EU proposes mandatory end-to-end encryption for all citizens

The proposal contradicts the UK government's stance on communication encryption

A European Parliament committee wants end-to-end encryption to be compulsory for all forms of digital communication, in a bid to improve the safeguards around online privacy for citizens within the EU.

A draft legislation submitted by the Committee on Civil Liberties, Justice and Home Affairs, attempts to harmonise online privacy rules by ensuring the same level of protection regardless of the service used.

The proposal would force all "providers of electronic communications services", such as apps like WhatsApp or mobile network operators, to place end-to-end encryption on all communicated data, to ensure that the "confidentiality and safety of the transmission are guaranteed".

With end-to-end encryption, service providers would not have access to the decryption key needed to "listen" in on the data being shared, with the sender and recipient the only parties able to see the communications.

Advertisement - Article continues below
Advertisement - Article continues below

The proposal seeks to repeal the current ePrivacy Directive launched in 2002 in an effort to "modernise" data protection frameworks alongside the implementation of GDPR next year. This will therefore need to be approved by the European Parliament and the European Council before it can be made law.

However, the committee argues that the older directive does not take into account new means of communications, such as the rise of IoT networks, which present "new challenges and risks concerning the privacy and protection of personal data of individuals".

This directly counters the narrative coming from the UK government over the monitoring of communications, which has said that tech firms should be providing authorities with a means to bypassing end-to-end encryption.

Following the Westminster terrorist attack in March, Home Secretary Amber Rudd described WhatsApp's use of encryption as "completely unacceptable", arguing that it provides "a secret place for terrorists to communicate".

While many mocked her views, some expressed genuine concern that the government was using the recent atrocity as a means to push though a ban on encrypted communications and limit the privacy of UK citizens.

The EU committee argued that universal encryption is an essential step towards the completion of the Digital Single Market, "as it would increase trust and security of digital services" and would "recognise a longstanding and fundamental right of individuals, enshrined in the ECHR and the EU charter".

Advertisement - Article continues below

Its legislation would need to be approved by the European Parliament and then reviewed by the EU Council.

Picture: Bigstock

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now


data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019
Policy & legislation

Breaking up big tech 'will cause more problems', says EU

8 Nov 2019

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019
Policy & legislation

EU shelves plans to impose digital tax

13 Mar 2019

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
data breaches

Misconfigured security command exposes 250 million Microsoft customer records

23 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020

Windows 10 and the tools for agile working

20 Jan 2020