If you need HELP, SUPPORT or just have a GDPR question please call +44 (0) 208 133 2545 or email us at firstname.lastname@example.org.
Alternatively please visit our contact page
FREE GDPR Helpline
Call +44 (0) 208 133 2545
A European Parliament committee is proposing that end-to-end encryption be enforced on all forms of digital communications to protect citizens.
The draft legislation seeks to protect sensitive personal data from hacking and government surveillance.
EU citizens are entitled to personal privacy and this extends to online communications, the proposal argues.
A ban on “backdoors” into encrypted messaging apps like WhatsApp and Telegram is also being considered.
Encryption involves digitally scrambling a communication to protect its contents, and then using a digital key to reassemble the data.
End-to-end encryption means the company providing the service does not have access to the key, meaning it cannot “listen in” to what is being shared – giving the sender and recipient added confidence in the privacy of their conversation.
“The principle of confidentiality should apply to current and future means of communication, including calls, internet access, instant messaging applications, email, internet phone calls and personal messaging provided through social media,” said a draft proposal drawn up for the European Parliament’s Committee on Civil Liberties, Justice, and Home Affairs.
The proposal seeks to amend Article Seven of the EU’s Charter of Fundamental Rights to add online privacy. It will require approval by committee’s members, the wider European Parliament and the Council of Ministers before it can be passed into law.
During the UK’s recent election campaign, the Conservative Party said that tech firms should provide the authorities “access to information as required” to help combat online radicalisation, but ministers have also said they do not want to weaken encryption.
That has led to some confusion among tech industry leaders as to whether the government wants some kind of “backdoor”, a way to have end-to-end encryption disabled in specific cases, or some other action.
However, cyber-security experts warn that criminals can still find a way to protect their communications, even if end-to-end encryption is banned.
“There are lots of existing techniques law enforcement can use,” Dr Steven Murdoch, a cyber-security researcher in the department of computer science at University College London told the BBC.
“One of them is traffic analysis, which is looking at patterns of communications, eg who is talking to who, when and from what location.
“The other one is hacking – equipment interference in British law – which can happen before data is encrypted and after it’s been decrypted, so there are still ways for law enforcement to gain access to information.”
In the Manchester, Westminster and London Bridge terror attacks, the perpetrators were already known to UK security services, Dr Murdoch added.
“They were not stopped because there were either insufficient resources or the resources were not sufficiently prioritised,” he said.
“The suggestions being considered by the UK government would be worse for computer security. So much of people’s lives are now carried out online. We should have privacy online just as we have offline.”
This article and any associated images were originally published here: