French & German interior ministers call on EU to enable access to encrypted data

AppleInsider

In a joint press conference in Paris on Tuesday, the interior ministers of France and Germany called on the European Commission to enact laws that would give countries on-demand access to encrypted communications under some circumstances.

Exchanges via some apps "must be able, as part of court proceedings -- and I stress this -- to be identified and used as evidence by the investigation and magistrates services," said France's Bernard Cazeneuve, according to TechCrunch.

Both countries have been hit by a slew of Islamist terrorist attacks in the past year, killing hundreds of people. Some of the terrorists have relied on apps like WhatsApp and Telegram to communicate -- because both use end-to-end encryption, however, even their developers can't decipher message content.

Cazeneuve and his counterpart, Thomas de Maizi?re, would like the European Commission to have laws enforcing the same rights and obligations for internet services and telecoms operators across Europe, even if they're not headquartered in the European Union. The ministers want their proposals discussed at a September Commission meeting.

If brought into force, such regulations could create serious issues for tech companies like Apple, which uses end-to-end encryption for iMessage content. Effectively, the rules would bar end-to-end encryption entirely, since there's no way of inserting a government-only backdoor into such systems.

They're already encountering opposition from the Computer & Communications Industry Association, and would run counter to July recommendations by the E.U.'s own data protection supervisor, who said that an upcoming update of ePrivacy directives should protect end-to-end encryption, and specifically prevent "decryption, reverse engineering or monitoring of [encrypted] communications."

mtbnut

Uh, no.

longpath

And when those backdoors result in breaches of their national security, 
I hope they remember that they made it so.

chaicka

Germany was one of the countries which started an encryption race a decade or longer ago. German firms were using 4096-bit encryption even for firms' WAN traffic that goes across borders.

What a reversal change in direction now

davemcm76

AppleInsider said:

If brought into force, such regulations could create serious issues for tech companies like Apple, which uses end-to-end encryption for iMessage content. Effectively, the rules would bar end-to-end encryption entirely, since there's no way of inserting a government-only backdoor into such systems.

At what point are these people going to realise or accept that encryption is maths and that in maths there is no such thing as a "government-only backdoor" no matter how hard they wish for one  

phone-ui-guy

The Terrorists will continue doing end to end encryption even when it is illegal. Do we expect them to follow encryption law while they are trying to break all the other laws?

robin huber

Best time to make thoughtful policy is in panic mode. 

joogabah

The terrorist events are false flags.  The entire point of this game is to normalize government oversight of all communication.

Blaming "terrorists" is a very well known, and very old strategy.  Unfortunately, they've dumbed down the critical thinking skills of so many, and then scared them with violence that actually results in fewer deaths compared to solvable problems they don't bother to address (like launching aggressive wars on innocent countries).

This is why the politicians seem so ridiculous on this matter.  They are disingenuous.

Capital accumulation is stalled and the method for reviving it the last go around threatens the end of all life on the planet.  We need an international movement to facilitate rapid automation with simultaneous guarantees of human welfare for the vast majority that will never again be "employable".  Without the latter, I fear something along the lines of the holocaust in terms of eliminating surplus labor power in order to save the accounting system that keeps a layer of the population in power.

soli

Quoting because it can't be said enough.

sog35 said:

There is no such thing as demand access to encrypted communications under some circumstances.

Once there is demand access than nothing is encrypted.

This politicians are so stupid. If this law passes the terrorist and criminals will just use 3rd party encryption which is widely avaliable. And only the innocent will suffer then.

In fact making the common person unencrypted will lead to MASSIVE cyber terror. Its exactly what the terrorist want.  They want the common population to have no encryption.

jbishop1039

sog35 said:

There is no such thing as demand access to encrypted communications under some circumstances.

Once there is demand access than nothing is encrypted.

This politicians are so stupid. If this law passes the terrorist and criminals will just use 3rd party encryption which is widely avaliable. And only the innocent will suffer then.

In fact making the common person unencrypted will lead to MASSIVE cyber terror. Its exactly what the terrorist want.  They want the common population to have no encryption.

Absolutely dead on. 

jungmark

Sorry, No dice. Then again France can change  its constitution on a whim. 

ppietra

sog35 said:

There is no such thing as demand access to encrypted communications under some circumstances.

Once there is demand access than nothing is encrypted.

This politicians are so stupid. If this law passes the terrorist and criminals will just use 3rd party encryption which is widely avaliable. And only the innocent will suffer then.

In fact making the common person unencrypted will lead to MASSIVE cyber terror. Its exactly what the terrorist want.  They want the common population to have no encryption.

That is not really true. You can have encrypted communications with third party access, that is how Apple’s iMessage and others used to work. What you wouldn’t have was a guaranty of privacy because Apple would have a key for the encrypted communication that could be use for a "wiretap".
With that said I really doubt this would be effective against terrorism.

stantheman

The government presenting a valid search warrant could be given access to encrypted data by including that government as a Bcc ("party line") on data moving in and out of a target iPhone. Then the government could decrypt suspected data using its own methods. (Perhaps cell phone carriers could provide this data, too.) A demand for the encrypted data residing on an iPhone -- as opposed to data traffic in and out -- would capture data from a time before the government agency was privileged by the court to eavesdrop. That constitutes a fishing license to just browse around, in search of possible clues. What a weak justification for undermining the privacy and security of 500+ million iPhone owners around the world.

championpower

Concur- also being 'stupid' is almost a resume qualification for being a political.   Look at the stupid open-entry that Merkel initiated for the mass migration into Europe damn the long term consequences.

dick applebaum

AppleInsider said:

In a joint press conference in Paris on Tuesday, the interior ministers of France and Germany called on the European Commission to enact laws that would give countries on-demand access to encrypted communications under some any circumstances.

Strong laws against encryption to protect us from terrorists -- will be about as effective as strong laws against guns are protecting us from criminals.

rwes

ppietra said:

sog35 said:

There is no such thing as demand access to encrypted communications under some circumstances.

Once there is demand access than nothing is encrypted.

This politicians are so stupid. If this law passes the terrorist and criminals will just use 3rd party encryption which is widely avaliable. And only the innocent will suffer then.

In fact making the common person unencrypted will lead to MASSIVE cyber terror. Its exactly what the terrorist want.  They want the common population to have no encryption.

That is not really true. You can have encrypted communications with third party access, that is how Apple’s iMessage and others used to work. What you wouldn’t have was a guaranty of privacy because Apple would have a key for the encrypted communication that could be use for a "wiretap".
With that said I really doubt this would be effective against terrorism.

I don't think he meant it literally that "nothing is encrypted". Just that If a method is built in for a third party to access, what happens when that third party is hacked. I think even Apple is concerned about exactly that (someone, even at Apple, walking out with keys, or NSA (or some other agency) hacking Apple). e.g the NSA TAO messing with hardware en-route, etc.

And now, with even speculation of someone walking out with some of the "keys" (not literally) to some of the NSA (or other) kingdom(s), it's just clearly a bad idea. Say Apple had or does build a (vulnerable) version of iOS that the US govt puts on an air-gapped system with even just 1 person having access. You'd have to trust (guarantee 100%) that one person couldn't be manipulated in anyway (to run away with said material).

edited August 2016

latifbp

ppietra said:

sog35 said:

There is no such thing as demand access to encrypted communications under some circumstances.

Once there is demand access than nothing is encrypted.

This politicians are so stupid. If this law passes the terrorist and criminals will just use 3rd party encryption which is widely avaliable. And only the innocent will suffer then.

In fact making the common person unencrypted will lead to MASSIVE cyber terror. Its exactly what the terrorist want.  They want the common population to have no encryption.

That is not really true. You can have encrypted communications with third party access, that is how Apple’s iMessage and others used to work. What you wouldn’t have was a guaranty of privacy because Apple would have a key for the encrypted communication that could be use for a "wiretap".
With that said I really doubt this would be effective against terrorism.

Except that if you use a bank within said idiotic country then your banking information, as one example of many, would not be protected via encryption. Sure you could use a 3rd party messaging app to communicate, but all your other shit is open to whatever any good hacker could get to as well as the Euro terrorist governments 

ppietra

davemcm76 said:

AppleInsider said:

If brought into force, such regulations could create serious issues for tech companies like Apple, which uses end-to-end encryption for iMessage content. Effectively, the rules would bar end-to-end encryption entirely, since there's no way of inserting a government-only backdoor into such systems.

At what point are these people going to realise or accept that encryption is maths and that in maths there is no such thing as a "government-only backdoor" no matter how hard they wish for one  

THis is a bit different from disk encryption. iMessage still needs to exchange encryption keys through Apple servers for every new communication, so Apple servers could theoretically be altered to listen to communications that would still be encrypted in the network. THere is no new math to make this possible, only requires trust that the system would be fair and would not be hacked, like other Apple online services.

charlesatlas

Someone please forward some of the news stories about Microsoft's golden key fiasco to these officials.

ppietra

rwes said:

ppietra said:

sog35 said:

There is no such thing as demand access to encrypted communications under some circumstances.

Once there is demand access than nothing is encrypted.

This politicians are so stupid. If this law passes the terrorist and criminals will just use 3rd party encryption which is widely avaliable. And only the innocent will suffer then.

In fact making the common person unencrypted will lead to MASSIVE cyber terror. Its exactly what the terrorist want.  They want the common population to have no encryption.

That is not really true. You can have encrypted communications with third party access, that is how Apple’s iMessage and others used to work. What you wouldn’t have was a guaranty of privacy because Apple would have a key for the encrypted communication that could be use for a "wiretap".
With that said I really doubt this would be effective against terrorism.

I don't think he meant it literally that "nothing is encrypted". Just that If a method is built in for a third party to access, what happens when that third party is hacked. I think even Apple is concerned about exactly that (someone, even at Apple, walking out with keys, or NSA (or some other agency) hacking Apple). e.g the NSA TAO messing with hardware en-route, etc.

And now, with even speculation of someone walking out with some of the "keys" (not literally) to some of the NSA (or other) kingdom(s), it's just clearly a bad idea. Say Apple had or does build a (vulnerable) version of iOS that the US govt puts on an air-gapped system with even just 1 person having access. You'd have to trust (guarantee 100%) that one person couldn't be manipulated in anyway (to run away with said material).

If Apple was hacked by NSA not even the current iMessage implementation would make your communications safe because it still requires key exchange through Apple servers. Just saying. The only real questions here is about privacy and how effective something like this can be.

urchin11

Didn't the NSA hack teach politicians anything?  once the tools are available, they will be stolen.  Then everyones data is at risk.  Moron Politicians.