France, Germany push for access to encrypted messages after wave of terror attacks

But it conflicts with a recent review of EU privacy rules, which concluded that the use of encryption should be encouraged.
Written by Zack Whittaker, Contributor

(Image: Jeff Mitchell/Getty Images; file photo)

France and Germany are to ask the EU for new powers that could see state intelligence agencies compel makers of mobile messaging services to turn over encrypted content.

The two member states have both numerous suffered terrorist attacks in the past year and a half, with hundreds killed by the so-called Islamic State group, but argue that their intelligence agencies are struggling to intercept messages from criminals and suspected terrorists.

Many mobile messaging providers, like WhatsApp, Apple's iMessage, and Telegram, all provide end-to-end encrypted messaging to thwart spying by both hackers and governments alike.

Many other sites and services -- including Facebook -- have followed suit by pushing for strong encryption to ensure government spies can't access a person's messages.

Reuters reported Tuesday that French interior minister Bernard Cazeneuve wants the European Commission to draft a law that would oblige companies to turn over data.

"It's a central issue in the fight against terrorism," Cazeneuve told reporters last week.

"Exchanges carried out via applications like Telegram must be identified and used in the course of judicial proceedings," he added.

But Cazeneuve's initiative, echoing similar US and British efforts to install "backdoors" for in encryption for governments and law enforcement agencies, effectively undermining its very point, has long been criticized by privacy and security experts, who argue that there's no feasible way to guarantee that hackers won't be able to exploit the same access.

The request for a review falls just short calls for an all-out ban.

Earlier this year, one prominent French politician called for fines and ban on services that are unable to turn over encrypted communications.

The European Commission said it "welcomed" the initiatives between the two countries, but said that data protection laws are already under review.

But the executive body may face internal pressure to dismiss the idea of undermining the effectiveness encryption.

Only a few weeks ago, the European data protection supervisor said that nation states should be forbidden from trying to decrypt encrypted communications, or install backdoors. In a report, the supervisor said that end-to-end encryption to be "encouraged, and when necessary, mandated."

European authorities have been particularly aggrieved by reports of mass surveillance by the US government, which were brought to light three years ago by the Edward Snowden files.

The transatlantic pact that allowed the free flow of data between the two continents was later suspended by a top European court in the wake of the disclosures.

A new pact was agreed upon earlier this year.

Editorial standards