the fact that Apple and Google are both lobbying hard against the EU's Digital Markets Act (DMA) gives me the sense that it's working as intended#apple #google #DMA #EU
Senza categoria
16
Post
4
Autori
14
Visualizzazioni
-
@rune in case any tech reporters want help writing a headline:
"Thrice-convicted Monopolist Claims Regulation Harms Consumers"
@ansuz the only bad regulations are the ones lobbied for by large corporations
-
@ansuz Indeed, it is. They are quite offen fined to pay millions of dollars under the GDPR already. In the beginning they thought they could just pay from petty cash but it becomes more and more expensive. In April 2025, Apple and Meta became the first companies to be penalized for violating the Digital Markets Act. Apple was fined 500 million euros ($570 million) and Meta was fined 200 million euros ($230 million) respectively.
-
-
-
@heals @ainmosni points 9 and 10 contain the relevant text and are described here: https://www.eu-digital-markets-act.com/Digital_Markets_Act_Article_6.html
-
@heals @ainmosni points 9 and 10 contain the relevant text and are described here: https://www.eu-digital-markets-act.com/Digital_Markets_Act_Article_6.html
@ansuz so lets say I use an e2ee encrypted messenger and the provider of that messenger thus cannot read or decrypt my messages.
They could under that clause request realtime access to data generated by the platform core service used for push notifications / device notifications for their app - which are generally displayed to me unencrypted and tada, e2ee and at the same time readable plaintext for the provider of the messenger?
I know that’ll imply a certain degree of bad intent from the provider but reading over article 9 it also sounds entirely within the realm of things you’d be allowed to do unless you anyone can prove that all notifications would classify as personally identifiable data that needs my permission to collect and process?
/cc @ainmosni
-
@ansuz so lets say I use an e2ee encrypted messenger and the provider of that messenger thus cannot read or decrypt my messages.
They could under that clause request realtime access to data generated by the platform core service used for push notifications / device notifications for their app - which are generally displayed to me unencrypted and tada, e2ee and at the same time readable plaintext for the provider of the messenger?
I know that’ll imply a certain degree of bad intent from the provider but reading over article 9 it also sounds entirely within the realm of things you’d be allowed to do unless you anyone can prove that all notifications would classify as personally identifiable data that needs my permission to collect and process?
/cc @ainmosni
-
-
@ansuz the notification provider isn’t able to decrypt your messages - that’s the catch. The messenger on your device can decrypt the message and send a local notification for you which normally none else can access 😅
As for the consent - yeah that’s the grey area here.. Notifications is a core service but access to that data shouldn’t be allowed to anyone really.
But it’s hard to say if all of the messages you get would classify as personal data (think things like WhatsApp news broadcasts) but generally they can’t be classified either without scanning the content and then we spin in a nasty circle 😐The DMA has its good ideas - no arguing on that- but certain areas still feel problematic / not completely thought through (like scope of application.. gatekeepers are obligated, non gatekeepers aren’t.. why not apply it equally to all businesses that provide comparable services or technologies?)
-
@ansuz the notification provider isn’t able to decrypt your messages - that’s the catch. The messenger on your device can decrypt the message and send a local notification for you which normally none else can access 😅
As for the consent - yeah that’s the grey area here.. Notifications is a core service but access to that data shouldn’t be allowed to anyone really.
But it’s hard to say if all of the messages you get would classify as personal data (think things like WhatsApp news broadcasts) but generally they can’t be classified either without scanning the content and then we spin in a nasty circle 😐The DMA has its good ideas - no arguing on that- but certain areas still feel problematic / not completely thought through (like scope of application.. gatekeepers are obligated, non gatekeepers aren’t.. why not apply it equally to all businesses that provide comparable services or technologies?)
@heals I understand the distinction, but if there's a chance of notification contents leaving the device then consent is required. That's what I meant by exfiltration. If that's the default then I think it's unfair to call such systems e2ee, regardless of the messenger's encryption, because as a system it fails to meet such guarantees.
I think the issues you're raising will largely come down to how the DMA is enforced. Many of the initial interpretations of the GDPR were wildly incorrect as well, and it took years of legal cases to show that such creative interpretations of its text were very illegal.
I expect that's what we'll see over the next few years as long as lobbying like this does not prompt any concessions from legislators.
-
@heals I understand the distinction, but if there's a chance of notification contents leaving the device then consent is required. That's what I meant by exfiltration. If that's the default then I think it's unfair to call such systems e2ee, regardless of the messenger's encryption, because as a system it fails to meet such guarantees.
I think the issues you're raising will largely come down to how the DMA is enforced. Many of the initial interpretations of the GDPR were wildly incorrect as well, and it took years of legal cases to show that such creative interpretations of its text were very illegal.
I expect that's what we'll see over the next few years as long as lobbying like this does not prompt any concessions from legislators.
@ansuz I’m afraid to wait and see..
The base idea of the DMA is nice but the EU being the EU they always backe things into laws that aren’t fully cooked and it takes the years you mention just to realise that and maybe amend / fix things (not including the GDPR, that one was actually nicely done).
It’s scary to think that the same people are on a happy course to kick-off ChatControl and feel great about it
:( -
@ansuz I’m afraid to wait and see..
The base idea of the DMA is nice but the EU being the EU they always backe things into laws that aren’t fully cooked and it takes the years you mention just to realise that and maybe amend / fix things (not including the GDPR, that one was actually nicely done).
It’s scary to think that the same people are on a happy course to kick-off ChatControl and feel great about it
:(@heals I think they tend to be more clear about the spirit of their laws than the exact text. the problems arise when American corporations do their best bad-faith interpretation of the text while ignoring the stated intentions of the laws, because that's closer to how the US legal system works 🤷 if you just keep in mind what such laws were supposed to accomplish when interpreting them, none of the rulings have really been that surprising.
chatcontrol seems to me like a special beast because it has strong ties to American lobbyists that are in its favour, rather than being intended as a way to regulate them. it's also different in that constitutional lawyers have said will be illegal according to existing law even if legislated, so at least there's that
-
undefined Oblomov ha condiviso questa discussione su
Gli ultimi otto messaggi ricevuti dalla Federazione
-
I wonder what the USA's win/loss ratio is since the cold war, because I'm under the impression it's not great. Or at least, I just figure if we actually won any wars in the last few decades surely I would have heard about it. I say this without any sarcasm though: the 24 hour burger king deployment thing does make me feel irrationally proud of my country.
-
This post did not contain any content.
-
@briankrebs call me old fashioned, but not being stuck in a layer cake plot is one of my favorite perks of traditional employment
-
Amicici e amicice del fediverso, non ricordo chi è il genio tra voi che scrive i post bilingui italo-veneto, ma questo post è dedicato soprattutto a lui
-
When should children have their #measles #vaccines?
From January 2026, the UK will offer the second dose of measles vaccine at the age of 18 months instead of at the age of three or four. The first dose will continue to be given at 12 months.
The move is inspired by research showing better vaccine uptake when the second dose of measles vaccine is offered earlier. France takes a similar approach, but there are a variety of schedules across Europe.
https://www.vaccinestoday.eu/stories/when-should-children-have-their-measles-vaccines/
-
This post did not contain any content.
-
Vibe merde
-
Spero tu stia bene, spero stiate bene tutti.
Buona notte Mohammed 🍉
