EU proposes banning encryption backdoors

Marko :)

Level 23
Thread author
Verified
Top Poster
Well-known
Aug 12, 2015
1,263
"The European Union might want it to be easier for police to obtain data, but that doesn't mean it'll be easy for officers to read that data. The European Parliament has proposed amended regulation that would not only require end-to-end encryption when available, but forbid backdoorsthat offer guaranteed access to law enforcement. EU residents need to know that the "confidentiality and safety" of their data is "guaranteed," according to the draft, and backdoors risk "weakening" that privacy.

The proposal has to be approved by Parliament and then reviewed by the EU Council, so there's still a chance that the rules will be softened if and when the amendments pass.

If they do clear, though, they could set up a conflict between the EU and countries that aren't so fond of encryption. The UK is undoubtedly the main concern, even after it leaves the EU. A ban on backdoors would make it difficult for the country to enforce the Investigatory Powers Act'srequirement that companies remove "electronic protection" when possible. How would that be meaningful when virtually every tech company in Europe is encrypting data traffic? You're not likely to see UK-specific versions of apps that introduce security holes.

This would also thwart the efforts of some American politicians (such as Senators Richard Burr and Dianne Feinstein) to effectively ban airtight encryption. While those proposals have largely stalled, they'd face an even tougher battle in Congress if it meant pitting American and European security policies against each other. Simply put, the EU could wind up dictating encryption strength well beyond its member states' borders."


Source: Engadget
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,716
I have a hard time understanding why business leaders and politicians/officials don't see that they can both get what they want. Don't think eliminating encryption is any sort of an answer that's for sure. So this looks like a positive development to me overall, although I think the insatiable appetite for data is getting old from govts. Happiness for all is just a matter of getting everyone on the same page about what to expect from each other imo. If govt knows that machine monitoring of general net traffic will be tolerated (v human monitoring of single machines) and if business knows that's all they can do, everyone will be happy :)

Back 30-40 years ago there was a model that worked for security here in the U.S. It wasn't fully established before things got crazy but it amounts to letting computers gather data and analyze it and then pass on information to security officials about potentially dangerous situations developing (smart analysis). This combined with standard intelligence is all govts will ever require to maintain security, no matter how technical things become.

Thanks for the update @Marko :)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top