EU proposes mandatory end-to-end encryption for all citizens

The proposal contradicts the UK government's stance on communication encryption

A European Parliament committee wants end-to-end encryption to be compulsory for all forms of digital communication, in a bid to improve the safeguards around online privacy for citizens within the EU.

A draft legislation submitted by the Committee on Civil Liberties, Justice and Home Affairs, attempts to harmonise online privacy rules by ensuring the same level of protection regardless of the service used.

Advertisement - Article continues below

The proposal would force all "providers of electronic communications services", such as apps like WhatsApp or mobile network operators, to place end-to-end encryption on all communicated data, to ensure that the "confidentiality and safety of the transmission are guaranteed".

With end-to-end encryption, service providers would not have access to the decryption key needed to "listen" in on the data being shared, with the sender and recipient the only parties able to see the communications.

The proposal seeks to repeal the current ePrivacy Directive launched in 2002 in an effort to "modernise" data protection frameworks alongside the implementation of GDPR next year. This will therefore need to be approved by the European Parliament and the European Council before it can be made law.

However, the committee argues that the older directive does not take into account new means of communications, such as the rise of IoT networks, which present "new challenges and risks concerning the privacy and protection of personal data of individuals".

Advertisement - Article continues below
Advertisement - Article continues below

This directly counters the narrative coming from the UK government over the monitoring of communications, which has said that tech firms should be providing authorities with a means to bypassing end-to-end encryption.

Following the Westminster terrorist attack in March, Home Secretary Amber Rudd described WhatsApp's use of encryption as "completely unacceptable", arguing that it provides "a secret place for terrorists to communicate".

While many mocked her views, some expressed genuine concern that the government was using the recent atrocity as a means to push though a ban on encrypted communications and limit the privacy of UK citizens.

The EU committee argued that universal encryption is an essential step towards the completion of the Digital Single Market, "as it would increase trust and security of digital services" and would "recognise a longstanding and fundamental right of individuals, enshrined in the ECHR and the EU charter".

Its legislation would need to be approved by the European Parliament and then reviewed by the EU Council.

Picture: Bigstock



data protection

Health sites are 'unlawfully' sharing medical data with Facebook and Google

7 Apr 2020
data protection

Supreme Court rules Morrisons was not liable for 2014 data breach

1 Apr 2020

UK government may trace COVID-19 patients using mobile phone data

20 Mar 2020
General Data Protection Regulation (GDPR)

Irish data regulator racks up GDPR cases against Big Tech

24 Feb 2020

Most Popular

Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020