Blogs | Privacy and data protection | Privacy and confidentiality | Surveillance and data retention

Germany asks what should the EU do about encryption for law enforcement?

On 22 September, Statewatch released a document issued by the German Presidency of the Council to help establish a common EU position on finding ways around encrypted communications for the needs of law enforcement.

By Statewatch (guest author) · October 14, 2020

(This post an extract of a longer article published by Statewatch here)

This document circulated by the German Presidency declared that “the weakening of encryption by any means (including backdoors) is not a desirable option.” Instead, the intention must be to find “legal and technical solutions” through dialogue with technology service providers, member states, academic experts and others.

The document aims at finding a “regulatory framework that safeguards the advantages of end-to-end encryption without compromising the ability of law enforcement agencies and judicial authorities” and to find “technical solutions to safeguard that access with minimum impact on fundamental rights and data protection.

As Jesper Lund of EDRi member IT-Pol commented on Twitter: “The Commission has a clever political solution to solving the impossible problem of LEA access without mandating specific #encryption backdoors: put companies in charge of weakening the security of their own communications services!”

Digital rights group have solutions

EDRi submitted a response to the German Presidency asking for:

– encryption to become the norm

– investment in the development of better tools for digital forensics

– Member States to be obliged to inform about security vulnerabilities and

– Member States to abandon ideas to weaken security measures in the name of “security”.

Where the EU goes next will depend on the capacity of human rights groups to defend encryption as a feature, not a bug, of the EU fundamental rights framework.