Personally, I find "loyalty" perhaps the most fascinating one of those, being "irrational" for the individual almost by definition but sometimes, for example, proving out to be the only "glue" holding an organization together through a period of incurable-looking decline followed by an eventual recovery (in the lucky cases).

I don't know what you mean by a rugpull exactly, but of course in theory you can grant/obtain very extensive rights under a CLA as well, including eg the permission to relicense your contributions under whatever terms the licensee prefers. CLAs are a great way to centralize the IPR in an open source project for practical purposes like license enforcement, but in case the CLA terms allow it, the central governing entity could also obtain the right to switch the license even to a, say, commercial one. (Such terms would usually be a red flag for contributors though.) And in any case, that kind of CLA wouldn't still close off the code already released under the previous open-source license, and neither would it prevent you from licensing your own contributions under terms of your choice.

The Old English wīc, on the other hand, has an old Germanic etymology referring to 'camps', 'villages' and the like.

God knows there are a lot of inlets and fjords in Scandinavia, which incidentally were also places from where the surplus "víkingr" males surged west, possibly having adapted the term as an ethnonym by then; at least in modern Scandinavian languages cognates like 'viking' (pl. 'vikingar') are definitely associated with the geographic root 'vik' — as are innumerable surnames like Sandvik, Vikman, etc. Then again, those roving Vikings did of course build up "camps" and "settlements" wherever they went, although this perhaps sounds more likely a name someone else would give to them...

As for the difference between the Norse (ie North Germanic/Scandinavian) tribes/people and their more southern cousins (Angles, Saxons, Franks etc.) prior to and at the beginning of the Viking era, you might say the former were in fact quite clearly relatively more isolated in terms of geography, language and still-very-much-pagan culture. (And while eg Angles and Saxons did invade and settle much of Britain from current Northern German and parts of Denmark, this was already a couple of hundred years before, and a lot happened since.)

Anyway, as far as human/fundamental rights go, the encryption and related issues in Chat Control tend to fall more on the Article 7 side of the Charter[2] like many similar questions related to different forms of (mass) surveillance, secrecy / confidentiality of (electronic) communications, including related national regimes with often diverse jurisdiction-specific histories, etc.

[1] The main difference between a Directive and a Regulation under EU law is that a Directive requires implementation on the national level to work properly (ie national legislation, usually with some room for discretion and details here and there), while a Regulation is directly binding and effective law in member states wholly in itself.

[2] And similar/corresponding language in the European Convention on Human Rights (ECHR), including the related case law of the European Court of Human Rights (ECtHR). While these are not EU institutions, European human rights law is recognized and applied as constitutional / fundamental rights-level law both by the EU and member state courts.

Also, in the latest Hard Fork episode, Casey or Kevin mentions how the DoD undersecretary in charge of this contract doesn't apparently get along with or even pretty much hates Amodei for some reason. I think this might be the same undersecretary dude who actively commented the whole contract term controversy on X yesterday. Too bad I can't recall his name either.

EDIT: Trying to stay on topic and score some po--, cargo I mean...

In short, there are three core institutions, the "technocratic" European Commission, the European Parliament elected by direct popular vote, and the Council ("of the EU"/"of ministers") made up of the relevant (in terms of subject matter) ministers of the standing national govs. The law-making procedures depend on policy areas etc. but usually in the policy areas where EU is fully competent, the Commission — the democratically least accountable of the three bodies — by default makes the initiatives and negotiates/mediates them further along with the Parliament and Council, but only the last two together really have the power to finally approve actual legislation, usually either Regulations (directly applicable in member states as such — so an increasingly preferred instrument of near-full harmonisation), or Directives (requiring separate national transposition / implementation and usually leaving more room for national-level discretion otherwise as well).

While not fully comparable to nation-state parliaments, the powers of the EU Parliament have been strengthened vis-à-vis both the Commission and the Council, and it's certainly long been a misrepresentation to say that they, e.g., only have the power to "approve or turn down" proposals of the Commission and/or the Council.

I guess it's OK — I'm European too, for example — but it does seem like you're doing it to imply that your views are somehow (at least relatively more) popular among, or representative of, well, Europeans. But now that we're making such massive generalisations, I'd claim that well-educated English-speaking Europeans are often likelier to be more familiar with the views and internal debates among Americans than those of many of their fellow Europeans, and that you're probably no exception.

As for your comment, had you not addressed it to 'you Americans', I'd be hard-pressed to tell it apart from a pretty standard-issue American Left (or 'Progressive') rant, perhaps somewhere from the younger and more identitarian part of that crowd, for example (despite some of the quasi-tankie undertones). While I'll admit that scoffing at things like pro-life policies and/or American poverty is certainly easier and more common throughout the political spectra in (Western) Europe, I'd say your cringe-inducing bothsidesism with USA and China falls closer to the crackpot left camp in Europe as well.

Europe contains multitudes, and undoubtedly for some but not all, up until now at least, it has been a bit too easy to comfortably observe and judge things for so long as a world-political bystander from under the US nuclear umbrella, typically further from the Russian border too — whether you were an insular French with casual contempt for all things 'Yankee', a German atomic-phobic pacifist (or worse, a far-right, Pro-Putin knuckle dragger) from that 'European powerhouse' heated with Russian non-renewables, or even a Swede from the world's leading moral superpower, or something like that, anyway... ;)

That will take time, though, so I guess they are either hoping that some impossibly secure, reliable and unerring technologies emerge in the meantime, or they are prepared for a forever battle with the Court, coming up with ever new adjustments as soon as previous schemes get struck down[1], meanwhile allowing European law enforcement agencies to keep testing, developing and iterating on whatever client-side scanning or other techno-legal approaches they may come up with. I think this was roughly what they — ie, basically a group of a dozen or two law enforcement reps from different member states agencies and ministries along with like one lonely independent information security expert — said themselves in some working group report as part of some kind of Commission roadmap thing presented by von der Leyen not too long ago.

[1] On the data protection side we've already seen this kind of perpetual movement through the years with respect to different “safeguarding” mechanisms made available to enable transfers of personal data to the US without too much hassle, from Safe Harbor through Privacy Shield to the current Data Privacy Framework.

What's your accent btw? In "standard" English, 'the' has a voiced consonant, whereas 'thing' is unvoiced.

EDIT: Sorry, I now see you already told about your regional accent.

A conceptually different matter altogether is consent (possibly) needed under GDPR for various kinds of personal data processing involving the use of cookies (ie not just the placement of cookies as such) and other technologies for tracking, targeting and the like. That's why you see cookie banners with detailed purposes and eg massive lists of vendors (since they can be considered "recipients" of the user's personal data under GDPR). In this context, a valid consent (and the information you have to provide to obtain it) is required (at least) when consent is the only feasible legal basis of the ones available under Art 6 GDPR for the personal data processing activities in question. This is where the national regulators have taken strict stances especially regarding ad targeting and other activities usually involving cross-site tracking, for example, deeming that the only feasible basis for those activities would be consent (ie "opt-in") — instead of, in particular, "legitimate interests" which would enable opt-out-like mechanisms instead. This is the legal context of looking critically at 3rd-party cookies, but unfortunately, for the reasons mentioned above, getting rid of such cookies might still not be enough to avoid the minimal base cookie consent requirement when you use eg analytics... :(

It's pretty ridiculous, I know, and it's a bummer they scrapped the long-planned and -negotiated ePrivacy Regulation which was meant to replace the old ePrivacy Directive and, among other things, update the weird old cookie consent provision.

So you need a consent for all but the most crucial cookies without which the site/service wouldn't be able to function, like session cookies for managing signed-in state etc.

(The reason why you started to see consent banners really only after GDPR came to force is at least in part due to the fact that the ePrivacy Directive refers to the Data Protection Directive (DPD) for the standard of consent, and after DPD was replaced by GDPR, the arguably more stringent GDPR consent standard was applied, making it unfeasible to rely on some concept of implied consent or the like.)

The ePrivacy Directive requires a (GDPR-level) consent for just placing the cookie, unless it's strictly necessary for the provision of the “service”. The way EU regulators interpret this, even web analytics falls outside the necessity exception and therefore requires consent.

So as long as the user doesn't and/or is not able to automatically signal consent (or non-consent) eg via general browser-level settings, how can you obtain it without trying to get it from the user on a per-site basis somehow? (And no, DNT doesn't help since it's an opt-out, not an opt-in mechanism.)