Donate
Confronting European Encroachment on Encryption Thumbnail
‹ Back
Encryption 9 June 2021

Confronting European Encroachment on Encryption

In late 2020, as Portugal prepared to take over the rotating Presidency of the Council of the European Union (EU), the Internet Society’s Portugal Chapter began ramping up its advocacy against worrying new plans to create encryption backdoors.

The Council of the European Union, in a resolution in November 2020, and the European Commission (EC), in a communiqué on counter-terrorism and a proposal for legislation to fight child sexual abuse in December 2020, expressed their intention to regulate cryptography in digital communications. They pledged to find solutions to allow authorities “lawful access” (i.e., encryption backdoors) to encrypted communications.

“We had to respond to the Commission’s position because it is horrifying,” says Internet Society Portugal Chapter President and computer science professor José Legatheaux Martins.

Encryption is the process of scrambling or enciphering data so it can be seen only by someone with the means to return it to its original state. It’s used by millions of Europeans daily and keeps information secure when people do things like bank, shop, or use messaging apps. José says this legislation would have devastating consequences to everyone’s security online.

“We think it would be a disgrace if something like this were put forward because the impact on people’s freedoms and on the security of the Internet would be huge. So, even being mere volunteers, we decided that that campaign was important to make people aware of the dangers of that position.”

Rogerio Reis, a chapter board member and cryptography professor at Porto University, drafted a chapter position paper on the issue, which they started sharing with journalists, members of Portugal’s Parliament, and members of the European Parliament back in January. Since then, at least four members of the European Parliament have used arguments from the position paper to draft written questions for the Commission of the European Parliament.

The chapter also approached Portugal’s National Human Rights Commission, which promised them a future audience to hear their positions on the potential human rights implications.

Legatheaux Martins also placed an OpEd and media interview on the topic, but felt the chapter needed to attract broader attention, so they turned the paper into a shorter open letter addressed and sent to the prime minister of Portugal, as the current rotating president of the EU Council.

“Our intention was to make some noise,” says Legatheaux Martins.

On 1 April, the open letter was published in Portugal’s most respected national newspaper, Público, which has 80,000 regular readers.

It states that it “is unreasonable to expect that such a voluntary weakening of encryption would not lead to security breaches…thus facilitating an increase in criminal actions. This would dramatically undermine public confidence…could have dramatic consequences for an economy which is strongly based on digital transactions.”

It argues that this “will only affect the common citizen, without reducing criminal practices…[affecting the] right to privacy and secrecy of communications (e.g., with banks, financial institutions, legal advisors)…to the detriment of their democratic freedoms…”

They also asked a number of leading Portuguese digital associations to co-sign the open letter, finding five allies.

The Prime Minister’s Office has, to date, only acknowledged receiving the open letter.

“It’s difficult to measure any impact yet because they [the EU Council, Commission and Parliament] are at the beginning of discussions,” says Reis. “It will be most effective if Portugal’s parliamentary Commission invites us to speak…where we can eventually influence members of Parliament, and maybe even the government, as part of a chain reaction.”

To garner international attention, the chapter translated the letter into English and approached the Internet Society’s Switzerland and Netherlands chapters to help with editing. They also emailed all European chapters to see if they would be interested in co-signing. A dozen did.

“We agree 100% that breaking encryption is not going to work and will only put ordinary folks like us in danger,” says Alexander Blom, president of the Netherlands Chapter, adding that the chapters were eager to sign and work together. “I think it’s one of the first times that we, as European chapters, are working together in a political sense. We think it’s a great opportunity to do something in a European context and I personally expect this will be the first of many.”

The English version of the open letter was published on the Internet Society Portugal website and social media on 14 April, garnering more than 1,000 page views – much higher than their usual 100 or so.

Although Legatheaux Martins is modest about the initiative, Internet Society staff say it is remarkable. “In my years at the Internet Society I’ve never seen such a coordinated effort, that was just so grassroots,” says Konstantinos Komaitis, Senior Director of Policy Development and Strategy for Internet Society. “We played a role as coordinators, but this was all them. … There seems to be a small movement brewing among European chapters.”

The Portugal Chapter has also inspired others to exchange information and work together, and not just in Europe. The Brazilian Chapter has invited them to speak at an online event and also wants to submit comments on the European encryption consultation.


Image by Sonia Kuniakina via Unsplash

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

EU Internet Society Chapters Call on European Commission to Follow the Path of Strong Encryption. Here’s Why You Should Too.
EU Internet Society Chapters Call on European Commission to Follow the Path of Strong Encryption. Here’s Why You Should Too.
Encryption16 December 2020

EU Internet Society Chapters Call on European Commission to Follow the Path of Strong Encryption. Here’s Why You Should Too.

Internet Society Chapters in Europe are warning the European Commission that its recent plea for Member States to help find...

Businesses Can’t Afford to Lose Trust in the Encrypted Economy, and Neither Can You
Businesses Can’t Afford to Lose Trust in the Encrypted Economy, and Neither Can You
Strengthening the Internet28 January 2021

Businesses Can’t Afford to Lose Trust in the Encrypted Economy, and Neither Can You

End-to-end encrypted platforms have become an important means to establish online trust for businesses and individuals globally – and law...

Weakening encryption might be an easy fix, but counterproductive in the long-run
Weakening encryption might be an easy fix, but counterproductive in the long-run
Encryption6 July 2017

Weakening encryption might be an easy fix, but counterproductive in the long-run

The debate on encryption in the EU has followed a familiar path in pitting national security against concerns about civil...

Join the conversation with Internet Society members around the world