European Politicians Are Fighting to Ban Backdoors Into Encrypted Messaging Apps

It's an uphill battle, though.
June 19, 2017, 1:38pm
Image: vx_lentz/Flickr

Despite swelling surveillance powers creeping across Europe, a European Parliament proposal is actually calling for a ban on "backdoors" that allow law enforcement agencies and governments into encrypted communications such as WhatsApp messages.

In amendments to proposals on personal data, the Committee on Civil Liberties, Justice and Home Affairs now says, "when encryption of electronic communications data is used, decryption, reverse engineering or monitoring of such communications shall be prohibited."

Advertisement

But privacy experts have told Motherboard the proposals are unlikely to win the support of EU member countries, especially Britain, where the Investigatory Powers Act combined with Brexit makes such a privacy u-turns improbable.

"I think we can safely say that the UK government won't accept them," Paul Bernal, law lecturer at the University of East Anglia, told Motherboard. "But given Brexit that's very unlikely to have an influence."

Bernal also doesn't expect the changes to be accepted in their current form, but that they are an indication of where things are headed.

"Those wanting backdoors and limitations on encryption use will almost certainly end up on the 'wrong side of history'. A secure and privacy-friendly internet is for the benefit of all, in the end," he told Motherboard.

The amendments state that EU member countries should not impose any obligations on Internet Service Providers (ISPs) that would result in the weakening of the security and encryption of their services.

But the new proposal's aims go head to head with powers ogled by leaders like Britain's Prime Minister Theresa May, who earlier this month demanded that extremists be deprived of online "safe spaces", such as those provided by secure messaging apps WhatsApp and Signal. In Germany, too, government ministers want to give German law enforcement powers to monitor WhatsApp and Telegram chats.

"The providers of electronic communications services shall ensure that there is sufficient protection in place against unauthorised access or alterations to the electronic communications data, and that the confidentiality and safety of the transmission are also guaranteed by the nature of the means of transmission used or by state-of-the-art end-to-end encryption of the electronic communications data," states the proposal.

Read more: Activists Need to Watch Out for Fake Encryption Keys

UK privacy charity Privacy International told Motherboard that the proposal doesn't go far enough, however. In a statement provided to Motherboard, Privacy International's legal officer Tomaso Falchetta said, "Privacy International would like to see privacy be baked into products and services from the beginning and to see such practices reflected in the regulation. This would require companies to, by default, offer privacy protective settings, to prevent other parties from storing information on devices of a user, and from processing information already stored on that device."

But with Germany now joining the UK and the US now working hard on passing laws that provide backdoors to end-to-end encrypted messaging platforms for law enforcement agencies, such as the Investigatory Power Act, the proposal is likely to receive much opposition. Indeed, Motherboard understands from another legal expert that this proposal, as it is coming from just one committee, is unlikely to be accepted by many member states without exceptions for law enforcements and national security agencies. In the US, for example, this type of bill would have explicitly prevented the FBI from demanding Apple make a backdoor into its iPhone software in order to access the chat logs of the San Bernardino shooter.

The proposal will soon head to the EU council, where it will have to be reviewed by other members of the European parliament before being passed. The UK's Brexit negotiations have also commenced today, and it is unclear what the proposal's changes could mean for Theresa May's encryption plans.

Get six of our favorite Motherboard stories every day by signing up for our newsletter .