German Officials Think German Citizens Need Less Security, More Encryption Backdoors


There’s another player on the world’s anti-encryption stage. Some German government officials apparently feel it’s OK for people to have encryption, but not secure encryption. The German government is exploring the idea of asking forcing tech companies to backdoor their encrypted communications platforms, presumably for the greater good of insecure humanity.

Government officials in Germany are reportedly mulling a law to force chat app providers to hand over end-to-end encrypted conversations in plain text on demand.

According to Der Spiegel this month, the Euro nation’s Ministry of the Interior wants a new set of rules that would require operators of services like WhatsApp, Signal, Apple iMessage, and Telegram to cough up plain-text records of people’s private enciphered chats to authorities that obtain a court order.

This is a move designed for efficiency, not security. German law enforcement is limited to pulling communications from seized devices currently — one of the few places where encrypted communications can be found in plain text. Of course, device encryption is a thing these days, so this option is rapidly becoming about as productive as demanding tech companies hand over communications they don’t actually store in plain text.

Something’s got to give and it seems it won’t be the government doing any compromising. But it won’t be an easy push for anti-encryption legislators. Opponents within and without the government are expected to push back hard on this dangerous idea.

The new rules are set to be discussed by the members of the interior ministry in an upcoming June conference, and are likely to face stiff opposition not only on privacy grounds, but also in regard to the technical feasibility of the requirements.

As is always the case when encryption is on the line, those pushing for backdoors are claiming this not-all-that-new method of shielding stuff from prying eyes (the government’s included) has done little but allow criminals and terrorists to operate with impunity. And as is always the case when these claims are made, zero evidence is presented that supports these theories.

One fact, however, cannot be ignored: a handful of European governments have pitched encryption backdoors over the past several years. But so far, not a single one has managed to actually implement such a mandate.

Filed Under: , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “German Officials Think German Citizens Need Less Security, More Encryption Backdoors”

Subscribe: RSS Leave a comment
Anonymous Coward says:

If they honestly think backdoors are a benefit, give them one

Since they feel that backdoors are for the best, they clearly wouldn’t mind the public having a backdoor into their most secure networks, the public should have a free look at their files. If that sounds insane, so does the idea of having an insecure network and backdoors into anything. With quantum computing, the most secure networks can be cracked within a day or two. Anyone who claims otherwise needs to be fired since they clearly don’t care about the people they work for.

Anonymous Coward says:

Re: If they honestly think backdoors are a benefit, give them on

With quantum computing, the most secure networks can be cracked within a day or two.

I’m sorry but this is simply not true, at least not in the broad strokes that the statment paints with.

It IS true that quantum computers, with Shor’s algorithm, has the potential to comprimse ECC, and RSA, which are two asymetric encryption algorithms. However see post-quantum cryptography (, which currently a developting field.

Note that, last I checked, there is no publically disclosed quantum computer cabably of launching these attacks.

Also note: while wikipidea can not be considered an authoratative source, for general ideas about what a subject/topic is, it is generally sufficent.

AES, probably the most commonly used symetric algorithm, does not suffer as much from the enhancements of quantom computing (there is an effect but no where near that gained against asymetric algorithms). Typically doubling the key size is sufficent for symetric algorithms to regain their security (so AES-256 would be approximate security, against quantum computers, as AES-128 is against classical attacks).

Uriel-238 (profile) says:

Re: Re: Rules for thee, not for me.

The backdoor-mandates conversation always goes this way. Our governments don’t want true transparency, and they argue national security to hide their communications and evade public oversight.

But then they expect the people to hobble their own communications security so the state can spy on them (again in the name of national security) not addressing that it makes them vulnerable to other aggressors (such as business rivals and corporate espionage groups).

Strong communications security (including robust crypto) is essential for any business in an industry where there are competitors, and rather than stay within the law, we can expect businesses to circumvent it, utilize steganography or ignore the law the way we ignore speed limits and age gates.

Anonymous Coward says:

While we're requiring people to provide things theydon't have...

Government officials in Germany are reportedly mulling a law to force chat app providers to hand over end-to-end encrypted conversations in plain text on demand.

What do you mean, ‘end-to-end encrypted’ implies that you don’t have the conversation in plain-text? You’re required by law to provide it to us, so you better go get it for us! How? We don’t care how!

Oh, and while you’re at it, you’re also legally required to provide us with the Crown Jewels of England and a copy of Homer’s Iliad written by the author’s own hand.

Now, hop to it!

Anonymous Coward says:

Why don’t they just demand that all internet traffic from individuals, along with their phone call meta data and audio, are stored unencrypted, along with a government logon to the database so that it is available to the authorities whenever they feel a need? Better tell the postal and parcel companies that the contents of all packages and letter are to be imaged and stored as well. That way the only people able to conspire to rob and cheat the public will be the politicians, and whoever they extend their protection to.

Anonymous Coward says:

Karmic Cautionary Tale

Perhaps the example of one, modern, first-world nation ravaged by the effects of broken encryption in the context of the contemporary world will shake other governments awake to the dangers.

<s>Maybe a generous history will record Germany as the brave, self-sacrificing country that destroyed itself to provide the much-needed wake-up call about encryption.</s>

Uriel-238 (profile) says:

Re: Re: Re: The land of slow-learners (and chocolate!)

I’m saying the advocates of hobbling communications security in Germany are failing to remember the lessons of the past. This is not to say that Germany is a monolithic state of slow learners.

If Germany’s administrators are learning slowly, they’re certainly not unique in doing so. A lot of nations, perhaps all industrialized nations have fielded the question of hobbling communications in the name of national security, or enabling law enforcement to conduct searches more easily. Typically it’s struck down, or the perverse effects of the policy are quickly discovered, and that doesn’t stop the topic from rising again and again and again.

So there is an argument to be made that human beings in general are slow learners, especially when it comes to intersections between technology and the desire to preserve status-quo power structures.

To be fair, the Zimmerman telegram serves as a study of how crypto weakens with time when there are adversarial interests who want the coded data. It’s applicability to the current situation is the concern that criminal interests will seek to find the built-in weaknesses and exploit them for their own gain at the expense of the public. And we tend to underestimate them.

I can’t speak for the corruption of German law enforcement or the institutions that support them, but institutions invariably abuse power when given too much latitude to use it. And that is the sort of things that brings ruin to nations.

That One Guy (profile) says:

'You first'

Anyone who proposes broken encryption should be faced with a ‘put up or shut up’ challenge: either all of their personal data(medical, banking, personal email and so on) is protected by deliberately broken encryption for a period of no less than a year after a public announcement of the new encryption they are using, or they publicly admit that the idea is monumentally stupid and dangerous and drop it.

If dangerous fools like that had to deal personally with the fallout from broken encryption then I suspect they would be much less eager to push it, as it’s not nearly as fun if they have to pay the price themselves and can’t just make everyone else suffer instead.

ECA (profile) says:

Re: 'You first'

LEt them Dump all our info on the net, into real life…
Let our personal data and CC# be in the public domain..
They wont be able to Prove who did what EXCEPT..the reasoning to add MORE security, More camera’s to Prove you made a purchase(Iv talked to a few people, already) Every purchase, and Every MALL will have tons of camera’s..
Even look at HOW to prove a person IS who they think they are…
Anyone for a Tattoo?

Infosspy (profile) says:

Encryption Law? Really?..

I don’t think these legislators know anything about tech except how to post on Facebook and watch kitty videos on 9gag.

Basically anyone who wants to correspond via internet via encrypted text, voice, or whatever, they can.

Encryption algorithms are public knowledge, easily implemented, and writting an APP is easy and you don’t even need to publish it on a Store.

You can, literally, in one day write an encrypted chat, with 1024+ bit encryption key, with multi layer encryption, maybe with multiple encryption keys.

And piéce of resistence, make it P2P based with discovery services in order to not have it stored anywhere.

How are they going to force whatever legislation on companies then?

Pass the communications on TOR or use VPN. How are they going to find the users? Are they fining users?

They don’t know the difference between a bit and a byte and want to chip in a conversation they don’t understand… But hey, it’s politics for you.

And politics always dabbed in shit they don’t understand.

Anonymous Coward says:

These countries want back doors. But the simple fact is, anyone with half a brain could then install 3rd party encryption, at least on Android phones that have ZERO back doors and be protected. They can’t stop that no matter how much they wish.

They want to hurt 99% of the population to try and catch that other 1%. When will end up happening is the 99% ends up getting harmed far, far worse. It’s not worth it.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...