The European parliament’s committee on civil liberties, justice and home affairs has suggested that amendments to the 2002 regulation on privacy and electronic communications (ePrivacy) are required in order to safeguard encryption. Specifically, the proposal calls for a ban on ‘backdoors’ into encrypted communications and services.
Although the proposals are still a long way from becoming law, the recommendations put the EU in direct conflict with countries such as the UK that have long been calling for access to secure communications.
However, as we have made clear before, the desire to circumvent encryption is incredibly concerning. As such, it is encouraging to see a government body to come out so strongly in favour of encryption technologies. Businesses of all sizes, and individuals, not only have every right to protect their data (and that of their customers), but also have a responsibility to do so.
At Artmotion we have always offered our customers the highest levels of privacy security for their data, and encryption forms a key part of the service we offer. As such we genuinely hope that the EU can follow through on these proposals as that can only be a good thing for everyone who does business in Europe.
This quote from a UK government official, perhaps more than any other statement, cuts to the core of the tension that exists around the issue of data encryption.
As we have documented here previously, governments, technology companies, enterprises and users have been at loggerheads over encryption for a number of years. Governments, particularly in the US and the UK have called for weaker encryption to aid security services in their efforts to combat terrorism, while businesses and users have largely been appalled by the idea that their data should be made less secure.
This issues remain close to the surface as reports this month reveal that the Conservative party in the UK, should it win the upcoming election, plans to push through measures to allow controversial Technical Capability Notices (TCNs) to force telcos, ISPs and social networks to hand over details of users’ communications – further weakening encryption in the UK.
These reports, and the quote from the unnamed UK official should show once and for all that for the UK and a number of other countries data privacy is seen as an inconvenience – something to be watered down and worked around, rather than something to be defended.
As the Open Rights Group commented: “It is worrying to hear that … the Home Office wants to push ahead with proposals to force companies to weaken the security of their products and services. Our core concern is that using TCNs to force companies to limit or bypass encryption or otherwise weaken the security of their products will put all of us at greater risk.”
There is no doubt, that for businesses operating in the UK this news should be extremely troubling. While the efforts to get ready for GDPR have rightly been prioritised by many businesses, it is clear that threats to encryption should be viewed as an equally important issue.