Engadget reported on June 19th that while the European Union might want it to be easier for police to obtain data, it does not necessarily want it to be easier for officers to read that data. The European Parliament has proposed an amended regulation that would not only require end-to-end encryption when available, but forbid backdoors that offer guaranteed access to law enforcement. EU residents need to know that the "confidentiality and safety" of their data is "guaranteed," according to the draft, and backdoors risk "weakening" that privacy.
The proposal has to be approved by Parliament and then reviewed by the EU Council, so there is still a chance that the rules will be softened if and when the proposal passes.
If passed, there could be a conflict between the EU and countries that aren't enamored of encryption. The UK is undoubtedly the main concern, even after it leaves the EU. A ban on backdoors would make it difficult for the country to enforce the Investigatory Powers Act's requirement that companies remove "electronic protection" when possible. How would that be meaningful when virtually every tech company in Europe is encrypting data traffic? We are not likely to see UK-specific versions of apps that introduce security holes.
This would also thwart the efforts of some American politicians to effectively ban airtight encryption. While those proposals have largely stalled, they would face an even tougher battle in Congress if it meant pitting American and European security policies against each other. It is possible that the EU could effectively wind up dictating encryption strength and access well beyond its member states' borders. The Telegraph also has a story on these developments.
E-mail: email@example.com Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology