EU Proposes Backdoor Ban, End-to-End Encryption Requirement

The European Union has proposed a set of amended regulations that would require end-to-end encryption on all digital communications and would ban backdoors that allow law enforcement and intelligence entities to access private data.

The proposal hopes to let EU residents know that the “confidentiality and safety” of their private electronic data is guaranteed, and the draft goes on to add that backdoors will weaken that commitment to privacy. First drafted by the EU’s Committee on Civil Liberties, Justice, and Home Affairs, the proposal directly relates to an article of the European Union’s Charter of Fundamental Rights that guarantees citizens’ personal privacy. “The principle of confidentiality should apply to current and future means of communication,” the draft adds.

The amended regulations contend that the content of private data could reveal sensitive information about EU citizens — such as medical conditions, sexual preferences and political views — which could lead to “personal and social harm, economic loss or embarrassment.” And it’s not just the content of private data, either, as the Committee is arguing that all metadata associated with digital communications should be protected, too. That would include call information, geographical location data, and websites visited, according to the draft proposal.

It’s likely that the amendments will put the EU at odds with countries and member states that aren’t fans of encryption. In the UK, for example, politicians have recently argued that encrypted communications provide a “safe haven” for terrorists, according to The Sun. Additionally, UK Home Secretary Amber Rudd said in March that it is “completely unacceptable” that law enforcement could not read encrypted messages. Tech companies and government authorities have clashed in the U.S. as well, as seen in the FBI and Apple dispute. In recent years, U.S. legislators have also called on tech firms to facilitate backdoors for law enforcement, Forbes reported.

The UK’s recent vote to leave the European Union is bound to cause problems for the proposal, too. For example, the draft’s ban on backdoors would make it difficult for authorities in the UK to enforce a requirement on tech companies to remove electronic protection when possible, Engadget reported. It’s not currently clear how the UK will approach the new law, either, as negotiations between the UK and the EU post-Brexit just started this Monday.

Of course, the proposal must be sent to the European Parliament before passing. From there, the amendment also has to be revised by the EU’s council — so it’s entirely possible that some of the draft’s proposals will be softened before it becomes law.