of serious crimes“.

Currently, police are not allowed to use “secret coercive measures” against children under the age of 15 – which allegedly hinders police work when investigating murders and bombings.

At a press conference on Wednesday, representatives of the Tidö parties confirmed that they want to change the legislation so that children can also be wiretapped – partly when they are being investigated for crimes – but also for “preventive purposes” – i.e. without any actual suspicion of crime.

These are far-reaching proposals. But it is justified by the development of society, said Minister for Justice Gunnar Strömmer (M), and continued:

– It is about preventing crime, but also about reaching those who are behind and controlling via children’s cell phones.

Dismisses own investigator’s limitations

The government’s own legal investigator had recommended that only the Swedish Security Service (Säpo) be allowed to use wiretapping without suspicion of a crime. However, the government disagrees, arguing that it is “absolutely necessary” for regular police to also be allowed to wiretap children if they can be linked to serious organized crime.

The government maintains that fighting gang crime is more important than protecting the integrity of minors. Strömmer stated that “there are very significant risks in allowing the current reality to continue as it is”.

The change in the law is proposed to come into force this fall for at least five years, after which it will be evaluated.

Although most people seem to agree that organized crime needs to be fought, many are also opposed to the fact that the moderate-led government repeatedly chooses to focus so much on increased wiretapping and surveillance. Critics also point out that there is a real risk that the surveillance apparatus will be abused in the future or used very arbitrarily and without legal certainty.

Our independent journalism needs your support!
We appreciate all of your donations to keep us alive and running.

Our independent journalism needs your support!
Consider a donation.

You can donate any amount of your choosing, one-time payment or even monthly.
We appreciate all of your donations to keep us alive and running.

Dont miss another article!

Sign up for our newsletter today!

Take part of uncensored news – free from industry interests and political correctness from the Polaris of Enlightenment – every week.