EU Commission refuses to disclose authors behind its mass surveillance proposal

Original Article ↗ Hacker News Discussion ↗

Opacity, Commission Power, and Democratic Legitimacy

  • Commenters see the refusal to name “Going Dark” / HLG participants as extraordinary and abnormal; usually such working group memberships can be obtained by information requests.
  • The Commission is portrayed as a technocratic, insulated body: not directly elected, tightly aligned with state security interests, and only weakly accountable via Parliament.
  • Several argue this is less “bureaucratic drift” and more a conscious political project driven by senior Commission figures and interior ministries, backed by many member governments.
  • There is frustration that Parliament cannot initiate legislation and tends to eventually approve what the Commission and Council push, despite public backlash (e.g. copyright directive precedent).

Scope of Surveillance Plans (Chat Control, Data Retention, Lawful Access)

  • Linked documents and summaries describe:
    • A new, broad data-retention regime covering all types of providers and traffic.
    • “Lawful access by design” in hardware and software, effectively mandating backdoors.
    • Research into accessing encrypted data “without compromising security,” which many call impossible in practice.
  • Chat Control is seen as functionally on-device mass scanning of private communications (images, videos, possibly text), with talk of later expanding scope beyond child abuse to “all traffic is useful.”
  • Age verification and EU digital identity are viewed as complementary tools that will bind online activity to real identities, ending anonymity.
  • One especially worrying aspect: reported exemptions for police, military and politicians, creating a two-tier system.

Technical Debate: Can You Scan Encrypted Data Safely?

  • A long subthread debates homomorphic encryption and trusted computing.
  • Cryptography-literate commenters insist fully homomorphic schemes cannot give third parties useful insight without breaking core guarantees; at scale it is also computationally prohibitive.
  • Others float combinations of on-device inference, enclaves, and provider-side scanning, but opponents note that once results are exfiltrated for law enforcement, privacy is effectively lost.

Political Blame and Ideology

  • Some blame the far right, others argue the main drivers are centrist/“neoliberal” elites seeking control, with far-right parties mostly using these failures rhetorically.
  • There is a heated side debate over whether European “far right” and “far left” labels are accurate, and whether current left parties are truly extremist or mostly centrist.
  • A recurring point: any mass-surveillance machinery built by today’s moderates will be available to tomorrow’s extremists.

Comparisons to Authoritarian States and Human-Rights Law

  • Many compare the proposals to North Korean or Chinese digital surveillance, arguing the functional effect (mass monitoring, chilling effect) is similar even if formal institutions differ.
  • Others call this “false equivalence,” stressing that EU measures can be challenged in court and are still only proposals.
  • Critics respond that:
    • EU data-retention laws have previously been struck down only after many years of illegal operation.
    • Courts are part of the same power structure and cannot be relied upon as the main safeguard for fundamental rights.
    • If elected politicians are already normalizing these ideas, liberal democracy is failing at the cultural level, regardless of legal remedies.

Corporate Influence, Thorn, and Europol

  • Several comments focus on Thorn, the US CSAM-scanning vendor used as a key evidence source by the Commission.
  • FOIA attempts to obtain validation data were blocked by the Commission, leading the EU Ombudsman to find maladministration; still, nothing changed.
  • Europol reportedly lobbied to extend scanning beyond child abuse to other crime areas, and some Europol staff later joined Thorn with documented conflict-of-interest issues.
  • This is framed as a revolving-door ecosystem: law-enforcement agencies, vendors, and Commission units mutually justifying each other’s push for more data.

National Examples and “Everyone Does It” Dynamic

  • Commenters list Norway, the Netherlands, Denmark, Spain, Poland, Hungary, and the UK as already engaging in dragnet-style retention, metadata collection, or spyware use.
  • The political spectrum (left, right, liberal, conservative) is described as largely irrelevant: nearly all major parties in power favor more surveillance when they govern.
  • Some argue the real driver is concentration of power (state and corporate), not ideology; once surveillance institutions exist, they develop their own momentum.

Activism, Cynicism, and Next Steps

  • A few users share links to civil-society analyses (EDRi, Statewatch, individual MEP blogs) and to the Commission’s own “Have Your Say” feedback page, urging submissions against the plan.
  • Others are deeply pessimistic: contacting MEPs often yields canned Commission talking points; mass media barely cover these issues; and voters rarely punish surveillance advocates.
  • Still, some insist on sustained civic pressure: the only realistic defense is to make such proposals so politically toxic that future politicians fear even floating them.