After the attacks in Vienna, the EU Council of Ministers agreed within a very short time on a resolution which, while stressing the importance of encryption, also calls for a way to break it. In practical terms, this means that all operators of digital services, i.e. websites or messenger apps, must have a master key with which they can decrypt all encrypted communication. This resolution is the beginning of a Europe-wide legislative procedure, which may end with implementation in all European states.
Encryption is therefore no longer secure and loses its function.
Encryption has now become so common that it sneaks into your everyday life seamlessly. Do you know the green lock in your browser line? This shows you that messages between the website and your browser have been encrypted, so no one else can read them.
The most popular messenger services, such as WhatsApp and Threema, go one step further by encrypting messages not only in transit, from you to a server, but also on the server itself. Decrypting, i.e. reading, can only be done by you and the recipient of the message. Encryption is also used in some cloud services, such as Apple's iCloud, so that only you can read your files.
So you see, encryption affects you in many ways, most of the time you won't even notice it, because encryption happens so fast. But it is important so that your data, your messages and files cannot be read by anyone else with an internet connection.
Many other people depend on secure encryption to provide us, the population, with important information. US war crimes or massive espionage by the secret services would probably not have become public knowledge without encryption. whistleblowers and journalists are instructed to do so.
We have compiled a short chronology for you:
06.11.2020 The draft resolution gets finished
08.11.2020: The secret draft will be published by the Austrian Broadcasting Corporation ORF
12.11.2020: Deadline for governments to submit comments on the draft
19.11.2020: Planned resolution of the draft in the responsible working group
25.11.2020: Planned resolution in the Permanent Representatives Council
Following the resolution adopted by the Permanent Representatives Council, the European Commission is mandated to transform the resolution into EU law. The EU Parliament must then give its assent.
The EU Council of Ministers has taken a swift move to demand access to all communications, including encrypted ones, to help solve crimes. In concrete terms, this means that when using encryption technology such as WhatsApp and Signal, master keys must be kept available to decrypt any communication from the user.
The citizens' privacy is to be sacrificed for the alleged fight against terrorism, although the attacks of the past have only become possible through mistakes in police work. Encryption is an elementary technology on the Internet, as it makes it possible to protect data from unauthorised access, whether by secret services, competitors or criminals. In the case of reporters, human rights activists or whistleblowers, their work or lives may depend on encryption. The introduction of master keys poses an enormous security risk, as they can be used by anyone who has access to them. Such a weakened encryption would thus be de facto worthless. A ban on secure encryption could also be bypassed by experienced stakeholders by using existing, secure encryption technology on private services.
We therefore call for an immediate halt to negotiations at European level. Existing authorizations that allow encryption to be bypassed, such as state Trojans, must be prohibited throughout the EU. We also call for a European initiative for a fundamental right to encryption.
We are a supra-regional association of digital policy activists¹ that calls attention to the intentions of the EU Council of Ministers to weaken encryption. Furthermore we encourage citizens to also resolutely oppose them and demand secure encryption as the basis for privacy and strong democracy.
Reason for this was the Draft Council Resolution with the paradoxical title "Security through encryption and security despite encryption" of 06.11.2020.
You have probably read our detailed statement here.
¹ Some of are us Pirates, but predominantly we are a diverse crowd of independent people.
Contact us at: kontakt@privacyisnotacrime.eu.
Contact for Press: presse@privacyisnotacrime.eu and +49 351 89670364.
Piratenpartei KV Dresden Rothenburger Str. 7 01099 Dresden Germany