- 60+ groups are calling for governments to protect encryption
- Signatories warn that backdoors create systemic security risks
- The pledge comes at a time when encryption is constantly scrutinized
A total of 61 organizations from across the tech industry and the privacy world have signed a new global statement urging governments to protect strong encryption.
Shared by ACT (The App Association), the statement notes that weakening encrypted services threatens both security and the digital economy.
The letter arrives amid mounting political pressure against encrypted communications worldwide, especially in the EU, where the debate around the Chat Control bill keeps intensifying.
Various proposals for encryption backdoors introduce an extra element of vulnerability, experts warn, and there’s no way to make sure that these vulnerabilities won’t be exploited later.
Among the signatories is the VPN Trust Initiative, which is a consortium representing many of the best VPN providers. VPNs have also been targeted by some governments as part of these recent efforts.
“Strong encryption is essential”
The global statement highlights how important encryption is throughout so many aspects of our digital lives.
The letter notes that encryption “safeguards user privacy, protects sensitive data, and enables trust.” All of those are referred to as “foundations of commerce, communication, and innovation.”
Without encryption, users are much less likely to use various apps with full confidence. Knowing that your data or your private conversations might be subject to surveillance or data leaks means that many of the more privacy-conscious users might be left with no secure options for communication.
The letter notes that undermining encryption through things like backdoors or key escrow systems weakens the trust users have in various digital services. It also affects the digital economy and small businesses.
More than that, it introduces systemic vulnerabilities − that’s unavoidable. You can’t create a flaw in the system and only let law enforcement use it; cybercriminals are highly likely to find their way in, too.
The coalition recognizes that governments and national security agencies need to be able to access evidence and fight crime, but it notes that it should be done through ways that “do not compromise the safety and privacy of billions of consumer and enterprise users.”
Signatories include some of the biggest organizations across tech and data privacy, including the VPN Trust Initiative (VTI). This organization, led by founding members like ExpressVPN, NordVPN, and VyprVPN, sets industry standards for VPN providers.
Encrypted data is in constant danger
The call to protect encryption lands against a backdrop of attempts by governments to gain access to encrypted data. This is especially prevalent in the EU, where several recent proposals have raised alarm among privacy experts.
The EU Commission presented a new roadmap in June this year, seeking to establish a way for law enforcement to access citizens’ private data by 2030.
Previously, end-to-end encryption was highlighted as “the biggest technical challenge,” and tools like VPN services and encrypted chat apps were both seen as a threat to effective investigative work.
European lawmakers are also pushing the Chat Control proposal, which could introduce client-side scanning. This would involve scanning private chats on the device before it ever gets encrypted. The latest Chat Control proposal has now received broad support from EU lawmakers and has reportedly moved to the next legislative step.
Not every law enforcement representative agrees with this take. James A. Baker, Former General Counsel of the US Federal Bureau of Investigation, said, “Encryption is vital to law enforcement to protect society.” He also referred to client-side scanning as a “fundamentally bad idea.”
https://cdn.mos.cms.futurecdn.net/eKne3SQzhGY5YAoP2ZQj4H-2120-80.jpg
Source link
monicajwrites@gmail.com (Monica J. White)
