EU Plans To Weaken Encrypted Communications Despite Countless Warnings It Can't Be Done Safely
from the even-with-the-necessary-hashtags dept
Last week, the UK's Home Secretary Amber Rudd said that WhatsApp risked becoming a "place for terrorists to hide." Then, like many others that have used this tired old trope, she went on to call for the development of some magic unicorn key to unlock all encrypted communications, one that was somehow available only to those on the side of truth, beauty, law and order, and not to the other lot. In doing so, her cluelessness was particularly evident, as her invocation of the "necessary hashtags" emphasized, but she's not alone in that. Despite the chorus of experts pointing out for the thousandth time why it's not possible, the EU Justice Commissioner has just said that the EU must have magic unicorn keys, too. As EurActiv reports:
The European Commission will propose new measures in June to make it easier for police to access data on internet messaging apps like WhatsApp, EU Justice Commissioner Věra Jourová said yesterday (28 March), heeding calls from national interior ministers.
Jourová said she will announce "three or four options" including binding legislation and voluntary agreements with companies to allow law enforcement authorities to demand information from internet messaging apps "with a swift, reliable response".
Jourová said the measures would make it easier for law enforcement authorities to request and access data from online services that are registered outside their jurisdictions.
Jourová went on to complain that law enforcement authorities are currently dependent on service providers to provide voluntary access to encrypted communications. But as Techdirt pointed out recently, that's just not true: there are a number of encryption workarounds available. You might expect politicians to be at sea when it comes to complex digital technologies, but you would hope that their expert advisors would fully understand things. And yet here is what Gilles de Kerchove, the EU's anti-terrorism coordinator, told EurActiv:
the question is, can you open a backdoor for Europol [the EU's law enforcement agency] only, or would that at the same time create a vulnerability and open a backdoor for the Russian mafia or third party state spies?
Hey, Gilles, let a dozen of the world's top security and crypto experts save you time and effort by giving you the answer to that crucial question: "No, you can't." Got it? Can we please move on now?