EU wants to create backdoors to encrypted social media apps

The proposals would force companies like WhatsApp to hand over user data

EU flag flying

The European Commission is planning to introduce new measures that will provide a backdoor to application encryption, making it easier for security agencies to access data on services like WhatsApp.

EU Justice Commissioner Vra Jourov made the proposals during a public speech on Tuesday, following calls from interior ministers for tougher crackdowns on social media apps that hide user communications.

Advertisement - Article continues below

The plans would focus on "three or four options", including legislation and voluntary agreements that would enable police forces to demand the turn over of user data with a "swift, reliable response", according to EU policy website Euractiv.

The voluntary measures would act as a "quick solution" as EU negotiations on permanent legislation could take years to complete, although a slow introduction of non-legislative proposals should reveal any pushback likely to come from large US social media companies like Google and Facebook.

Eventually the proposals should also allow police forces to request and gain access to data from companies registered outside of their jurisdictions.

Vra Jourov said: "At the moment, prosecutors, judges, also police and law enforcement authorities, are dependent on whether or not providers will voluntarily provide the access and the evidence. This is not the way we can facilitate and ensure the security of Europeans, being dependent on some voluntary action."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Since that declaration, Germany's interior minister Thomas de Maizire, and French interior minister Matthias Fekl have also approached MEPs lobbying for police have the same legal rights around data as they do with access to telecoms companies, according to Euractiv.

This is the latest in a string of EU crackdowns on social media services. The Commission recently announced it would be taking action against the likes of Google, Facebook and Twitter to "make sure social media companies comply with EU consumer rules", with proposals that would force companies to make service terms more transparent for their customers, or risk fines of up to $53 million.

The news comes after home secretary Amber Rudd said social messaging services should be compelled to hand over user data, in a response to reports that the attacker involved in last week's terrorist attack in London was a user of Facebook-owned WhatsApp. Rudd argued that social media "can and must do more" to remove extremist content online.

Advertisement - Article continues below

However the tech industry has struck back, labeling Rudd's comments as "deeply misguided", providing an overly simplistic view of encryption. Although her comments sparked mockery on social media, many industry experts have raised concerns over the continued push by government to compromise data security for unrestricted access.

David Emm, principal security researcher at Kaspersky Lab, argues that proposals for "see through" encryption pose some real dangers to user security.

"Creating a 'backdoor' to decipher encrypted traffic is akin to leaving a key to your front door under the mat outside," said Emm. "Your intention is for it to be used only by those you have told about it. But if someone else discovers it, you'd be in trouble."

"If a government backdoor were to fall into the wrong hands, cybercriminals, foreign governments or anyone else might also be able to inspect encrypted traffic - thereby undermining not only personal privacy, but corporate or national security. It would effectively create a zero-day (i.e. unpatched) vulnerability in the application," added Emm.

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement
Advertisement

Recommended

Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Australia announces $1.35 billion investment in cyber security
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
CSA and ISSA form cyber security partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
How do I fix the Windows 10 Start Menu if it's frozen?
operating systems

How do I fix the Windows 10 Start Menu if it's frozen?

3 Aug 2020