this post was submitted on 13 Nov 2025
214 points (99.1% liked)
Linux
10106 readers
1535 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That „all appropriate risk mitigation measures” is doing a lot of work here. Is it specified anywhere what’s appropriate?
If my understanding of the legislative EU process is somewhat correct, this effectively leaves it up to the countries to decide (as EU laws just mean that countries have to pass a law enacting it).
It's not rare to phrase laws this way in germany at least. It's not necessarily bad, as it allows court interpretation to change alongside societal values. In this case it would likely lead to only some countries actually passing mass surveillance laws (it's pretty unambiguously unconstitutional in a bunch, which makes it clear that mass surveillance is not "reasonable". Not that that always stops legislators, but it would at least die before the highest court eventually).
So we still need to fight it, because it's the first line of defense. Really what we need to push for would likely be explicitly disallowing blanket scanning of communication on the EU level, or proposals like this will happen again and again.
Yeah that seems like something that can't be put into a law. Well normally.
Laws are often purposefully vague to account for loopholes and changing circumstances/public attitudes though. It's the task of courts to define the exact boundaries – and since jury trials aren't a thing, the interpretations of any higher court will basically ammend the law for lower courts.
If you have a system based on precedent I guess, but I don't think the EU has that.