French Parliament Votes For Law That Would Put Tech Execs In Jail If They Don't Decrypt Data

from the goodbye-computer-security-in-france dept

Okay, this is just getting silly now. A bunch of reactionary French politicians have voted to put tech execs in jail if they refuse to decrypt data for criminal investigations:

The controversial amendment, drafted by the rightwing opposition, stipulates that a private company which refuses to hand over encrypted data to an investigating authority would face up to five years in jail and a €350,000 (£270,000) fine.

Telecoms operating companies would be liable to lesser penalties but would still face up to two years in jail.

Of course, this comes at the same time that basically the entire tech industry is rallying in support of Apple’s stance of refusing to hack into its own systems to remove security features and make it easier to decrypt data. And it’s coming right as the world was ridiculing Brazil for arresting (and then releasing) a Facebook exec for refusing to hand over data from subsidiary Whatsapp.

This kind of move is so stupid on so many levels that it defies any kind of logic. It’s bad for security, because weak encryption puts us all at much greater risk than the threat of terrorists or criminals using encryption (in part, because this kind of thing won’t stop them from using secure encryption, and in part because those threats are very low probability risks). It’s also bad for the economy, because you’ve just given a ton of important tech companies every reason in the world to no longer operate in France due to such a ridiculous law that may put execs in jail. It’s bad for the public in that it will mean less secure services and devices that put them at risk, while also potentially cutting off more innovative and useful products and services.

This is the kind of kneejerk reaction from people who are too ignorant and too scared to understand the actual technology and the actual issues at stake. Why do citizens in these countries continue to allow ignorant scared people to make such blatantly bad rules?

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “French Parliament Votes For Law That Would Put Tech Execs In Jail If They Don't Decrypt Data”

Subscribe: RSS Leave a comment
That One Guy (profile) says:

Mandatory 'Golden Keys' with one law

Bad for security.

Bad for the economy.

Bad for the public.

One guess as to who benefits from such a law. Figure that out and you figure out the most likely source of the push for it.

If there’s a hefty fine and jail time in the wings for refusal to hand over decrypted data, then it becomes effectively legally impossible to offer security that a company cannot break themselves if ordered to do so, which means that no matter how far the tech advances, there will always be at least one glaring vulnerability in the security employed and the products sold in any country with a law like this.

Anonymous Coward says:

Re: Mandatory 'Golden Keys' with one law

It’ll be like the secret sauce scene in Fast Times at Ridgemont High, except with companies knowing each other’s security vulnerabilities and neither being able to legally close them.

Brad: Okay, here’s your preparation stuff. You got your sliced tomatoes, shredded lettuce, secret sauce.

Guy: What’s the secret sauce?

Brad: Thousand Island dressing. What’s the secret sauce at Bronco Burger?

Guy: Ketchup and mayonnaise.

And that will become:

Joe: What’s Microsoft’s vulnerability?

Andy: It’s [insert tech jargon here that I can’t fake here]. What’s Apple’s vulnerability?

Joe: It’s [insert more tech jargon I can’t fake here].

Anonymous Coward says:

Why do citizens in these continue to allow ignorant scared people to make such blatantly bad rules?

Because most technically competent people do not want to go into politics. They are usually of the opinion that cooperation rather than coercion is the way to do things, and cooperation does not fly when it comes to politics, but rather gets them ridiculed for not having a definite answer to a problem.

kallethen says:

Why idiots keep getting voted in.

Why do citizens in these continue to allow ignorant scared people to make such blatantly bad rules?

I think Douglas Adams put it best.

“So,” said Arthur, hoping he wasn’t sounding ridiculously obtuse, “why don’t people get rid of the lizards?”
“It honestly doesn’t occur to them,” said Ford. “They’ve all got the vote, so they all pretty much assume that the government they’ve voted in more or less approximates to the government they want.”
“You mean they actually vote for the lizards?”
“Oh yes,” said Ford with a shrug, “of course.”
“But,” said Arthur, going for the big one again, “why?”
“Because if they didn’t vote for a lizard,” said Ford, “the wrong lizard might get in. Got any gin?”

(Mind you, the same would be true of my own government…)

Groaker (profile) says:

Re: Why idiots keep getting voted in.

In the ’50s, if you didn’t understand how TV, radio and the telephone worked, then at least you knew someone who did.

Now knowledge in the sciences has become so vertical that it takes a lifetime to understand what is half way to the hemorrhaging edge. Fifty years ago I did investigatory work in Quantum Mechanics. Today I don’t have a clue as to what is going on. Quantum entanglement, quantum computing, qubits, and more?

My dad went to NYU for engineering. One of his chemistry labs was beating flour and water in a cloth sack to demonstrate the formation of gluten. I laughed at this. When my daughter was in 9th grade she was being taught concepts I didn’t hit until grad school (minus the math.) An interesting question is just how much can the mind hold?

People fear what they do not understand. The Salem witch trials are repeating. Italian scientists went to jail for “failing” to predict an earthquake. Now tech execs are going to jail. How long before they are dragged into the streets for lynching?

ThatFatMan (profile) says:

Re: Why idiots keep getting voted in.

I think this quote from Douglas Adams is even more on point:

It is a well-known fact that those people who must want to rule people are, ipso facto, those least suited to do it… anyone who is capable of getting themselves made President should on no account be allowed to do the job.

While it is limited to discussing the President, I think it applies to pretty much any elected official.

Anonymous Coward says:

Re: Re: Why idiots keep getting voted in.

You can write in none of the above. It will count the same as any write in vote. If enough people do it, politicians might take note of it.

I’m planning on voting for Bill the Cat in 2016. Please join me, or vote for Mickey Mouse or Honest Gil. It really doesn’t matter, it will just be counted as write in.

ThatFatMan (profile) says:


Citizens continue to allow ignorant scared people to make such blatantly bad rules because they don’t know any better. They are, largely, ignorant and scared too.

Fear it seems is a good way for governments to grab more control over the people they are supposed to serve. Here in the US, we have plenty of similarly bad rules and laws bred from ignorance and fear. For example, we’ve been given things like DHS, the TSA and NSA mass surveillance of Americans “because terrorism”. This is a problem not unique to France.

Anonymous Coward says:

How about someone compile a list

I would like to see a list in standard form that everyone can understand that documents the government employee and what they have voted for/done against the citizens. There will be prosecution in the future and there needs to be a simple list that shows what the leaders have done. The average citizens doesn’t remember getting crapped on 10 minutes after a senator/president/dictator does it to them.

Keroberos (profile) says:

Why do citizens in these continue to allow ignorant scared people to make such blatantly bad rules?

Because the vast majority of these citizens are just as ignorant about why strong encryption is important to a technological society as the politicians trying to pass these laws–and like these politicians they have no desire to learn anything about it–so like these politicians they are easily exploited by those who want to undermine these systems–who for the most part are probably just as ignorant as to why this is a bad idea as everyone else.

I know it’s very cynical of me, but in my view the world is run with a recursive cluster—- of ignorance and stupidity.

Anonymous Coward says:

Because civilian crypto is more corrosive than fraud, pollution, graft, espionage, etc.

I get the feeling from all of these kinds of demands that this is driven by some sort of bizarre collective need for reciprocity. My thinking is that legislators are being so grey-mailed by data brokers that it is looking for some payback.

What is bizarre is that in most cases, that grey mail is sourced for violations of civil rights the state is compelled by sovereign duty to protect.

The question then becomes: “Why; in consideration of the legal leverage already available by simply executing the law rightously; legislators endeavor to emulate the most psychopathic corporate executives in the world?”

Or in a nutshell, RTFM you oafs. Rev 1.0 was written in France in 1791, and in the U.S. in 1789. Everything you need to know, is right there. Stop calling meetings. We don’t care how cool you are. Just focus on the fundamentals, and do your damned job.

Anonymous Coward says:

Re: Because civilian crypto is more corrosive than fraud, pollution, graft, espionage, etc.

Oh, come on… you KNOW that any v1.0 will have bugs!

More to the point, those critical freedoms, those bill of rights amendments are only outlined in the constitution. Precedent set by the courts creates the practical shape of those rights.

Is dancing ‘free speech’ ? Is flag burning? Is computer code? The constitution says “speech”, not “acts”, in those words on paper. It is precedent you have to thank for your freedom to burn flags.

… and also for regulation of dancing, the long disclaimed “fire in a theater” metaphor, the “death-by-inches” of abortion clinic legislation, etc. It’s not all good, not all bad.

mcinsand (profile) says:

kneejerk mentality

I have no doubt that, if a company was stupid enough to add encryption backdoors, these same legislators would be screaming to blame the company when the backdoors backfire. The question is not whether those backdoors will be misused but when they are misused. We can be certain that the people demanding weakened security will not take responsibility for putting citizens at risk, so they will abuse their legislative power to blame someone else, of course.

Anonymous Anonymous Coward says:

Rejecting Tech

Once all the executives that produce encrypted products and have some sort of office in France have been arrested, the criminals, terrorists, and citizens (it WILL be more difficult to tell the difference) will use encryption from companies that have no offices in France. Now they have destroyed a growing piece of the economy, at least growing in theory.

The IoT in France is going to be a lot of fun, for someone.

I can imagine the Keystone Cops competing with the Pink Panther for most ‘liked’ videos depicting the race to catch IoT enabled thieves. Lot’s of slapstick, little results.

Dismembered3po (profile) says:

So, maybe I'm the only one....

So, has anyone read the actual legislation? I don’t speak or read French.

The thing I wonder is:

The Guardian article states, “…stipulates that a private company which refuses to hand over encrypted data…”

So, does the legislation actually say, “hand over the decrypted data?”

This would seem to be an important distinction.

Anonymous Coward says:

Quoting a comment over at Torrentfreak...

“Every time I hear mention of legislators and jurists in the context of contemporary science and technology issues, I am reminded that statistically speaking half the people you meet have below average intelligence. I suspect that something about the lure of the-power-to-legislate-or-interpret-laws may skew those numbers in favor of the shallow end of the IQ pool.”

To which I add that legislators and jurists are also most frequently the guys who studied non-sciencey and non-mathy disciplines ‘cuz those were MUCH easier to pass.

Shallow AND lazy.

Anonymous Coward says:

when will France learn.

So the French seem to be mimicking America again but taking things to a new level without regard of the consequences.

America had a revolutionary war where we kicked out the British. France did the same thing to their existing government but went to the extreme of guillotining the ruling class.

America suffered terrorist attack on 9/11 then proceed to create knee-jerk legislation. France has a similar event but then go overboard on the replacement of freedoms and even encryption.

Anonymous Coward says:

Re: when will France learn.

France did the same thing to their existing government but went to the extreme of guillotining the ruling class.

Not quite true, as after Napoleon they restored the Bourbons to power, with some limitation on that power, just like the English civil war led back to a restored monarchy, with some limitations on their power.
If you want to see just how messy revolutions can be visit

TDR says:

I wonder what would happen, theoretically, if no one voted at all in political elections? Most candidates are completely corrupt and unfit anyway. But without the facade of election, they can’t pretend a democracy still exists. And they would have no way of knowing who would get the office. It might bring the entire machine to a halt, which could be just the thing we need.

ECA (profile) says:

Lets do it..

Lets walk into the parliament..
And decrypt all their phones and tablets..
LETS bring in a List of every person they have called in the last year..

WHAT and WHICH encryption do you want to do/look at/decrypt??
The Phone, the Programs…
Even if you COULD get the Phone the customer Could of placed their OWN PROTECTIONS..


Anonymous Coward says:

i bet the French people are thinking ‘why the hell did my relations go and die trying to stop a certain country with certain views from instilling them on to the rest of the World when our own government is doing the same sort of thing to us now?? like the UK, France has condemned countries like China and Iran for their lack of freedom and privacy, now it’s doing exactly what those countries do, remove all freedom, privacy and security! it’s doing what terrorists do but under a different flag! and be sure of this, it isn’t to catch criminals or terrorists, it’s to keep a firm grip on what ordinary people do! after all, they have nothing to hide so they’re a hell of a lot easier to track!!

Anonymous Coward says:

‘Why do citizens in these countries continue to allow ignorant scared people to make such blatantly bad rules?’

probably for the same stupid reasons that companies, industries etc are allowed to write self important rules that do nothing but harm to the various countries and peoples involved, while ensuring that their profits will continue to come in and, if needed, governments can be sued for more if they want! yes! TPP, TTIP and a dozen other trade deals are what i’m talking about! why has no government had the balls to say ‘NO’ to them?

Mat (profile) says:

Speaking of Europe and Cryptography

“The solution is not, of course, that encryption should be weakened, let alone banned. But neither is it true that nothing can be done without weakening encryption,” he said, adding that it was wrong to see every attempt to tackle the misuse of encryption by criminals and terrorists as a “backdoor”.

If it can be used against someone ‘misusing’ it, it can be used against a legitimate user. Why is this so hard for some people to understand?

That One Guy (profile) says:

Re: Speaking of Europe and Cryptography

Because doing so would force them to admit that they were wrong, completely, and it’s a rare politician or ‘public servant’ that can manage a feat like that.

If nothing else it would require them to admit that they were saying things that they had no real knowledge about before, and once they admit that they’ve either lied and/or made factually incorrect statements before, that brings in to question future statements they might make.

That Anonymous Coward (profile) says:

The nation that gave us –
Right to be forgotten – Allowing predators to demand the world be blind to their crimes & actions making people less safe.

Draconian Copyright Punishments – while the leader of the nation violated copyright multiple times in commercial infringement.

It is so wonderful seeing the pandering to try and shore up their poll position. They give 2 shits about encryption, but they need to ride the wave that they helped create. They have learned nothing from their other championing of cause celeb and I hope it burns them all.

How much longer can they keep trying to turn the dial past 11 before it snaps?

Get off my cyber-lawn! (profile) says:

Notable French Firsts....

First to successfully capture a fleet at anchor with cavalry officers (Den Helder – look it up!)

First to lose a war against Greenpeace (yea they blew up the Rainbow Warrior but lost the war)

And soon, first to criminally charge corporate executives for failing to decrypt data. I agree most corporate executives should be charged….just not with this!

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...