Weakening encryption might be an easy fix, but counterproductive in the long-run Thumbnail
Encryption 6 July 2017

Weakening encryption might be an easy fix, but counterproductive in the long-run

By Frédéric DonckFormer Regional Vice President – Europe

The debate on encryption in the EU has followed a familiar path in pitting national security against concerns about civil liberties and privacy. On the one hand, Governments and intelligence agencies have increasingly claimed that the widespread use of encryption could threaten national security. The UK government has gone so far as describing encrypted communication apps as giving “terrorists a place to hide”, while its French and German counterparts have likewise attacked these technologies as a barrier to law enforcement and counter-terror efforts.

On the other hand, privacy advocates and security experts have maintained that “encryption and anonymity, provide the privacy and security necessary for the exercise of the right to freedom of opinion and expression in the digital age”. Beyond, they claim that a weakening of encryption would in itself create new (cyber) security concerns. Many insist that there is no secure way to enable government access to encrypted technology and that any system that attempts to do so is necessarily compromised.

Strong encryption is an essential piece to the future of the world’s economy, and the Internet Society believes that encryption should be the norm for Internet traffic and data storage. It allows us to do our banking, conduct local and global business, run our power grids, operate communications networks, and almost everything else.

Encryption is a technical building block for securing infrastructure, communications, and information. It should be made stronger and universal, not weaker.

This is an argument, together with privacy concerns, that seems to have been taken on board by the LIBE committee of the European Parliament. LIBE has proposed a ban on so-called backdoors that would allow law enforcement access to the content of encrypted messaging. As part of ongoing reform of the privacy rules for electronic communications, the LIBE committee parliamentarians have tabled an amendment to the proposed Regulation, which would promote the use of encryption for electronic communications, and prevent Member States from “impos[ing] any obligations on electronic communications service providers that would result in the weakening of the security and encryption of their networks and service”. Should the LIBE committee win the support of the rest of the European Parliament and of the Council, individual Member States would be barred from mandating backdoors.

The Parliament is certainly not alone at EU level in its concerns. The Vice-President of the European Commission Andrus Ansip, who is responsible for of the Digital Single Market, stated that he continues to believe that creating backdoors to encrypted messaging systems would not help combat terrorism. Meanwhile, the EU’s cybersecurity agency, ENISA, also come out strongly against such measures arguing that “undermining the privacy of freely encrypted tools will generate a new market for new private encrypted products to serve the criminal community”.

The argument, however, is far from won. The European Council in a recent statement called for the problem that end-to-end encryption causes for law enforcement and counter-terror efforts to be addressed. Under this continued pressure from Member States, the European Commission is said to be drafting options to provide authorities with access to encrypted applications.

We at the Internet Society recognise the legitimate concerns of law enforcement agencies but we also remain firm in our conviction that encryption is an important technical solution that all Internet users—individuals, governments, businesses, and other communities — should use to protect their communications and data. Weakening encryption might well be an attractive idea, but it is counterproductive in the long-run. What we need instead is to come together in support of a safer Internet and explore better ways to address the concerns of both the law enforcement community and digital users.

We, therefore, applaud the European Parliament LIBE committee’s initiative and invite the Commission and European Council to resist the urge to implement a short-term fix for its security concerns and instead protect this important foundation for trust, privacy, and security.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Strengthening the Internet 30 May 2024

Bill S-210 Threatens Canadians’ Access to the Internet 

Canadian Bill S-210 threatens to break the Internet in Canada and fragment Canadians' access. Help spread the word that...

Strengthening the Internet 12 March 2024

Nevada Wants to Reduce Online Protections for Children: All Internet Users Should Benefit from Strong Encryption

Protect children online by supporting end-to-end encryption in Facebook Messenger. Join us in the fight against weakening online protection...

Strengthening the Internet 31 January 2024

Keeping Kids Safe Online: Navigating the New Parents’ Guide to Encryption

Do you know how you're keeping your kids safe online? Using encryption, there are simple changes you can make...