The US and six other countries want to ensure that law enforcement agencies have access to encrypted communications throughout the EU. To this end, providers would be required to create so-called “backdoors” in their services and to provide authorities with unrestricted access.
To everyone concerned about preserving privacy protections, these moves are more than problematic. If public authorities can use these backdoors to access encrypted data, hackers and criminals can do the same. Under the guise of protecting the rights and interests of the public, this legislation would create systemic vulnerabilities in the world’s digital communications services.
Terrorism, security, and other appeals to emotion
In explaining the value of this legislation, governments, with the support of their intelligence agencies, have suggested that encrypted channels would be a haven for various bad actors. We would do well to remember that information can be encrypted prior to it being sent and that those plotting to harm our communities via encrypted platforms and services would continue to do so if, perhaps even because, encryption protections were relaxed. Those who value and seek to protect their privacy lose out.
A backdoor for whom?
The insistence on having backdoors in digital services is advisable as a response by law enforcement and intelligence agencies to organized crime groups (OCGs) operating largely in cyberspace. While justifiable, there is no assurance that these backdoors would not be exploited by OCGs and other criminal groups and networks. Computer scientist and creator of email encryption program PGP (Pretty Good Privacy), Phil Zimmermann, left for Europe in 2015 because of increased surveillance from the US authorities and has argued that “no information should be collected and stored in databases about people who are not suspected of any crime.” We agree.
Decide what future you want
The arguments for privacy protections and encryption can get as heated as those against. But they don’t need to be. You know where you stand and what you are comfortable with. If you are concerned, please bear in mind that service providers in the EU are not subject to US legislation, such as the USA Patriot Act and the CLOUD Act, both of which provide the US government with almost unlimited access to users’ data, and are backed by some of the world’s strictest data protection laws.
To ensure that EU data protection laws remain exemplary, we appeal to all responsible parties to strengthen protections by striking down the requirement for encryption backdoors.
Garside, Juliette. “Philip Zimmermann: king of encryption reveals his fears for privacy.” 25 May, 2015 from: https://www.theguardian.com/technology/2015/may/25/philip-zimmermann-king-encryption-reveals-fears-privacy
Scroxton, Alex. “EU moves closer to encryption ban after Austria, France attacks”. 9 Nov 2020 from: https://www.computerweekly.com/news/252491755/EU-moves-closer-to-encryption-ban-after-Austria-France-attacks