Internet Society Chapters in Europe are warning the European Commission that its recent plea for Member States to help find ways to access encrypted communications could make millions of citizens and countries more vulnerable to harm and terrorism online.
Representing digital security experts who share the Internet Society’s mission for a bigger and stronger Internet, several EU chapters issued statements expressing concern about the danger of the Commission’s request for backdoor access to encrypted communications in its Counter Terrorism Agenda. It was announced the same week the European Medicines Agency was victim to a major data breach when cyber attackers unlawfully accessed sensitive documents about COVID-19 vaccines.
End-to-end encryption is crucial to the security of European citizens, its economy, and the national security of its Member States. It is our strongest digital security tool online because it keeps data and communications private between the sender and receiver. Even the European Commission relies on Signal, an end-to-end encrypted messaging app, to secure its communications.
A recent report signed by over 50 leading cybersecurity experts shows how there is no way to give law enforcement access to end-to-end encrypted communications without putting all users at risk.
Encryption backdoors are dangerous because they can be accessed by anyone who finds them. Undermining encryption by introducing backdoors to encrypted communications would leave Europe exposed to attacks, including its citizens, businesses, member states, and its institutions. The risk of having their confidential communications accessed by criminals and terrorists will increase significantly.
Backdoor access to encrypted services and communications also puts the integrity of information at risk of data tampering. In the case of the European Medicines Agency breach, for instance, vital epidemiological and vaccine study data could have been altered with devastating consequences.
End-to-end encryption helps protect vulnerable individuals, including survivors of abuse and LGBTQ+ community members who use encryption to communicate confidentially and to seek help without fear of retribution. End-to-end encrypted communications also protects journalists, activists, protected witnesses, undercover police, and many others who rely on secure and confidential communications. Europe has committed to supporting such vulnerable groups.
European Chapters are asking the EU to support strong encryption to ensure the security of its citizens as well as economic and national security of its Member States. And so can you.
Here’s how you can help:
According to our chapters, the best way to help the European Commission understand the dangers of compromising end-to-end encryption is to make some noise about why it’s important. Here are a few reasons why EU chapters care about encryption. Tell @isoccommunity and the world why this matters to you on social with the hashtag #strongencryption.
Internet Society Belgium:
“Internet Society Belgium Chapter is extremely concerned by the possible project of European Commission to undermine encryption on the Internet. This would produce the opposite effect, putting civil society, legal businesses and democratic governments at risk, while reinforcing criminality. We concluded this based on extensive study of reliable sources, including MIT, who stated that ‘such access will open doors through which criminals and malicious nation-states can attack the very individuals law enforcement seeks to defend.’”
Internet Society Portugal:
“This is very disturbing. Although the EC statement also mentions the need to defend the rights of individuals and organisations to use secure communications, almost all experts believe that there is no way to limit the use of end-to-end encryption without introducing mechanisms equivalent to backdoors with universal access by the police, which, even with a judicial mandate, would end up falling into the wrong hands, being abused and permanently weakening the use of secure communications.
This would have dramatic consequences on businesses and citizens and would fuel an unprecedented attack on individual guarantees in the EU for all those who depend on cryptography to continue their missions such as conducting critical business, political and government activities, journalists, social activists, people persecuted for their ideas, etc. Furthermore, this measure will be ultimately ineffective, as it will not harm the activity of real criminals, only affecting the rights of the law-abiding citizens as well as damage their confidence in digital media.
Internet Society Germany:
“ISOC.DE considers undermining the integrity of encryption as a threat to both society and economy. Backdoors, no matter under what name, will introduce a systemic and uncontrollable risk. History has shown that knowledge enabling ‘exceptional access’ cannot be kept secret, will leak and will be abused. We also advise against playing risks down by deceptive language: end-to-end encryption will not be enhanced by adding more ‘ends’ to the equation.”
Internet Society France:
Encryption plays a key role in securing online communications and in building trust in the information society. Strong encryption helps enable basic fundamental rights, such as data protection or freedom of speech, as well as protect Internet users from criminal activities. Weakening encryption will only result in serious harm to trust and the confidence of citizens in the democratic process.
The Chapter held a webinar about the importance of encryption for the European Union.
Watch the video.
Internet Society Switzerland:
“… In fact, it is not possible to weaken the encryption in such a way that only the communication of the “bad actors” can be monitored without destroying the privacy of all citizens and increasing the threat of cybercrime …”
Read the full statement.
Internet Society Slovenia:
The Chapter joined an open letter of over 150 academics and other stakeholders to express concern:
“… In this letter, we encourage policy makers and authorities in the EU to continue their support of strong cryptographic tools since these tools ensure basic rights and protect businesses from criminal activities …”
Read the full statement.
Internet Society UK England:
“A key danger of weakened or poor encryption is that it can fail without dependent parties being aware. So everything can look secure when it is not. Without strong encryption at global scale the entire digital information infrastructure will be put at serious risk, including legislators themselves that call for such rules.”
Image by Guillaume Périgois via Unsplash