The fight against backdoors continues

encryption backdoors

It is not the first time that we join forces with like-minded companies to voice our apprehension about the European Union’s plans that would result in backdoors being installed in end-to-end encrypted platforms.

What’s going on?

The European Union is currently working on a legislative proposal to prevent and combat Child Sexual Abuse (CSA), making it mandatory for online service providers to prevent, detect, report, and remove child sexual abuse online.

We agree that ensuring children are safe online is one of the most important duties of tech companies. However, if the regulation was implemented as proposed by the Council, it would negatively impact children’s privacy and security online, while also having dramatic unforeseen consequences on the EU cybersecurity landscape.

That is why we, together with a group of SMEs and organisations including Encryption Europe, decided to send an open letter to EU Member States warning of the dangers of the current text.

What does the open letter say?

We highlight that looking for specific content – such as text, photos and videos – in an end-to-end encrypted communication would require the implementation of a backdoor, or of a similar technology called “client-side scanning”. Even if this mechanism is created with the purpose of fighting crime online, it would also quickly be used by criminals themselves, putting citizens and businesses more at risk online by creating vulnerabilities for all users alike.

In an era marked by frequent data breaches and privacy controversies, the European Union stands out for its robust data protection regulations, offering a distinct advantage to businesses operating within its jurisdiction. This framework provides us with a competitive edge, assuring our customers that their information is handled with the utmost care and integrity. This trust, once eroded, is challenging to rebuild, and any measures that compromise it such as mandatory scanning, or mandatory age verification have the potential to harm businesses both large and small.

What’s the way forward?

We encourage EU Member States to continue championing the values of privacy, cybersecurity and data protection. Therefore, we call on Member States to:

  • Maintain the high level of fundamental rights - and in particular data protection – enjoyed by citizens in the European Union.
  • Refrain from forcing companies like us to conduct mass surveillance of private correspondence on behalf of law enforcement agencies.
  • Guarantee a high level of cybersecurity in the EU by protecting end-to-end encryption and bringing the necessary safeguards in the text. Client-side scanning and backdoors in particular should not be mandated.
  • Preserve the confidentiality of correspondence.

Want to discover more about the ramifications of encryption backdoors? Get into the details of encryption backdoors via the Tresorit blog, or read the full open letter here to know more about the consequences of the CSA proposal.