The terrorist attack perpetrated last week in Austria has revived the debate on end-to-end encryption offered by certain couriers. Once again the EU would like to allow investigators to take a look at what at the moment is practically elusive.
A draft resolution adopted by the council of the European Union could force courier apps to allow intelligence services and police investigators to bypass the end-to-end encryption they offer. To do this, the EU would force services such as WhattsApp, Signal or Telegram to provide backdoors allowing the authorities to monitor or trace the exchanges of persons suspected of terrorism, or of individuals involved in online child pornography. The track of an outright ban on these encrypted exchanges would also not be completely excluded.
For the time being, the text under consideration in the EU council is not publicly accessible, specifies the Digital Factory, but the Austrian media ORF was able to consult a document revealing a revised version of this draft resolution.
A text still under study
Assuming that ” there are cases where the encryption makes the analysis of the content of communications (…) extremely difficult or practically impossible despite the fact that access to this data would be legal “, The document consulted by the ORF establishes that it is necessary to guarantee”the capacity of competent authorities in the area of security and criminal justice to exercise legal powers online and offline “. The Council of the EU nevertheless assures to support “the development, implementation and use of strong encryption ”. Consequently, the draft resolution recalls the need for these future measures to be respectful of “principles of legality, transparency, necessity and proportionality ».
As the Digital Factory explains, if the EU moves well towards a system of backdoors allowing the police and the intelligence services to have access to suspicious conversations, the institution will be confronted with the resulting security problems. by opening these “backdoors” in encryption systems. And for good reason, over time, these generally become simple vulnerabilities that other intelligence services end up exploiting, just like possible hackers.
The fact remains that this draft resolution still has to pass several stages before being eventually adopted and applied. The first step will be to be approved by COSI (Standing Committee for Operational Cooperation on Internal Security), on November 19, before being presented to the Permanent Representatives Committee on November 25. According to the ORF, the text will also have to be adopted by the European Parliament if it is to enter into force.