European ministers are debating a clampdown on encryption and a further increase in surveillance in response to mounting terrorist threats.
Bernard Cazeneuve, France’s interior minister is due to meet his German counterpart, Thomas de Maizere, to discuss possible regulations to limit the use of encrypted communications across the EU. “It’s a central issue in the fight against terrorism,” Cazeneuve told reporters, the FT reports.
France has tabled surveillance laws that incurred the wrath of privacy campaigners. Germany has been a bulwark in favour of privacy but there is a sense this may change - or at least be up for debate in the wake of recent terrorist incidents in the country. This is despite the fact that encrypted communications failed to feature as an element in what have essentially been lone wolf attacks.
The Isis terror cells that plotted bloody attacks in Paris and Brussels communicated with each other, but how much, if at all, they relied on encrypted comms is far from clear. Some members reportedly used WhatsApp and Telegram. Patrick Calvar, French homeland security chief, told the FT that gigabytes of data were collected after November’s Paris attack but “it is often encrypted, and impossible to decipher”.
Western governments (or more particularly law enforcement) view apps that come with end-to-end encryption – such as Facebook’s WhatsApp and Apple’s iMessage – as a potential barrier in investigations.
Over-the-top mobile services such as WhatsApp are currently outside the scope of the EU’s e-privacy directive, which covers how customer data is handled, including in response to law enforcement requests. This provision may change, although a shift is far from certain.
Technologists, in general, remain opposed to golden keys for governments or other measures that would weaken the protection encryption offers.
Jacob Ginsberg, senior director at encryption company Echoworx, argued that existing wiretap laws are adequate and that governments ought to be obliged to get judicial approval for surveillance ops.
"No one can argue with the fact that if intelligence agencies and the police were able to access and look inside all houses, they would catch more criminals," Ginsberg said. "But is this going too far? We also have to consider how this may be putting the majority of law-abiding citizens at risk. European lawmakers need to remember that cyber-surveillance is no different than old school wire-tapping."
He adds: "However, the government requires court approval for a wiretap and only after they have demonstrated evidence of reasonable suspicion. They should not be allowed to circumvent existing laws based on type of media being surveilled. These laws were put in place to protect the average person from this kind of intrusion.
"The same rules should apply regardless of whether it's phone conversations or web and social media use being tapped. There is a balance that needs to be struck but it is absolutely vital that there is appropriate judicial oversight dictating the use of these powers,” he concluded. ®