Gregory's ServerPart 1/3
[00:00:02] Intro
Deutschlandfunk Kultur Broadband.
[00:00:05] Moderator
Oh, how easy it would be if I couldn't care which messenger my friends use. For example WhatsApp, Imessage, Signal or Streamer, if I could use my messenger to send messages to any other messenger. If the EU has its way, this wish will actually become reality. It wants to impose interoperability on the major services in future. Market-dominating providers would then have to offer functions for exchanging text messages with smaller services. This is what the Digital Market Act says. Only smaller services are actually not so keen on the idea. I spoke about this with the CEO of Threema, Martin Blatter, whose messenger service from Switzerland advertises that it offers a very high level of data security. I wanted to know from him whether this data security could still be guaranteed when it comes to this exchange. And I also asked him to explain exactly what the idea behind this regulation is.
[00:01:08] Martin Blatter
The idea of the regulators is actually that you can send messages from one messenger to another messenger, to another provider. So that means that the messengers can communicate with each other, whether that will actually be possible in the future or not. We will see. My personal assessment is that this is more of a paper tiger. So that means that at least the messengers that have a certain sensitivity to issues such as data protection and security will not participate in this interoperability.
[00:01:51] Moderator
Well, in principle, you don't just send text messages, you also send pictures, voice messages, GIFs, sometimes even video calls. But not every messenger has the same functions. That would have to be standardised, wouldn't it?
[00:02:08] Martin Blatter
That would indeed be the case, but it's not realistic because the focus of the various messengers is very different. There are messenger providers who want to learn as little as possible about their users, while others want exactly the opposite. They want to know as much as possible about the behaviour, preferences and contact network of their users because they earn their money by collecting and collating such information. These fundamental differences in these philosophies run through the protocols of the respective messengers. Accordingly, there is never a congruence and it would also be completely unrealistic for every messenger to implement every function, because there are good reasons for not wanting to.
[00:02:58] Moderator
And then there's another point that is of course probably important for you, for streamers. It's about encryption and of course the question arises as to whether this is still possible if all platforms can talk to each other in the future.
@tcely
Part 2/3
[00:03:17] Martin Blatter
The directive stipulates that the security level should be maintained. Specifically, I think the directive even mentions end-to-end encryption. But security does not only mean encryption. Ultimately, the weakest link in the chain determines what happens to content and, above all, personal data. I'll call the top dogs these big gatekeepers. They are not really interested in the content and are perhaps even happy not to know it, as this could then lead to further regulatory consequences. For example, content, moderation and stories like that. So if you don't know it, you don't have to moderate it. This metadata is actually sufficient for the expansion of the social graph. In other words, who is communicating with whom, when, where, how the groups are put together, etc. And that is perhaps the exciting information and that is not really covered by the regulation, because encryption alone is not necessarily incredibly relevant.
And if you remember the phrase from the NSA or later CIA chief Hayden, they said We kill people based on metad ata. And government regulation could therefore involuntarily lead to these top dogs receiving additional user metadata. And of all people, the users who have consciously opted for a more data-efficient messenger. And that of course increases the value of the data collection, these top dogs. And I don't think that was in the interest of the regulators. It would backfire on them. I like to say that well-intentioned is not always well done.
[00:05:14] Moderator
What is the situation from your perspective as a provider? Do you see the possibility of complying with these requirements? Or would you say that this is a problem that would completely jeopardise our business model?
[00:05:30] Martin Blatter
That in any case. So the idea of this interoperability, of course. That sounds very appealing at first glance. We all know this situation from the club or school. If you have a WhatsApp group, then you're left out. Especially if you don't trust the WhatsApp provider. And from this point of view, if every messenger should or can talk to every other messenger, then as a user of a data-saving messenger like Threema, you don't just have to trust one provider, but any number of them. And among them will certainly be messengers whose data protection practices are rather questionable.
@threemaapp
@tcely
Part 2/3
[00:03:17] Martin Blatter
The directive stipulates that the security level should be maintained. Specifically, I think the directive even mentions end-to-end encryption. But security does not only mean encryption. Ultimately, the weakest link in the chain determines what happens to content and, above all, personal data. I'll call the top dogs these big gatekeepers. They are not really interested in the content and are perhaps even happy not to know it, as this could then lead to further...