Letter to Coucil and Commission to stop compromising encryption
11. November 2020
To Charles Michel, President of the European Council
To Horst Seehofer, German Minister of the Interior, Building and Community
(Presidency of the Council of the EU)
To European Commission
Margrethe Vestager, Executive Vice-President “A Europe Fit for the Digital Age”
Ylva Johansson, Commissioner “Home Affairs”
Thierry Breton, Commissioner “Internal Market”
Dear Sir/Madam,
Encrypted communication has come under attack from both the European Commission as well as most recently the Council. Commissioners Ylva Johansson and Thierry Breton have stated publically that messenger services would be required to allow access to encrypted messages. 1 The Financial Times also reported in September 2020 on an internal note of the Commission detailing such plans.2
Austrian radio station FM4 on 9 November 2020 reported on and published a draft Council resolution that is scheduled to be adopted in December 2020.3 The Council calls for measures that go beyond what the Commission has so far proposed and would foresee access of “competent authorities” to encrypted messages also to fight terrorism and organised crime. We are dismayed that the Council is quietly adopting such a controversial proposal, without any meaningful public debate about the call for European legislation.
The Article 29 Data Protection Working Party and its successor the European Data Protection Board remind us that “[t]he availability of strong and trusted encryption is a necessity in the modern digital world. Such technologies contribute in an irreplaceable way to our privacy and to the secure and safe functioning of our societies”.4
Introducing backdoors and master keys severely compromises the strength and efficiency of encryption. No technical solution can guarantee the same level of security. Backdoors can and will be abused by criminals, external state actors and forces who seek to destabilise our society. Granting law enforcement or “competent authorities” access to encrypted messages therefore severely threatens the security of users. This was also pointed out by German data protection and cybersecurity specialists in an open letter in June 2019.5
The citizens of Europe cannot accept having their cybersecurity compromised, especially at a time when digital tools of communication have become the norm for many in their private and professional lives.
We object in particular to use the recent terrorist attacks as a way to further this agenda. Current regulations give law enforcement access to an already large amount of data and information. We agree with data protection specialists that “access must remain proportionate and targeted” and law enforcement “should focus on improving their capabilities to interpret those data to investigate and prosecute criminals”.4
In conclusion, we call on the European Commission and the Council to stop and retract all plans that involve compromising encryption.
Kind regards,
Members of the European Parliament
Claudia Gamon
Moritz Körner
Sophie in ‚t Veld
Mazaly Aguilar
Alviina Alametsä
Abir Al-Sahlani
Rasmus Andresen
Petras Auštrevičius
Pernando Barrena
Michael Bloss
Patrick Breyer
Milan Brglez
Saskia Bricmont
Jorge Buxadé Villalba
Anna Cavazzini
Antoni Comín
Clare Daly
Margarita de la Pisa Carrión
Gwendoline Delbos-Corfield
Cornelia Ernst
Fredrick Federley
Alexandra Geese
Andreas Glück
Klemen Grošelj
Svenja Hahn
Roman Haider
Irena Joveva
Eva Kaili
Petra Kammerevert
Łukasz Kohut
Marcel Kolaja
Athanasios Konstantinou
Maximilian Krah
Sergey Lagodinsky
Erik Marquardt
Georg Mayer
Karen Melchior
Martina Michels
Ulrike Müller
Hannah Neumann
Jan-Christoph Oetjen
Clara Ponsatí
Carles Puigdemont
Emil Radev
Evelyn Regner
Andreas Schieder
Michal Šimečka
Ivan Vilibor Sinčić
Ramona Strugariu
Nils Torvalds
Kim van Sparrentak
Monika Vana
Bettina Vollath
Harald Vilimsky
Nikolaj Villumsen
Thomas Waitz
Mick Wallace
Sarah Wiener
1 https://fm4.orf.at/stories/3006235/
2 https://www.ft.com/content/c5336824-140c-49ee-85a4-c8197f829bfd
3 https://fm4.orf.at/stories/3008930
4 https://ec.europa.eu/newsroom/article29/document.cfm?action=display&doc_id=51026
5 https://digitalegesellschaft.de/2019/06/offener-brief-geplanter-eingriff-in-verschluesselung-von-messengerdiensten-haette-fatale-konsequenzen/