[Aerroon]

>So much for the EU's vaunted privacy rights...

Do people really have such an impression?

In 2006 the EU passed a directive that obligated all ISPs to effectively save your browsing history.[0] They had to keep this for a minimum of 6 months. It took until 2014 for the directive to be found to be invalid. It worked until then though.

And that's on the EU level. My expectations are even lower when it comes to individual member states, particularly Germany.

[0] https://en.wikipedia.org/wiki/Data_Retention_Directive

[nelaboras]

But the data collection comes with safeguards to accesing the data. You need a court order to request it. This is not state ordered mass surveillance but rather gives police a right to monitor when they have a court order.

[reissbaker]

If e2e encryption is backdoored, there are no safeguards. If a court can read the data, then any "encryption" is privacy theater: either the key has been leaked and stored on government-controlled servers (which means an adversary who got access to the government-controlled servers could read your data without your knowledge too), or the e2e encryption is entirely fake and there's a plaintext copy stored somewhere that, similarly, adversaries could access. If the government can read all of your data, a hacker can too — which in today's age, also includes foreign (or even domestic!) government surveillance programs.

Backdoored encryption isn't real encryption. It's theater.

[ncmncm]

Secret court orders. We have already seen where that naturally goes. Each abuse makes the next easier.