[jonaharagon]

Totally. This is exactly the problem with things like Chat Control in the EU and KOSA in the US. They will just introduce the same bill over and over and over again until they get the desired result.

What we need is for legislatures to pass "NO Chat Control" and "NO KOSA" bills that specifically block this behavior, but unsurprisingly governments don't seem to be too keen about limiting their own rights, only those of their citizens.

[Geezus_42]

Attackers only need to win once. Defenders have to win every round.

[Uupis]

I think I like this phrasing. Thank you!

[anikom15]

In Britain, such a thing is not even possible because no Parliament can limit the power of a future Parliament.

[jonaharagon]

True, and this is also the case in many other countries. Even if it is revocable by future legislation though, having pro-privacy laws on the books to prevent the current executive powers-that-be from abusing them would still be helpful.

[tormeh]

You mean enshrine a right to messaging privacy in a constitution? That's going to be difficult.

[AnthonyMouse]

A lot of these laws are now attempting to apply extra-territorially, e.g. to servers and companies in the US just because people in the UK are connected to the same internet, with punishments meted out if any part of that company does any business in the UK even if it's unrelated.

It might be interesting to go the other way: Get it put into the constitution of a major country that these kind of backdoors are banned world-wide and you can't do business in that country if any part of your enterprise implements them anywhere else.

To begin with this would make it harder to pass laws like this in other places -- domestic companies with international operations would put up stronger opposition because it would compromise their ability to do business elsewhere, and legislators might actually be concerned about that. And then on top of that it would force the companies to choose which subset of the world they want to operate in, allowing people in oppressive countries to pick up uncompromised devices from the places where compromised devices are banned.

[nine_k]

The US constitution already has a provision against unreasonable search properly enshrined, and well tested in courts. Things like KOSA can be rejected as clearly violating it.

The EU does not seem to have such simple and ironclad norm.

[tremon]

Ah, that constitution must explain why we never see people being abducted in broad daylight by goon squads in the US, right? Because anything that clearly violates the constitution would obviously never happen there. Because you're the best country. The greatest.

For reference, the EU does have an equivalent norm: https://fra.europa.eu/en/eu-charter/article/7-respect-privat...

[beeflet]

I'm not sure if the 4th amendment applies to deportation of non-citizens, and secondly you would have to take it to supreme court to find out.

In comparison to the US constitution, EU "norms" might as well be toilet paper. For example, they have some notion of "free expression" which sounds like free speech but is defined to be so weak as to be useless. The european public broadly does not seem to care, they certainly aren't willing to kill for their rights.

[JoshTriplett]

> I'm not sure if the 4th amendment applies to deportation of non-citizens

Leaving aside everything else wrong with it: in the absence of due process, that can happen to citizens too.

[BrenBarn]

Other commenters already mentioned that the current situation in the US shows how fragile this "ironclad" norm is. Aside from that, though, the fourth amendment wouldn't necessarily prevent a law that requires companies to scan the data and creates certain liabilities if they don't. The weakness in the US's version of such "rights" is that none of them are actually guarantee that any individual rights are to be protected against all comers; they restrict the government from doing certain things but allow private actors to do those same things.

[jeremyjh]

This means nothing when the Supreme Court is playing Calvinball. It turns out a constitution has zero value if you purchase the highest courts.

[asdff]

Do you imagine the current SCOTUS stepping up to bat for the common person in the face of three letter agencies and federal autocracy?

[jonaharagon]

I mean that'd certainly be nice, and it is also their only job, but even if they wanted to do it in regular legislation that'd be better than nothing.

Make a law that says companies have to protect the data of their citizens without the possibility of any intentional backdoor, perhaps. Make a law that says companies can't require people to dox themselves with ID scans simply to use a publicly available internet platform that provides no services in the physical world. Make a law that says OS developers can't create client-side scanning services that upload results off-device without revocable user consent.

[fbhabbed]

We already have a such thing in Italy - Constitution (the highest hierarchy in law here), article 15.

Since decades.

[asdfasvea]

You've not been paying attention. Laws can be undone easily with laws.

Pass your 'no KOSA' law. And then when they want KOSA, they just pass KOSA with a sentence that says this KOSA law supersedes prior 'No KOSA' laws.

You need to limit their power to do that and the only way is constitutionally.

[godelski]

No security is perfect, you can only create walls and speedbumps. It makes it harder. You're right, limit the power, but that doesn't mean you can't do both. The latter is much harder