Happy winter and merry festivities!

Last year I made a post outlining many gift ideas for privacy enthusiasts. I'm back this year with an updated list. Privacy enthusiasts, by nature, are sometimes difficult to buy gifts for. This list is here to make it easier for you to come up with ideas, even if you don't directly gift what's on the list. I've decided to make a rule this year: only physical items. You can't put a subscription under the tree.

3D printers

3D printers can turn plastic into any shape you want. While a lot of 3D printers include proprietary privacy-invasive software, there are open-source options such as RepRap. The privacy benefit of these comes in the form of homemade firearms. Traditional firearms include many elements to trace the ammunition back to the firearm, but homemade firearms (such as ones made using a 3D printer) exclude these. The reliability of the firearm depends on the quality of the 3D printer, but the designs are getting easier and easier to make.

Accessories

Especially for phones, there are a few of privacy accessories that are simple but effective.
- Faraday bags
- Lens covers (which some phone cases include)
- Microphone blockers (which is more effective as a recording jammer)
- Monitor filters (better known as privacy screen protectors)

Anonymous dress

Anonymous dress is clothing that conceals your identity in public. Obtaining these items of clothing is a chore, so it's always easiest when it is gifted by somebody else. Black, unthemed clothing does the best job of protecting privacy. The holy grail of anonymous dress is:
- A balaclava to hide your face.
- A baseball cap to further hide your face, although a sun hat does a better job.
- A hooded down jacket to hide body shape and skin color. There are significantly long down jackets that extend below the knees that can somewhat conceal your gait too. Last year I included jackets that spoof AI recognition or blind infrared cameras, but those are very difficult to find and can be very identifying.
- Elevator shoes to conceal your height.
- Sunglasses to hide your eyes. Reflectacles do the best job of this.
- Touchscreen gloves to prevent fingerprints and still be able to use touchscreens. Normal gloves work when paired with a capacitive stylus.
- An umbrella to hide your clothing from surveillance cameras.

Ciphers

Not all encryption is digital. Traditionally, complex codes and ciphers were created to conceal messages. Hardware devices like the enigma machine were used to further aide the process. Modern versions of those devices, as well as related items such as invisible ink are still around and can be a fun project.

Computers

Laptops, desktops, and servers are all useful devices for accessing digital services privately. While there is no best choice, some lists can help shine some light on which hardware is considered secure:
- PrivSec.dev Laptop Hardware Security
- Qubes OS Hardware Compatibility List

Concealment devices

Concealment devices are things that look like ordinary objects, but in some way or another, have a hidden compartment used for storage. These are excellent ways to hide sensitive items such as cash, backup security tokens, and more. These are excellent gifts if you're giving one-on-one rather than at a party.

Cryptocurrency wallets

Cryptocurrency wallets are devices used to securely store (the keys for) cryptocurrency such as the private cryptocurrency Monero. The two best options are:
- Ledger
- Trezor

Dumb tech

Dumb tech is the opposite of smart tech. It doesn't connect to every device in your house. It doesn't broadcast that data to a corporation. It doesn't get exposed in a data breach. It doesn't get hacked. It doesn't go down when the internet goes offline. Things like dumb TVs or dumb cars are becoming harder to find but more and more valuable for privacy.

Mail

Mail is almost always sensitive. For that reason, it's useful to protect the contents by using security envelopes. For delivering packages privately, it's also useful to have a label printer capable of printing shipping labels.

Money

Banks and payment service providers are almost always incredibly privacy invasive and offer poor security. While some of these issues can be mitigated with services like Privacy, it doesn't fix the underlying issue. Anonymous payments not only protect your privacy, but protect your money too, and having the ability to make payments like these is what allows privacy to further grow. Anonymous payment methods include:
- Cash
- Gift cards (when purchased with cash and adequate anonymous dress)
- Monero (which is physical when paired with a cryptocurrency wallet)
- Stored-value card (when purchased with cash and adequate anonymous dress)

Optical discs

Optical discs are a physical way to store movies, shows, music, games, and more. The idea is that, instead of paying a subscription and streaming content, you can pay a one-time fee and get the full quality media offline. This is also excellent for ripping to create a digital archive to stream from your own servers for free.

Paper

Your most sensitive information is put at risk the moment it becomes digitized, so pen and paper isn't so bad for some uses:
- Earlier this year, Amazon removed the option to download and transfer ebooks. It's becoming increasingly harder to "own" an ebook, especially without using privacy-invasive software. For that reason, books are much better for privacy.
- Calendar apps are convenient for reminders, but they often sync to cloud services or include telemetry. Physical calendars are a good way to have peace of mind knowing that your personal events are away from prying eyes and can be erased without a trace.
- Notebooks are also useful for the same reasons as books. There are also numerous benefits to writing things down instead of typing them.

Paper shredders

Paper shredders destroy sensitive documents to prevent obtaining sensitive information by digging through landfills. However, shredded documents can be recovered using automated software. The paper shredder industry hasn't discovered fire yet, it seems.

Power cables

Most cables carry both power and data. However, that can be exploited by cleverly designing fake power stations that discreetly steal data when plugged into devices. Some cables only deliver power, without delivering data. These are incredibly useful for protecting vulnerable devices in public settings.

Printers

Printers suck. So much so that not even Framework wanted to make one. Nevertheless, a new printer called Open Printer is in the works. Until it's finished, the best option is to gift a printer that allows printing over a wired connection.

Promotional merchandise

There is no shortage of promotional merchandise for privacy. Some of my favorites include:
- Electronic Frontier Foundation
- Naomi Brockwell TV
- Privacy Guides

I also recently found products like this that serve a functional benefit of telling people you don't want to be recorded without explicitly talking to them.

Rayhunter

Rayhunter is a device created by the Electronic Frontier Foundation to detect Stingray attacks. It can be installed on supported devices, which are great gifts for high threat model people.

Safes

Safes are a secure box to store sensitive items. I shouldn't need to explain why this is a good idea.

Security seals

Security seals are a special type of sticker that makes it very clear if the seal has ever been broken. This is useful to place on the case of computers or other containers that shouldn't be opened often.

Security tokens

Security tokens are hardware devices used to authenticate accounts at a hardware level. When setup correctly, they are one of the most secure way to login. The most popular open source options are:
- Nitrokey
- OnlyKey
- SoloKeys

Smartphones

GrapheneOS is the most private and secure operating system available. They recently announced that they are partnering with an OEM to manufacture devices designed for GrapheneOS. However, until that device is made available, Google Pixels are still the only device GrapheneOS can be installed on.

USB flash drives

USB flash drives are the unsung heroes for so many areas of privacy. Whether it be installing operating systems such as Qubes OS and Tails, or creating offline Seedvault backups for GrapheneOS, USB flash drives have a multitude of uses. Just remember: it's better to have many, smaller USB flash drives than one, large USB flash drive.

Wi-Fi hotspots

Wi-Fi hotspots are (for privacy use-cases) hardware devices that allow connecting devices to the cellular network in a much more private way. The best one that supports an excellent privacy organization is the Calyx Internet Membership.

Wired headphones

Wired headphones not only provide higher quality audio output, but they also avoid the history of security issues with Bluetooth and the surveillance capitalism that comes with Bluetooth Low Energy beacons. Which type of wired headphones you gift depends on a lot of factors, but one that pairs nicely with Google Pixels are the Pixel USB-C earbuds sold by Google themselves.

Wireless routers

Wireless routers often leak everything sent through them. For that reason, custom software such as OpenWrt was designed to replace the privacy invasive software preinstalled on routers. OpenWrt also created their own router called the OpenWrt One. Earlier this year, they announced that they would be creating a new router called the OpenWrt Two. It hasn't come out yet, but maybe it will be on the list next year.

Conclusion

There is no shortage of privacy tech. The same technology that empowers privacy is the thin veil slowing down the world from its dystopian target. Giving the gift of privacy means giving the gift of a better future for those of us fighting on the front lines.

Lack-of-AI notice

I’ve been burned before, so I always try to mention that none of my content is AI generated. It isn’t even AI assisted. Just because something is comprehensive and well-structured does not make it AI generated. Every word I write is my own. Thank you for your understanding.

Cross posted from: feddit.uk/post/40232992

european funds recovery initiative
Search
Search...
Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR
HOME
Related News

Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR
Last week we at EFRI wrote about the Digital Omnibus leak and warned that the European Commission was preparing a stealth attack on the GDPR

Since then, two things have happened:

The Commission has now officially published its Digital Omnibus proposal.

noyb (Max Schrems’ organisation) has released a detailed legal analysis and new campaigning material that confirms our worst fears: this is not harmless “simplification”, it is a deregulation package that cuts into the core of the GDPR and ePrivacy.

What noyb has now put on the table

On 19 November 2025, noyb published a new piece with the blunt headline: “Digital Omnibus: EU Commission wants to wreck core GDPR principles”

Here’s a focused summary of the four core points from noyb’s announcement, in plain language:

New GDPR loophole via “pseudonyms” and IDs

The Commission wants to narrow the definition of “personal data” so that much data under pseudonyms or random IDs (ad-tech, data brokers, etc.) might no longer fall under the GDPR.

This would mean a shift from an objective test (“can a person be identified, directly or indirectly?”) to a subjective test (“does this company currently want or claim to be able to identify someone?”).

Therefore, whether the GDPR applies would depend on what a company says about its own capabilities and intentions.

Different companies handling the same dataset could fall inside or outside the GDPR.

For users and authorities, it becomes almost impossible to know ex ante whether the GDPR applies – endless arguments over a company’s “true intentions”.

Schrems’ analogy: it’s like a gun law that only applies if the gun owner admits he can handle the gun and intends to shoot – obviously absurd as a regulatory concept.

arzh-CNnlenfrdeitptrues
european funds recovery initiative
Search
Search...
Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR
HOME
Related News

Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR
Last week we at EFRI wrote about the Digital Omnibus leak and warned that the European Commission was preparing a stealth attack on the GDPR

Since then, two things have happened:

The Commission has now officially published its Digital Omnibus proposal.

noyb (Max Schrems’ organisation) has released a detailed legal analysis and new campaigning material that confirms our worst fears: this is not harmless “simplification”, it is a deregulation package that cuts into the core of the GDPR and ePrivacy.

What noyb has now put on the table
On 19 November 2025, noyb published a new piece with the blunt headline: “Digital Omnibus: EU Commission wants to wreck core GDPR principles”

Here’s a focused summary of the four core points from noyb’s announcement, in plain language:

New GDPR loophole via “pseudonyms” and IDs
The Commission wants to narrow the definition of “personal data” so that much data under pseudonyms or random IDs (ad-tech, data brokers, etc.) might no longer fall under the GDPR.

This would mean a shift from an objective test (“can a person be identified, directly or indirectly?”) to a subjective test (“does this company currently want or claim to be able to identify someone?”).

Therefore, whether the GDPR applies would depend on what a company says about its own capabilities and intentions.

Different companies handling the same dataset could fall inside or outside the GDPR.

For users and authorities, it becomes almost impossible to know ex ante whether the GDPR applies – endless arguments over a company’s “true intentions”.

Schrems’ analogy: it’s like a gun law that only applies if the gun owner admits he can handle the gun and intends to shoot – obviously absurd as a regulatory concept.

Weakening ePrivacy protection for data on your device

Today, Article 5(3) ePrivacy protects against remote access to data on your devices (PCs, smartphones, etc.) – based on the Charter right to the confidentiality of communications.

The Commission now wants to add broad “white-listed” exceptions for access to terminal equipment, including “aggregated statistics” and “security purposes”.

Max Schrems finds the wording of the new rule to be extremely permissive and could effectively allow extensive remote scanning or “searches” of user devices,ces as long as they are framed as minimal “security” or “statistics” operations – undermining the current strong protection against device-level snooping.

Opening the door for AI training on EU personal data (Meta, Google, etc.)

Despite clear public resistance (only a tiny minority wants Meta to use their data for AI), the Commission wants to allow Big Tech to train AI on highly personal data, e.g. 15+ years of social-media history.

Schrems’ core argument:

People were told their data is for “connecting” or advertising – now it is fed into opaque AI models, enabling those systems to infer intimate details and manipulate users.

The main beneficiaries are US Big Tech firms building base models from Europeans’ personal data.

The Commission relies on an opt-out approach, but in practice:

Companies often don’t know which specific users’ data are in a training dataset.

Users don’t know which companies are training on their data.

Realistically, people would need to send thousands of opt-outs per year – impossible.

Schrems calls this opt-out a “fig leaf” to cover fundamentally unlawful processing.

On top of training, the proposal would also privilege the “operation” of AI systems as a legal basis – effectively a wildcard: processing that would be illegal under normal GDPR rules becomes legal if it’s done “for AI”. Resulting in an inversion of normal logic: riskier technology (AI) gets lower, not higher, legal standards.

Cutting user rights back to almost zero – driven by German demands

The starting point for this attack on user rights is a debate in Germany about people using GDPR access rights in employment disputes, for example to prove unpaid overtime. The German government chose to label such use as “abuse” and pushed in Brussels for sharp limits on these rights. The Commission has now taken over this line of argument and proposes to restrict the GDPR access right to situations where it is exercised for “data protection purposes” only.

In practice, this would mean that employees could be refused access to their own working-time records in labour disputes. Journalists and researchers could be blocked from using access rights to obtain internal documents and data that are crucial for investigative work. Consumers who want to challenge and correct wrong credit scores in order to obtain better loan conditions could be told that their request is “not a data-protection purpose” and therefore can be rejected.

This approach directly contradicts both CJEU case law and Article 8(2) of the Charter of Fundamental Rights. The Court has repeatedly confirmed that data-subject rights may be exercised for any purpose, including litigation and gathering evidence against a company. As Max Schrems points out, there is no evidence of widespread abuse of GDPR rights by citizens; what we actually see in practice is widespread non-compliance by companies. Cutting back user rights in this situation shifts the balance even further in favour of controllers and demonstrates how detached the Commission has become from the day-to-day reality of users trying to defend themselves.

EFRI’s take: when Big Tech lobbying becomes lawmaking

For EFRI, the message is clear: the Commission has decided that instead of forcing Big Tech and financial intermediaries to finally comply with the GDPR, it is easier to move the goalposts and rewrite the rules in their favour. The result is a quiet but very real redistribution of power – away from citizens, victims, workers and journalists, and towards those who already control the data and the infrastructure. If this package goes through in anything like its current form, it will confirm that well-organised corporate lobbying can systematically erode even the EU’s flagship fundamental-rights legislation. That makes it all the more important for consumer organisations, victim groups and digital-rights advocates to push back – loudly, publicly and with concrete case stories – before the interests of Big Tech are permanently written into EU law.

Cross posted from: feddit.uk/post/40205739

I'm posting this to hopefully stop the posts that keep appearing, suggesting that progress has been made to defeat chat control.
That's not correct.

The article:

Contrary to headlines suggesting the EU has “backed away” from Chat Control, the negotiating mandate endorsed today by EU ambassadors in a close split vote paves the way for a permanent infrastructure of mass surveillance. Patrick Breyer, digital freedom fighter and expert on the file, warns journalists and the public not to be deceived by the label “voluntary.”

While the Council removed the obligation for scanning, the agreed text creates a toxic legal framework that incentivizes US tech giants to scan private communications indiscriminately, introduces mandatory age checks for all internet users, and threatens to exclude teenagers from digital life.

“The headlines are misleading: Chat Control is not dead, it is just being privatized,” warns Patrick Breyer. **“What the Council endorsed today is a Trojan Horse. By cementing ‘voluntary’ mass scanning, they are legitimizing the warrantless, error-prone mass surveillance of millions of Europeans by US corporations, while simultaneously killing online anonymity through the backdoor of age verification.”
**
Continue reading here - patrick-breyer.de/en/reality-c…

We have no idea what content is most viral on YouTube, Meta, TikTok, LinkedIn, or X – because they refuse to share basic data.

On the DSA’s Birthday (Oct 4th) we've led a “mass data access request” along with @mozilla and DSA40 Data Access Collaboratory, where a series of ~20 orgs requested daily data on their top 1,000 most-viewed posts in EU Member States. Every single one refused.

Join us in demanding platform transparency.

Posted on mastodon: chaos.social/@algorithmwatch/1…

AlgorithmWatch

2025-11-27 09:35:57

We have no idea what content is most viral on YouTube, Meta, TikTok, LinkedIn, or X – because they refuse to share basic data.

On the DSA’s Birthday (Oct 4th) we've led a “mass data access request” along with @mozilla and DSA40 Data Access Collaboratory, where a series of ~20 orgs requested daily data on their top 1,000 most-viewed posts in EU Member States. Every single one refused.

Join us in demanding platform transparency: mozillafoundation.org/en/campa…

Demand the Data: What’s Really Going Viral? | Mozilla Foundation

Social media platforms aren’t sharing what goes viral on their sites. Tell YouTube, Meta, TikTok, LinkedIn, and X to disclose their most-viewed content. Sign now.

^{Mozilla Foundation}

Hello everyone!

First of all, thanks a lot for the amazing response and interest in Journiv. We have hundreds of stars, thousands of docker pull and many many feature request (and bugs reports) on Github in just two weeks (sleepless two weeks for me :)).

Journiv v0.1.0-beta.8 is out and in it I have added the most requested features.

Highlights:

• OIDC support (now pretty stable)
• In app with history. So you always have your memories safe and backed up even if you don't want to deal with docker backups
• Role Based Access Control for user management.
• Many quality of life features and bug fixes.
• Read the release notes here

Journiv began as a deeply personal project, a way for me to capture memories, reflections, and the stories behind thousands of photos and videos of my fast-growing kids. What started as a tool for my own parenting journey has grown into something that fills a real gap in the self-hosting community.

If you’re curious, you can read the full story behind Journiv here.

I’m grateful that Journiv is now helping others preserve their memories as well.

The Journey Ahead

Journiv is in active development, with a fully functional backend, a web frontend, and mobile apps launching soon. It is self-hosted, and designed to be your companion for decades.

Journiv is being built because our memories deserve to be ours, forever.

So this Thanksgiving, give your family the gift of memories that last forever!

rockstar1215

2025-11-12 13:51:23

Meet Journiv! A Self-Hosted, Privacy-First Journaling App (Day One/Apple Journal Alternative)

Hello everyone!

TL;DR:
Journiv is a a beautiful, self-hosted, privacy-first journaling app with mood tracking, daily prompts, and meaningful insights. The mission is simple: your memories should always stay yours. Own them, don’t rent them.

Journiv 0.1.0-beta.4 is now live on GitHub and fully Docker-hostable.
Start owning your thoughts and memories forever and keep them completely private.

The Story Behind Journiv

I got into self-hosting last year and while exploring options journaling solution, I realized there wasn’t a truly modern, self-hosted equivalent to Day One or Apple Journal. Most alternatives were either general note apps or old abandoned projects.

I wanted something focused on journaling with:

• “On This Day” memories
• Prompt-based journaling
• A clean, minimal, distraction-free writing experience

So… I built my own: Journiv, a beautiful (at least I am trying to make it so), self-hosted, privacy-first journaling app with mood tracking, daily prompts, and meaningful insights.

Get Involved

Give Journiv a try, share your feedback and report issues. It means a lot at this stage.

GitHub - journiv/journiv-app: Journiv - Self hosted private journaling app

Journiv - Self hosted private journaling app. Contribute to journiv/journiv-app development by creating an account on GitHub.

^GitHub

There's been some posts about Graphene leaving france and accusing the government of targeting them.

This isn't happening. What happened is that le parisien posted an article that presents what french law enforcement think of grapheneOS, which is obviously mostly crap, then present part of graphene's respone, which does in fact include their references to human rights organizations, large tech companies and others using GrapheneOS, unlike what grapheneOS claims. The main flaw with the article is the fact that the author takes what the french law enforcement says at face value, which is not a good move.

If you haven't been following this you may be wondering how this was extrapolated into the government targeting them. Well, it's because government owned news sites also reported on this. This is because le parisien's article got regurgitated by a bunch of other news sites looking for an easy article to get ad revenue from, normal news site behavior. The government news sites are fully editorially independent from the government, which the GrapheneOS lead should know, since that's how the canadian CBC works.

For chat control, that measure isn't supported by the majority of french meps, just the (massively unpopular) head of state and his minority government. No similar law has been passed nationally, in fact, a law that guarantees privacy rights is making it's way through the legislature (tuta article). If chat control passes, it affects several of the countries (germany and belgium, afaik) they moved to as well, anyways.

Graphene's announcement also disparages the other two big privacy roms, both based in france, which is odd and makes me personally think this may have more to do with the visible hatred the project lead has for those projects.

Please tell me what you think, and if I missed anything important, because it really seems like a big nothing-burger to me.

Christmas is coming, we recently had a newborn, and we aren't sharing pictures of them on social media. But of course, we'd like to share photos with family, and a digital photo frame seems like an ideal way to do that.

I'm considering a solution with Immich, and found ImmichFrame. This doesn't recommend making it available to the internet, however, but running it on a Raspberry Pi with only the images we intend to share this way seems like a reasonable amount of risk.

Regarding Immich Frame, how does it handle when the server is unavailable, when say, my IP address changes? Ideally, I don't want this gift to become a series of tech support problems, there's good reason I haven't offered family access to anything else I self host.

Also, what frames do y'all recommend? Not looking to break the bank here, as I may be buying several. I assume something simple and Android would be best, maybe even something that can have its OS replaced with stock? I'd hate to get stuck with something locked down and unworkable, or that introduces its own broad privacy/security issues.

Lastly, please feel free to suggest other alternatives. Maybe there's a solution that sends images encrypted and decrypts them on device, and doesn't require me to self-host Immich, for example?

Cross posted from: feddit.uk/post/39979757

After Germany blocked the October vote, Europe’s surveillance proposal didn’t die—it evolved. Denmark’s November compromise claims to abandon mandatory scanning while preserving identical outcomes through legal sleight of hand. The repackaging reveals the essential dynamic: when democratic opposition defeats mass surveillance, proponents don’t accept defeat. They redraft terminology, shift articles, and reintroduce the same architecture under different labels until resistance exhausts itself.

The pattern is documented across five iterations. Sweden’s January-June 2023 presidency failed. Belgium couldn’t secure passage in June 2024. Hungary’s presidency ended December 31, 2024 without achieving agreement. Poland’s presidency collapsed in January-June 2025 when 16 pro-scanning states refused meaningful compromise. Each defeat produced not withdrawal but repackaging: “chat control” became “child sexual abuse regulation,” “scanning” became “detection orders,” “mandatory” became “risk mitigation,” and “breaking encryption” became “lawful access.” October’s blocking minority forced Denmark’s hand, but rather than accepting defeat, Justice Minister Peter Hummelgaard withdrew the proposal on October 31 and immediately began drafting version 2.0.

The Loophole Disguised as Compromise

Denmark’s November 5 revised text removes Articles 7-11’s “detection orders”—the language mandating scanning. Privacy advocates initially celebrated. Then legal experts read Article 4. The provision requires all communication providers implement “all appropriate risk mitigation measures” to prevent abuse on their platforms. Services classified as “high risk”—essentially any platform offering encryption, anonymity, or real-time communications—face obligations that experts argue constitute mandatory scanning without using the word “mandatory.”

Continue reading this article - restmedia.st/the-voluntary-tra…

Cross posted from: feddit.uk/post/39979350

[TRANSLATED ARTICLE]

EU chat control comes – through the back door of voluntariness

The EU states have agreed on a common position on chat control. Data protection advocates warn against massive surveillance. What is in store for us?

After lengthy negotiations, the EU states have agreed on a common position on so-called chat control. Like from one Minutes of negotiations of the Council working group As can be seen, Internet services will in future be allowed to voluntarily search their users' communications for information about crimes, but will not be obliged to do so.

The Danish Council Presidency wants to get the draft law through the Council "as quickly as possible", "so that the trilogue negotiations can begin promptly", the minutes say. Feedback from states should be limited to "absolute red lines".

Consensus achieved

The majority of States supported the compromise proposal. At least 15 spoke in favor, including Germany and France. Germany "welcomed both the deletion of the mandatory measures and the permanent anchoring of voluntary measures", said the protocol.

However, other countries were disappointed. Spain in particular "continued to see mandatory measures as necessary, unfortunately a comprehensive agreement on this was not possible". Hungary also "seen voluntariness as the sole concept as too little".

Spain, Hungary and Bulgaria proposed "an obligation for providers to detect, at least in open areas". The Danish Presidency "described the proposal as ambitious, but did not take it up to avoid further discussion.

The organization Netzpolitik.org, which has been reporting critically on chat control for years, sees the plans as a fundamental threat to democracy. "From the beginning, a lobby network intertwined with the security apparatus pushed chat control", writes the organization. “It was never really about the children, otherwise it would get to the root of abuse and violence instead of monitoring people without any initial suspicion.”

Netzpolitik.org argues that "encrypted communication is a thorn in the side of the security apparatus". Authorities have been trying to combat private and encrypted communication in various ways for years.

A number of scholars criticize the compromise proposal, calling voluntary chat control inappropriate. "Their benefits have not been proven, while the potential for harm and abuse is enormous", one said open letter.

According to critics, the planned technology, so-called client-side scanning, would create a backdoor on all users' devices. Netzpolitik.org warns that this represents a "frontal attack on end-to-end encryption, which is vital in the digital world".

The problem with such backdoors is that "not only the supposedly 'good guys' can use them, but also resourceful criminals or unwell-disposed other states", argues the organization.

Signal considers withdrawing from the EU

Journalists' associations are also alarmed by the plans. The DJV rejects chat control as a form of mass surveillance without cause and sees source protection threatened, for which encrypted communication is essential. The infrastructure created in this way can be used for political control "in just a few simple steps", said the DJV in a statement Opinion.

The Messenger service Signal Already announced that it would withdraw from the EU if necessary. Signal President Meredith Whittaker told the dpa: “Unfortunately, if we were given the choice of either undermining the integrity of our encryption or leaving Europe, we would make the decision to leave the market.”

Next steps in the legislative process

The Permanent Representatives of the EU states are due to meet next week on the subject, followed in December by the Ministers of Justice and Home Affairs, these two bodies are due to approve the bill as the Council's official position.

The trilogue then begins, in which the Commission, Parliament and Council must reach a compromise from their three draft laws. Parliament had described the original plans as mass surveillance and called for only unencrypted suspect content to be scanned.

The EU Commission had originally proposed requiring Internet services to search their users' content for information about crimes without cause and to send it to authorities if suspected.

I wanted to share an interesting statistic with you. Approximately 1 out of every 25 people with a Google Pixel phone is running GrapheneOS right now. While it's difficult to get an exact number, we can make educated guesses to get an approximate number.

How many GrapheneOS users are there? According to an estimate released by GrapheneOS today, the number of GrapheneOS devices is approaching 400,000. This estimate is based on the number of devices that downloaded recent GrapheneOS updates. Some users may have multiple devices, such as organizations, and some users may download and flash updates externally, but it's the best estimate we have.

How many Google Pixel users are there? Despite Google's extensive data collection, this one is surprisingly harder to estimate, since Google hasn't released an exact number. There's a number floating around that Google has 4-5% of the smartphone market, which is between 10 million and 13.2 million users in the United States. I can't find the source of where this information came from. That number is problematic, too, because Japan supposedly uses more Google Pixel phones than the United States. The Pixel 9 series was also a big jump in market share for Google. I couldn't find any numbers smaller than 10 million, and it made the math nice, so that is what I went with.

Putting the numbers together, it means that 4% of Google Pixel users are running GrapheneOS. That means in a room of 25 Google Pixel users, 1 of them will be a GrapheneOS user. If you include all custom Android operating systems, that number would certainly be much, much higher.

To put it into perspective, each pixel in this image represents ~5 Google Pixel users. Each white pixel represents that those ~5 people use GrapheneOS:

Even with generous estimates to Google's market share, GrapheneOS still makes up a large portion of their users.

Cross posted from: lemmy.world/post/39114169

How to opt out

Opting out requires you to change settings in two places, so I’ve tried to make it as easy to follow as possible. Feel free to let me know in the comments if I missed anything.

To fully opt out, you must turn off Gmail’s “Smart features” in two separate locations in your settings. Don’t miss one, or AI training may continue.

Step 1: Turn off Smart Features in Gmail, Chat, and Meet settings
Open Gmail on your desktop or mobile app.
Click the gear icon → See all settings (desktop) or Menu → Settings (mobile).
Find the section called Smart Features in Gmail, Chat, and Meet. You’ll need to scroll down quite a bit.
Smart features settings
Uncheck this option.
Scroll down and hit Save changes if on desktop.
Step 2: Turn off Google Workspace Smart Features
Still in Settings, locate Google Workspace smart features.
Click on Manage Workspace smart feature settings.
You’ll see two options: Smart features in Google Workspace and Smart features in other Google products.
Smart feature settings
Toggle both off.
Save again in this screen.
Step 3: Verify if both are off
Make sure both toggles remain off.
Refresh your Gmail app or sign out and back in to confirm changes.
Why two places?
Google separates “Workspace” smart features (email, chat, meet) from smart features used across other Google apps. To fully opt out of feeding your data into AI training, both must be disabled.

Note
Your account might not show these settings enabled by default yet (mine didn’t). Google appears to be rolling this out gradually. But if you care about privacy and control, double-check your settings today.

This is DeDe (Decentralized Delivery) Protocol:

Not a token, not speculation.
It’s infrastructure, deployed on Ethereum mainnet.

We’re watching the same pattern everywhere:
Postal systems collapsing.
Parcels lost, broken, stolen or seized.
Increased surveillance, ID requirements, more decay.
Less reliability, less privacy, less dignity.

The institutions that were supposed to protect our right to communication are failing, even though privacy of correspondence is guaranteed under UN Article 12 and ICCPR Article 17.

So instead of being stuck in surveillance and Inefficiency-As-A-Service, we have to build parallel systems immune to centralized control.
Systems by us for us, in the spirit of the Fediverse:

community-powered

decentralized

permissionless

protocol, not platform

no corporations

no bosses

no surveillance

no extraction

DeDe (Decentralized Delivery) is not a token, not a scam, not a VC product, not a walled garden.
It’s a rail, an open delivery settlement layer anyone can build on.

What it does:

Every parcel is an NFT with a lifecycle

Escrow is automatic, trustless, and transparent

Anyone can create an NFT-Parcel

Anyone can carry parcels while they’re already on the move

No fleets, no gig exploitation, no “shadow wages”

Zero extra CO₂, use the movement people already make

Protocol fee is immutable (0.5%), so nobody can rug / extract

Privacy is natively built in.

Fully MIT-licensed & open-source

It’s not a startup.
It’s not a marketplace.
It’s not a company.

It’s the peoples infrastructure for physical logistics.

Because if we want a free world, we can’t outsource critical communication infrastructure to decaying governments, surveillance corps, or gig economy parasites.

If you want to understand the philosophy behind it, here’s the full manifesto + artwork:

Medium:
medium.com/@ekarlsson66/dede-t…

If you want to poke around the contracts:

DeDe Protocol GitHub (MIT):
github.com/pablo-chacon/dede-p…

DeDe Quik-Start Templates GitHub (MIT):
github.com/pablo-chacon/dede-t…

No pressure to “like crypto.”
DeDe is just a tool.
Use it, fork it, ignore it. All up to you.
More decentralized civilizational fundamentals, means less dependency of collapsing control systems.
We must have working alternatives when the centralized systems break down.

Against decay, we build.
That’s the spirit of the fediverse.
That’s the spirit of DeDe.