According to a blog post from the EFF, the European Union (EU) might be changing directions regarding encryption, perhaps influenced by the Five Eyes. This is not a new discussion and public safety is given as the reason to weaken encryption. However, any weakening of encryption will inevitably allow illegal activity, so the disadvantages outweigh the benefits.
Whilst in the past, the EU was supportive of privacy-protecting technologies like end-to-end encryption, this might be changing. According to the blog post, one option that the EU is considering could be that end-to-end encryption is not broken in the process, but that a compulsory piece of software could scan it at the end.
Another type of backdoor
This is just another type of backdoor. It has long been the consensus of security specialists that backdoors are dangerous and undesirable. Indeed, “scanning on the client” seems to be even worse than breaking a given encryption scheme: not only can the communication be read, but whoever controls the scanner now has likely full access to all information stored on the device. Software like this exists today and is called spyware. It is widely considered to be dangerous and to be avoided.
In fact, it is not possible to weaken the encryption in such a way that only the communication of the “bad actors” can be monitored without destroying the privacy of all citizens and increasing the threat of cybercrime.
The hoped-for benefit of being able to access encrypted communications would not be effective. This is because, as soon as such measures are implemented, “bad actors” would switch to private languages that cannot be decrypted or understood, or to other channels. Meaning that any benefit would be short-lived. The harm to the general public would remain, however, because the backdoors cannot be limited to lawful interception: they can and will be used by criminals for unlawful interception. As soon as a backdoor is built in, it is misused by criminals, such as fraudsters or spies who fish for passwords, information suitable for blackmail or trade secrets.
For reasons outlined above, the ISOC Switzerland Chapter would be very concerned if the technologies mentioned above were to be considered for implementation, and we would disapprove any such implementation.
Encryption Ensures Everyone’s Security. Click the below links to learn more about the ins and outs of encryption as well as the ISOC Switzerland Chapter’s commitment to promoting and defending encryption: