The never-ending battle between safety and privacy
IT'S MONDAY AND THIS IS DIGITAL POLITICS. I'm Mark Scott, and in the doldrums of (a very hot!) August, I'm already planning for September. I'll be in Brussels the week of Sept. 8. If you're around for coffee, reach out here.
— Efforts to unpick encryption in the name of child protection are gaining ground again. The proposals are based on the fallacy that they won't undermine universal privacy rights.
— The Trump-Putin summit fall-out: A view from the Russian propaganda machine.
— Everything you need to know about the cottage industry of copyright lawsuits taking on AI companies.
Let's get started:
WHEN IS IT OK TO BREAK END-TO-END ENCRYPTION?
THERE ARE A FEW CONSTANTS IN LIFE. Death. Taxes. And — at least for digital policymakers — the never-ending battle between those seeking to weaken encryption technology in the name of public safety and those fearful that such attempts will undermine people's fundamental privacy rights.
Over the years (more from me in 2019 and again in 2023), this fight has led to strange bedfellows. Law enforcement types have partnered with child safety advocates to demand the likes of Meta and Apple open up their encrypted services to greater oversight — all in the name of protecting against terrorist threats and child sexual abuse material. In the other camp, Silicon Valley and privacy groups (not the easiest of allies) raise legitimate concerns that you can't just weaken such encryption technologies for the "good guys." Inevitably, the "bad guys," too, will gain access.
American officials have often wavered between both camps. Officials are torn between the political realities of online child safety and the economic realities of protecting American tech giants from non-US tech regulation.
But in Europe, the drumbeat for encryption-busting policies has gone from a soft hum to a loud bang.
The smaller scuffle is in the United Kingdom where the government told Apple earlier this year to grant its security services access to its encrypted systems under the country's Investigatory Powers Act. Those rules had long been on the books. But the powers to compel companies to open up had never been used via so-called "technical capability notices." Still, London is now backing off amid complaints from the White House — and wider efforts by the UK to strike digital-focused trade agreements with the United States.
There's still outstanding concerns that the UK's Online Safety Act, which also includes powers to force such encryption breaking in the name of public safety, may lead to a similar transatlantic stand-off. Ofcom, the British regulator in charge of that legislation, however, has always made clear it will only pursue such demands if/when a technology is developed that both allows for outside access while preserving the underlying encryption. In short, that's a technical impossibility, allowing the UK regulator to punt any politically-sensitive issues into the long grass.
Thanks for reading Digital Politics. If you've been forwarded this newsletter (and like what you've read), please sign up here. For those already subscribed, reach out on digitalpolitics@protonmail.com
And that takes us to the European Union.
Long-time Brussels watchers will know the bloc's attempt to thwart child sexual abuse material — often accessed via online platforms — remains the unwanted love-child (no pun intended) of European digital regulation. Those proposals were first put forward in 2022. Yet since then, the ever-present tussle between safety and privacy (see above) has seen the legislation ping-pong between consecutive rotating presidencies of the European Council, or grouping of EU member states that nominally runs the bloc's policy agenda.
In July, Denmark (in charge until the end of the year) restarted this encryption spat after proposing changes (HT: Euractiv) to the child sexual abuse material legislation. The major overhaul compared to the Polish EU Council presidency (which ran for the first half of 2025) was to include demands that companies with encrypted technology comply with so-called mandatory detection orders, or legal requirements to check people's (encrypted) messages for possible illegal content.
What's more, the draft text — to be voted on by EU member states in mid October — included potential requirements to carry out these checks on individuals' devices, and not when they were shared over the cloud. That led to hackles from both tech executives and privacy campaigners. For more on what that looks like, check out this post from Meta's one-time top Brussels lobbyist (and now a Finnish member of the European Parliament) Aura Salla.
For the Danes, this is all about kids' safety. Speaking in Denmark in late July, the country's justice minister, Peter Hummelgaard, said his aim was to protect the privacy of those affected by these heinous images. "We need to ask ourselves, at the end of the day, whose privacy is it that we're mostly concerned with?" he told reporters. "We need to compromise on these differing views" (between child safety and privacy campaigners.)
The Danish EU presidency's half-year priorities also make its objectives explicit. "The Presidency will focus on strengthening the abilities to make use of the digital development for law enforcement when fighting serious crime," the document reads. "The Presidency will work to ensure the protection of fundamental rights as well as cooperation and protection in the area of civil matters."
A lot can happen between now and the proposed vote in October. For one thing, not all EU member states agree with the Dane's proposals. Without unanimity, the current draft proposals — like so many before them via the Hungarian and Polish EU Presidencies — may never get passed. That's especially true if US politicians realize what is going on in Brussels and cause a stink.
The thing is, none of this politicking finds a solution for what are two clear realities.
On the one side, it is a fact that encrypted messaging services are used for illegality, including the spread of child sexual abuse material. If you don't believe me, read this report from Australia's eSafety Commissioner. On the other, governments can't break encryption technology without compromising people's privacy rights. There are technical solutions like "hashing" and "matching" that can stop the spread of known illegal content. But including backdoors in end-to-end encrypted services will only lead to greater harm.
What we are lacking is a clear conversation about what are uncomfortable trade-offs.
It's impossible to balance the needs of protecting children from online predatory behavior (more on that here) and wider society's expectations of a base level of privacy. To suggest that some sort of yet-created technology will thread the needle between those fundamental rights is farcical. Policymakers should acknowledge that, and have an honest conversation with citizens about what is the least-worst option.
My personal view is that the breaking of encryption — and therefore the weakening of wider privacy rights — is not the right way to go (at least not yet) to protect children online. There are less invasive policy choices like baking in "privacy by design" principles into online platforms that can mitigate some, but not all, of the potential harm. Should children be able to receive DMs from strangers? No. Should they be able to access services before they reach the minimum age? Also no.
Neither of those policy choices has been effectively implemented yet. To jump directly to the "let's read everyone's messages!" stage makes good politics. But it does not represent a grown-up approach to what are impossible trade-offs.
At some point, encryption may have to be broken. But before we get there, all other policy options should be exhausted. That includes forcing platforms to embed privacy-by-design principles into their services and finding privacy-conscious "age assurance" techniques to safeguard children from areas of the internet that should remain off-limits.
Until that happens, the rush to break encryption should be viewed for what it is: a politically-expedient sledgehammer to crack a nut.
Chart of the Week
THE LATEST AI SYSTEMS ARE ONLY AS GOOD as the data upon which they are trained. For many companies, that means scraping reams of copyrighted material from around the world.
Publishers claim this is a slam dunk case of copyright infringement. AI giants like Google, OpenAI and Microsoft argue their tactics fit within the "fair use" principle.
Soon, we'll know who's right.
There are currently 45 copyright lawsuits in the US between publishers and AI companies related to how such data is used to train large language models. For links to all the cases below, check out the "source" section in the chart.
THE TRUMP-PUTIN SUMMIT PROPAGANDA AFTERMATH
FOR ALMOST EVERYONE (outside of Donald Trump's administration), the Aug. 15 Russo-American summit was a major political victory for Vladimir Putin. The US president rejected those claims. Yet ahead another round of meetings, this time in the White House on Aug. 18 with Western leaders and the Ukrainian president, Russia's state-backed media was again reframing quotes from leading US officials to meet Mocow's own political needs.
This has become a major trend in how the likes of Sputnik and RT speak to their international audiences.
Gone are the attacks on American imperialism, although those narratives still show up in Kremlin-backed media whose audiences span Latin America and French-speaking Africa. Instead, Moscow has been eager to frame the Aug. 15 summit as a win for both the US and Russia, while claiming it is now down to Volodymyr Zelenskyy, Ukraine's president, to find a solution to the bloody conflict in Eastern Europe.
That builds on public statements from Trump who claimed, in a social media post on Aug. 17, that Zelenskyy "can end the war with Russia almost immediately, if he wants to, or he can continue to fight." RT Mundo quickly jumped on that statement.
On RT, the English-language outlet, comments from Marco Rubio, the US Secretary of State, were picked up to suggest the war was "going to get worse" if Ukraine did not agree to a peace deal with Russia. In the outlet's German-language website, the Ukrainian president was also attacked over alleged corruption abuses — only weeks after Zelenskyy backtracked on new laws that would have undermined two national anti-corruption agencies.
Sign up for Digital Politics
Thanks for getting this far. Enjoyed what you've read? Why not receive weekly updates on how the worlds of technology and politics are colliding like never before. The first two weeks of any paid subscription are free.
Subscribe
Email sent! Check your inbox to complete your signup.
No spam. Unsubscribe anytime.
For Russia's state media, the Aug. 15 summit between Trump and Putin was shaped as a meeting of like-minded leaders, both of whom secured something out of the half-day event. "Trump can now indefinitely postpone a disastrous trade war with India and China, which secondary sanctions on Russia would have triggered," read an opinion article on RT that subsequently called on Zelenskyy to reach a peace deal with the Russian president. "Putin, meanwhile, drove home the point that a temporary ceasefire is insufficient – that the time has come to talk about a full peace treaty."
Ahead of the planned Aug. 18 meetings in Washington, during which several European leaders are expected to travel alongside Zelenskyy to put pressure on Trump over any potential long-term peace deal, Russian state media highlighted Europe's alleged weaknesses." That included jumping on comments from Friedrich Merz, the German chancellor, about the bloc's role in any potential negotiations, as well as a social media post from Guiseppe Conte, a former Italian prime minister, that framed Europe as a mere "supporting actor."
Ever since Trump returned to the White House, the Kremlin's state-backed media has balanced its eagerness to demonstrate renewed kinship between Russia and the US and its wariness that, eventually, relations will break down (again) between the long-time adversaries.
That message came through in an opinion articlewritten in RT en Français that both praised last week's summit, but reminded Russia it would need to promote its interests by strength if it wanted to secure its objectives in Ukraine. "It is now up to Russia, the last bulwark against total global dictatorship, to continue to defend its national interests," read the article. "It is simply important to understand that the meeting between the two presidents did not, in itself, magically resolve the conflict between these two worlds.
"In the end, there can only be one."
What I'm reading
— A group of independent research organizations published an in-depth analysis into the potential role of foreign manipulation in the recent Polish presidential election. More here.
— Casey Fiesler put together a series of social media-friendly tutorials on AI ethics. More here and why she did it here.
— Alexios Matnzarlis at the Indicator discovered dozens of TikTok accounts using AI avatars of real journalists to spread false information. More here.
— Anna Lenhart and Katie Shilton asked TikTok users about their awareness and potential concerns about researchers reviewing their social media posts. More here.
— Wikimedia lost a legal challenge against its attempt to be excluded from provisions within the UK's Online Safety Act. More here.