EU proposes mandatory end-to-end encryption for all citizens

The proposal contradicts the UK government's stance on communication encryption

Graphic showing a digital padlock overlaid above information that has been encrypted

A European Parliament committee wants end-to-end encryption to be compulsory for all forms of digital communication, in a bid to improve the safeguards around online privacy for citizens within the EU.

A draft legislation submitted by the Committee on Civil Liberties, Justice and Home Affairs, attempts to harmonise online privacy rules by ensuring the same level of protection regardless of the service used.

The proposal would force all "providers of electronic communications services", such as apps like WhatsApp or mobile network operators, to place end-to-end encryption on all communicated data, to ensure that the "confidentiality and safety of the transmission are guaranteed".

With end-to-end encryption, service providers would not have access to the decryption key needed to "listen" in on the data being shared, with the sender and recipient the only parties able to see the communications.

The proposal seeks to repeal the current ePrivacy Directive launched in 2002 in an effort to "modernise" data protection frameworks alongside the implementation of GDPR next year. This will therefore need to be approved by the European Parliament and the European Council before it can be made law.

However, the committee argues that the older directive does not take into account new means of communications, such as the rise of IoT networks, which present "new challenges and risks concerning the privacy and protection of personal data of individuals".

This directly counters the narrative coming from the UK government over the monitoring of communications, which has said that tech firms should be providing authorities with a means to bypassing end-to-end encryption.

Following the Westminster terrorist attack in March, Home Secretary Amber Rudd described WhatsApp's use of encryption as "completely unacceptable", arguing that it provides "a secret place for terrorists to communicate".

While many mocked her views, some expressed genuine concern that the government was using the recent atrocity as a means to push though a ban on encrypted communications and limit the privacy of UK citizens.

The EU committee argued that universal encryption is an essential step towards the completion of the Digital Single Market, "as it would increase trust and security of digital services" and would "recognise a longstanding and fundamental right of individuals, enshrined in the ECHR and the EU charter".

Its legislation would need to be approved by the European Parliament and then reviewed by the EU Council.

Picture: Bigstock

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

GDPR 2.0: What do Europe’s new AI rules mean for businesses?
IT regulation

GDPR 2.0: What do Europe’s new AI rules mean for businesses?

28 Jun 2021
The IT Pro Podcast: Navigating Brexit data transfers
data protection

The IT Pro Podcast: Navigating Brexit data transfers

5 Feb 2021
Digital Services Act: Google asks European Commission to clarify responsibilities
Policy & legislation

Digital Services Act: Google asks European Commission to clarify responsibilities

4 Sep 2020

Most Popular

The benefits of workload optimisation
Sponsored

The benefits of workload optimisation

16 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
Six ways boards can step up support for cyber security
Business strategy

Six ways boards can step up support for cyber security

22 Jul 2021