New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

EU Proposes Enforcing Data Encryption and Banning Backdoors

The European Parliament's Committee on Civil Liberties, Justice, and Home Affairs has published draft proposals that would enforce end-to-end encryption on all digital communications and forbid backdoors that enable law enforcement to access private message data.

The proposed amendment relates to Article 7 of the EU's Charter of Fundamental Rights, which says that EU citizens have a right to personal privacy, as well as privacy in their family life and at home. By extension, the "confidentiality and safety" of EU citizens' electronic communications needs to be "guaranteed" in the same manner.

Confidentiality of electronic communications ensures that information exchanged between parties and the external elements of such communication, including when the information has been sent, from where, to whom, is not to be revealed to anyone other than to the parties involved in a communication.

The principle of confidentiality should apply to current and future means of communication, including calls, internet access, instant messaging applications, e-mail, internet phone calls and messaging provided through social media.
The regulation states that the disclosure of contents in electronic communications may reveal highly sensitive information about citizens, from personal experiences and emotions to medical conditions, sexual preferences and political views, which could result in personal and social harm, economic loss or embarrassment.

In addition, the committee argues that not only the content of communications needs to be protected, but also the metadata associated with it, including numbers called, websites visited, geographical location, and the time, date, and duration of calls, which might otherwise be used to draw conclusions about the private lives of persons involved.

The regulations would apply to providers of electronic communication services as well as software providers that enable electronic communications and the retrieval of information on the internet. However, the amendment goes further by stating that the use of software backdoors by EU member states should be outlawed.
When encryption of electronic communications data is used, decryption, reverse engineering or monitoring of such communications shall be prohibited.  

Member states shall not impose any obligations on electronic communications service providers that would result in the weakening of the security and encryption of their networks and services.
The proposals appear to have been tabled in response to comments made by EU member states such as the U.K., which has argued that encrypted online channels such as WhatsApp and Telegram provide a "safe haven" for terrorists because governments and even the companies that host the services cannot read them.

The U.K. home secretary Amber Rudd recently claimed that it is "completely unacceptable" that authorities cannot gain access to messages stored on mobile applications protected by end-to-end encryption. A leaked draft technical paper prepared by the U.K. government was leaked shortly after Rudd's comments, containing proposals related to the removal of encryption from private communications.

The EU proposals could also put European security policy at odds with federal legislators in the U.S., who recently called on technology companies to compromise the encryption built into their mobile software. Last year, Apple and the FBI were involved in a public dispute over the latter's demands to provide a backdoor into iPhones, following the December 2015 shooter incidents in San Bernardino.

Apple said the software the FBI asked for could serve as a "master key" able to be used to get information from any iPhone or iPad - including its most recent devices - while the FBI claimed it only wanted access to a single iPhone.

The European Union proposals have to be approved by MEPs and reviewed by the EU council before the amendments can pass. It remains unclear how the laws would apply in the U.K. after Brexit, initial negotiations for which begin on Monday. 

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.



Top Rated Comments

(View all)

25 months ago
Oh man.. I respect what they're trying to do here. This makes our plans in the UK seem even more insanely inept.
Rating: 40 Votes
25 months ago
Once again, I love how human-facing the EU and their policies are. Be a shame to leave the UK.
Rating: 36 Votes
25 months ago
I'm just hoping the whole Brexit thing collapses in some way. I very much doubt it though sadly.
Rating: 29 Votes
25 months ago
President Bannon, what do you think?
Rating: 22 Votes
25 months ago
With our current dictator in power (Theresa May) I doubt we’d see these measures, since she wants to lock down the UKs internet and open encryption North Korea style.
Rating: 18 Votes
25 months ago

I don't trust the EU with its unelected elites deciding on our lives.

Whenever I read that nonsense about those supposed "unelected elites" in the EU, I basically stop reading, as nothing smart can follow after that.

The crazy part is that the whole Brexit thing is based on that. People like Nigel Farage have derived their whole political career from talking about some imaginary "unelected elites". And people actually believed it. Perhaps Theresa May should have campaigned on an anti-bogeyman platform. Or with a campaign slogan like "Santa Claus's toy factories are destroying jobs in the UK!" Seems to work well enough.
Rating: 14 Votes
25 months ago
I don't trust the EU with its unelected elites deciding on our lives.
It's the same EU that wastes billions, lets in (or even (let) picks up at the other side of the Mediterranean Sea) illegal immigrants by the thousands, ...
Rating: 12 Votes
25 months ago
The debate has erroneously centred (at least outside of tech-literate circles) on the 'balance' or 'compromise' between e-to-e encryption and people being kept safe, as if the two things were in conflict.

On the face of it I think that this EU draft sounds good, but just as important (because it's a global matter) is to impress again and again that encryption is not in opposition to our safety, rather that it is vital in order to secure it.

The number of terrorist incidents is too high. Obviously. Even one is one too many. But the spectacular and sensationalised nature of such attacks (which is half the point) against relatively tiny numbers of people should not let us disproportionately damage aspects of digital infrastructure that keep us all safe every day in countless ways.

To be clear, any kind of backdoors or compromises in encryption only do real, lasting harm to we, the law-abiding and innocent. Whilst some 'low-hanging fruit' criminals and potential terrorists could be disrupted or caught by monitoring communications that has had its encryption broken, any vaguely competent bad guys will avoid detection altogether by other means. Meanwhile internet commerce, important (and in some cases vital) physical infrastructure would be put at risk, eveyone's privacy would compromised, and authoritarian states around the world would continue to be enboldened to crush dissent and political opponents by the poor example set by the supposedly enlightened free democracies.

Also, intelligence agencies already have a wide array of capabilities to monitor communications and metadata. I'm sure this gives them lots of leads and evidence, which is good (and I'm not sure whether the EU proposals go too far in this respect). But they only get that because bad guys think the content itself can't be decrypted. If encryption was gone, what would they do? Continue to send stuff and just hope no-one reads it? Come on, it doesn't pass the 'smell test', does it?

Except for those small fraction of people involved in perpetrating it, we all want terrorism and criminality to stop. But removing everyone else's protection whilst causing minor inconvenience to the bad guys wouldn't achieve that.

I hope the EU enacts something like this proposal, and that others follow.
Rating: 11 Votes
25 months ago

I don't trust the EU with its unelected elites deciding on our lives.

Yeah, that is the proper reaction to a proposal by the European Parliament.
[doublepost=1497874762][/doublepost]

smells fishy to me. if there is one thing eurocrats like it is pressing the thumb on the little people.

Sure, true populists have no need for parliaments, they need one strongman (or woman) they can make responsible for everything. Everything else is just too complicated for their gut thinking.
Rating: 9 Votes
25 months ago
All you need to know is that the opposite should happen of anything the horrible horrible Amber Rudd says.
Rating: 9 Votes

[ Read All Comments ]