It is unacceptable that EU-made technologies are still exported, deployed and operated by European companies to third countries without oversight.
The “Without Oversight” bit makes me cynically think that she’s implying that some kind of oversight would make censorship and mass surveillance acceptable. It sounds like the EU government wants a cut of the profits.
Otherwise, she would be a lot more louder about protecting EU citizens from US and EU censorship and mass surveillance instead.
The other side of this is that it’s a means of controlling hacking tools that sysadmins use to legitimately test their own computers and networks. Be careful what you wish for.
In before the snark takes over this thread.
I reckon she’s on to something extremely important. In countries where IT technology has yet to penetrate as deeply as it has in the West, the ability for suppressive governments to purchase surveillance technology has been the cause of countless extrajudicial civilian deaths.
Why should this continue unregulated? This thread could end up looking like the US gun debate where the call for some degree of regulation inevitably will meet cries of fundamental rights being violated.
Exporting IT technology is a great way of establishing backdoors into potential targets’ infrastructure and to undermine their “secure” communications.
Makes almost as much sense as the petition against dihidrogen monoxide except in that case it was clearly defined what the petition was against but here its totally nebulous.
Careful there. Restrictions on exporting “hacking” tools could easily lead to the kind of shit we had in the US when you couldn’t export public key encryption. That gives the governments license to exercise a whole lot of control over a whole lot of software that’s not actually used by repressive regimes.
Seriously. This sounds a lot like the crypto-as-munitions situation that Phil Zimmerman &c were fighting against in the 90s, and an oversight-of-crypto-munitions situation may quickly turn into a re-run of the clipper chip fiasco (you can use our surveillance and censorship technology, but you need to give us half the key so we can break the other half and spy on your spying machinery so we know that you aren’t spying on people we don’t want you to be spying on).
Furthermore, it ignores the use of this tech within the EU and between EU members in morally ambiguous ways. When British tech is being used by Germans to spy on Italians, there has been no export out of the EU, but there has been a need for oversight (and when the UK spies on traffic going between the US and Russia, that doesn’t necessarily mean there has been any export!). There have even been cases of re-routing traffic that should be going between two places in the united states, through the EU, into former soviet block countries for unknown reasons (a mechanism that can be used to perform a man in the middle attack on foreign traffic without exporting any code). The special thing about network software is that it doesn’t need to reside any particular place in order to perform operations elsewhere, so long as it is used cleverly.
What this kind of thing would do is prevent sysadmins already at a disadvantage by not being supported by the union of wealthy western-european countries from testing the kinds of tools that attackers in wealthy western-european countries would use on them against their own networks, or from cracking them open and examining them.
All in all, it seems like a total loss at the moment.
This topic was automatically closed after 5 days. New replies are no longer allowed.