France, Germany Push For Encryption Backdoors In Apps
The controversial proposal would require app developers to provide access to encrypted messages at the request of law enforcement.
Encryption Debate: 8 Things CIOs Should Know
(Click image for larger view and slideshow.)
France and Germany are seeking to force mobile messaging providers to open up backdoors to encrypted messages. In light of recent terror attacks, the two countries' intelligence services say they believe the entire European Union should enact legislation making backdoors mandatory.
France says its intelligence service has been on high alert since the attacks in Paris in November, but it has been unable to crack messages sent between terrorists. France and Germany officials say they believe terrorists are using messaging apps such as Telegram and WhatsApp, rather than more traditional messaging services, specifically because they like these.
"Security and the fight against terrorism are now the first priority of the European Union," argued Bernard Cazeneuve, France's Minister of the Interior, and his German counterpart, Thomas de Maizière, at a press briefing held Tuesday. "Faced with this threat of terrorism, which remains extremely high following the attacks of Nice and Saint-Etienne-du-Rouvray in France, but also those of Wurzburg and Ansbach in Germany, it is essential to collectively raise the level of security."
Cazeneuve and Maizière are asking the European Union to let law enforcement unlock messaging apps. "If such legislation was adopted, this would allow us to impose obligations at the European level on non-cooperative operators," said Cazeneuve.
Specifically, France and Germany want the European Commission to study the possibility of a directive governing the rights and obligations of all companies that provide telecommunications or internet services across the Union. The Union would then task the uncooperative operators to remove illegal content or decrypt messages as part of investigations.
Cazeneuve and his counterpart in Germany believe the law should apply to EU and non-EU companies. That means services such as Apple's iMessage, Google's GChat, Facebook's Messenger, and Microsoft's Skype could be impacted by the legislation.
Apple has already run afoul of law enforcement in the US. Earlier this year the FBI asked Apple to unlock the iPhone owned by the San Bernardino shooter. Apple refused the request, citing importance of protecting privacy. It's unclear what impact such a law in the European Union would have on American companies.
The European Commission is prepared to discuss Cazeneuve and Maizière's proposal at its September 16 meeting.
"Security is a national competence, but creating the right framework at EU level will help member states carry out their duty to protect our citizens," said EU spokeswoman Natasha Bertaud to Reuters.
The proposal was quickly bashed by digital-rights groups.
"The proposal to undermine encryption at the EU level is rooted in the false belief that encrypted communications can somehow be made accessible to law enforcement without being made vulnerable to bad actors," said Access Now's Lucie Krahulcova in a statement provided to Politico.
Eric is a freelance writer for InformationWeek specializing in mobile technologies. View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2018 State of the CloudCloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!