Advertisement

EU proposes banning encryption backdoors

End-to-end security could be mandatory across most of Europe.

The European Union might want it to be easier for police to obtain data, but that doesn't mean it'll be easy for officers to read that data. The European Parliament has proposed amended regulation that would not only require end-to-end encryption when available, but forbid backdoors that offer guaranteed access to law enforcement. EU residents need to know that the "confidentiality and safety" of their data is "guaranteed," according to the draft, and backdoors risk "weakening" that privacy.

The proposal has to be approved by Parliament and then reviewed by the EU Council, so there's still a chance that the rules will be softened if and when the amendments pass.

If they do clear, though, they could set up a conflict between the EU and countries that aren't so fond of encryption. The UK is undoubtedly the main concern, even after it leaves the EU. A ban on backdoors would make it difficult for the country to enforce the Investigatory Powers Act's requirement that companies remove "electronic protection" when possible. How would that be meaningful when virtually every tech company in Europe is encrypting data traffic? You're not likely to see UK-specific versions of apps that introduce security holes.

This would also thwart the efforts of some American politicians (such as Senators Richard Burr and Dianne Feinstein) to effectively ban airtight encryption. While those proposals have largely stalled, they'd face an even tougher battle in Congress if it meant pitting American and European security policies against each other. Simply put, the EU could wind up dictating encryption strength well beyond its member states' borders.