This ruling applies to all EU+UK (including post Brexit for now) states but was requested by UK/France/Belgium lawyers initially.
This ruling also seems to mandate that all EU+UK states cannot keep metadata indefinitely/permanently unless it's highly targeted (as in "individually targeted"), within a judicial framework and only for specific high security issues.
So it doesn't forbid mass surveillance per se but only seems to mandate that they can't keep the data forever unless strictly necessary.
Some could even interpret this ruling as permission to do mass surveillance as long as they don't keep the data for too long (a year? 10 years? it's unclear)
As long as these practices are normal, encryption services need to be expanded and cooperation with sate actors should be minimized, preferably use platforms outside the EU.
The only defense against surveillance of communication channels is to make it technically impossible. Respecting privacy may be a misnomer here, they just have to adhere to EU law, which probably leaves room to let state actors continue exactly as before.
edit: "no mass surveillance without limits" titles techcrunch. As if the "limits" could make mass surveillance acceptable. This article is "fake news" in the original sense, because they actually reduced barriers for mass surveillance.
Such cases have yet to be ruled upon by the ECHR tho (to which the UK still adheres to this date).
Same issue as the US where the Supreme Court should still rule about this whole right to not incriminate yourself / remain silent by not revealing a password.
No such cases have reached those jurisdiction yet as far as I know?
Exactly as I commented too. This ruling could basically make mass surveillance legal in the whole of EU and UK as long as the states set some unspecified limits themselves on how long they keep the data.
And some member states never really ruled on the matter clearly.
Now it's pretty clear and I have to agree and re-reading this ruling entirely that this is in fact making mass surveillance legal under an apparent cover of limiting it. Making your initial ending remark completely true.
And from what I read the summary is wrong.
This ruling applies to all EU+UK (including post Brexit for now) states but was requested by UK/France/Belgium lawyers initially.
This ruling also seems to mandate that all EU+UK states cannot keep metadata indefinitely/permanently unless it's highly targeted (as in "individually targeted"), within a judicial framework and only for specific high security issues.
So it doesn't forbid mass surveillance per se but only seems to mandate that they can't keep the data forever unless strictly necessary.
Some could even interpret this ruling as permission to do mass surveillance as long as they don't keep the data for too long (a year? 10 years? it's unclear)