That's an interesting thread ... they claim they won't be compliant, which I applaud, but what will happen is that unwitting Signal users will end up being targeted by law enforcement. There are already precedents of people with "secure" phones or encrypted messaging apps being targeted, such as the Sky ECC case.
If Signal can’t be installed or updated via the App Store anyone, that’s already enough to exclude 99.9% of all users - no need to involve law enforcement.
My point wasn't that there was a need to involve law enforcement. My point was that overzealous law enforcement will use this as yet another excuse to crack down on people who value privacy.
"Signal, unwilling to implement easy to build software to comply with EU regulations, likely due to fiscal concerns, has shown itself placing profit far above the care and concerns of our next generation, our children, and the pedophiles that prey upon them, such heinous creators of child porn." signed EU press release.
The overwhelming majority of people living in the EU won't really care or even notice this new law/directive/(?) because they don't really pay any attention to what the EU is doing but yeah for most of of the remaining ones that will probably suffice.
Especially if the new law is very conveniently enacted during the most important sports event in the EU, with 99.99% eyeballs looking elsewhere. A very common tactic pretty much everywhere, but that doesn't make it stink less.
Quoted in major tech press first, and then in non-tech press if the case becomes prominent enough to get to national news, would have a serious poisoning effect.
They are not somehow bluffing or threatening this simply to try to change the law. It's a principled stance that they simply cannot provide E2E encrypted chat under such conditions. So either they break their protocol in which case their claimed offer would be a lie, or they leave.
Seems like the only choice they have, really. Also, by "leave EU" I'm pretty sure they mean not offer their app in the EU, so yes I think they expect their EU user base to be zero in this scenario.
To my knowledge, Signal makes a grand total of €0 in profit in Europe, or anywhere else for that matter, being a not-for-profit. It is not the purpose of a not-for-profit to grow exponentially. The Signal Foundation's mission is to ensure the continued existence of a secure messenger app. The people in charge of Signal take that mission very seriously, to their great credit.
There are already anti-circumvention mechanisms built into Signal to facilitate use in places like China and Iran, so they've shown no interest in compliance where that goes directly contrary to their mission. Should they be removed from the App Store in Europe, I imagine they'll work on making use of the EU's own push to open iOS up for alternative app stores / PWAs. (It's clear that the EU is unhappy with Apple's current take on compliance, so we can expect that to open up further.)
Doesn't really matter what Signal does. If this goes through then the next push will be to implement the scanning at the OS-level for non-compliant apps. Or just to demand that Android and iOS get the ability to block apps on a government list even if installed outside the app store. Sure, a few hackers (and the criminals) will always have secure communications but you can't win the fight for widespread secure communication against the government's will with technological means.
I think this seems like a fairly extreme and unlikely worst case scenario. I'd be sceptical about the EU's ability to actually implement something like this - there are limits to both what American companies are willing to do (e.g. Google leaving China), and what some of the more historically liberal European states are actually willing to tolerate from the EU level (imagine the blow to business confidence).
That's not to say that the present proposals aren't already bad enough.
I think it would be feasible for Whatsapp, Telegram and Signal to form a coalition that pledges to withdraw from any country or market that tries to pull these shenanigans, such that the sum of them is big enough to play that game.
The hardest to convince would be Whatsapp, but I think that Zuckerberg is one of the few big tech CEOs that still has principles, at least sometimes. I think it could happen.
And I believe that is exactly what the court was demanding they do. Push an update to uncloak the users that the court determines should lose their privacy.
Thanks to hn crowd, who explained it's not super difficult (and not going to lie, summer $500 discount), a Google pixel phone, soon running GrapheneOS, is on it's way.
Can GrapheneOS prevent detection of somebody sideloading Signal?
Probably not but you still need to have someone to someone to communicate with even if you manage to install it. If you can't get it on the mainstream app stores it will just be a niche app for "privacy nerds" and drug dealers (in the EU at least..)
https://mastodon.world/@Mer__edith/112535616774247450