Donate
European Union, Use Facts to Make Cybersecurity Decisions – Not Myths Thumbnail
‹ Back
Encryption 19 November 2020

European Union, Use Facts to Make Cybersecurity Decisions – Not Myths

Ryan Polk
By Ryan PolkSenior Policy Advisor

Nearly 450 million EU citizens are counting on the Council of the European Union to make decisions that protect their safety. The Council has a duty make these decisions based on reliable information.

In the next week, the Council of the European Union is expected to consider a resolution that argues that law enforcement “must be able to access data in a lawful and targeted manner.” This resolution is the first step of a wider push by the European Union to demand law enforcement access to encrypted data.

But are they relying on accurate information to make their decisions?

A report leaked from the European Commission in September, Technical solutions to detect child sexual abuse in end-to-end encrypted communications, tries to analyze different ways to spot illegal content in private communications that use end-to-end encryption. This leaked report could influence their decison-making on encryption policy in the EU.

The EU Commission’s report alludes to the idea that some access methods may be less risky than others. However, the bottom line is that each method presents serious security and privacy risks for billions of users worldwide.

Don’t take just my word for it. According to the Internet Society and the Center for Democracy and Technology’s joint evaluation, Breaking Encryption Myths: What the European Commission’s Leaked Report Got Wrong about Online Security, the report fails to adequately identify or evaluate the risks presented by these proposed methods of access. Breaking Encryption Myths, signed by over 30 cybersecurity experts, highlights critical omissions that undermine the utility of the leaked report. The report also fails to explore the security impact of these access methods on users, leaving dangerous vulnerabilities unmentioned.

The consensus among cybersecurity experts is clear:

There’s no way to break encryption without making everyone – including the children we are trying to protect – more vulnerable.

By forcing service providers to undermine the security of their end-to-end encrypted services, these methods jeopardize the safety of the countless people who rely on them each day. Breaking end-to-end encryption to curb objectionable content online is like trying to solve one problem…by creating 1,000 more.

Over 30 leading global cybersecurity experts from academia, civil society, and the private sector have said that the conclusions drawn by the EU Commission’s leaked report are untenable. As the Council of the European Union considers their resolution on law enforcement access to encrypted data, they must base their decisions on technical reality.

No matter the method, when you force companies to provide law enforcement with access to end-to-end encrypted communications, it weakens security for all. That is a fact.


Image by Vlad Zaytsev via Unsplash

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Weakening encryption might be an easy fix, but counterproductive in the long-run
Weakening encryption might be an easy fix, but counterproductive in the long-run
Encryption6 July 2017

Weakening encryption might be an easy fix, but counterproductive in the long-run

The debate on encryption in the EU has followed a familiar path in pitting national security against concerns about civil...

Encryption and Law Enforcement Can Work Together
Encryption and Law Enforcement Can Work Together
Encryption26 October 2017

Encryption and Law Enforcement Can Work Together

The Internet Society and Chatham House will be hosting a roundtable of experts to deconstruct the debate on encryption and...

Deconstructing the Encryption Debate: The Internet Society-Chatham House Roundtable on Encryption and Lawful Access Report
Deconstructing the Encryption Debate: The Internet Society-Chatham House Roundtable on Encryption and Lawful Access Report
Encryption24 April 2018

Deconstructing the Encryption Debate: The Internet Society-Chatham House Roundtable on Encryption and Lawful Access Report

Encryption is an important technical building block for Internet trust. It secures our infrastructure, enables e-commerce, ensures the confidentiality of...

Join the conversation with Internet Society members around the world