29 October 2020
The German Presidency of the Council is pressing ahead with its efforts to undermine encryption in the name of law enforcement. Close cooperation with industry is the preferred means, but "there should be no single prescribed technical solution to provide access to the encrypted data." However, as experts have long pointed out, there is no way to give law enforcement agencies routine access to encrypted data without fundamentally undermining the security of all users of a given service or technology.
Background: Council of the EU: German Presidency seeking common position on encryption and law enforcement (22 September 2020).
Following our publication of the German Presidency's initial document in September, European Digital Rights (EDRi) called on the EU to uphold digital security and not to pursue any measures that would undermine encryption (Statewatch is a member of EDRi):
"The German Presidency states that all proposals should not weaken the encryption used, or insert backdoors. But these three proposals all have the same effect of making users vulnerable to unlawful access. And they would inevitably be abused by governments that do not respect human rights."
No pause for thought
The German Presidency is pressing ahead with its proposed Council Declaration. While it extols the benefits and necessity of encryption, it also proposes undermining it, for law enforcement purposes, by "joining forces with the tech industry":
"There is a need for a regulatory framework that safeguards fundamental rights and the advantages of end-to-end encryption and which allows law enforcement and judicial authorities to carry out their tasks. Possible solutions may need the support of service providers in a transparent and lawful manner, as well as improving the technical and tactical skills which the law enforcement and judicial authorities need to face the challenges of digitisation at a global scale. In line with the principle of proportionality, such measures should be prioritised."
NOTE from: Presidency to: Delegations: Draft Council Declaration on Encryption - Security through encryption and security despite encryption (12143/20, LIMITE, 21 October 2020, pdf)
"Further to the informal VTC of the members of the Standing Committee on Operational Cooperation on Internal Security (COSI) on 23 September 2020, delegations will find in the Annex a Draft Council Declaration on Encryption.
The draft Declaration is based on the Presidency discussion paper submitted to COSI (10728/20) and the written contributions received by delegations (WK 11169/20). It also takes into account the joint paper of the COM services presented by DG Home and DG Just (10730/20), as well as the contribution of the EU CTC (7675/20).
Delegations are invited to submit to written comments and concrete drafting suggestions on the Draft Council Declaration set out in the Annex before 29 October 2020 (COB) to firstname.lastname@example.org; COSI.DE2020@bmi.bund.de and email@example.com"
Counter-Terrorism Coordinator paper
We are also making available another of the papers cited above, produced by the EU's Counter-Terrorism Coordinator in May this year, along with an Annex:
Spotted an error? If you've spotted a problem with this page, just click once to let us know.
Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement. Registered UK charity number: 1154784. Registered UK company number: 08480724. Registered company name: The Libertarian Research & Education Trust. Registered office: 10 Queen Street Place, London EC4R 1BE. © Statewatch ISSN 1756-851X. Personal usage as private individuals "fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.