Since 2016, the Council and Commission of the European Union have been working on ways to decrypt digital content. After setting up a department at Europol, the Internet companies are now being urged to cooperate more. They are to provide police and secret services with decrypted data on request.
Within the framework of its EU Council Presidency, the German government wants to achieve a declaration on encrypted communication on the Internet. This common line taken by all member states should put pressure on service providers to introduce appropriate solutions for decrypting. According to a Council document published yesterday by the British Civil Liberties Organization, the individual governments are to send their position to an e-mail address of the German Ministry of the Interior by October 7. After that, the Standing Committee on Operational Cooperation on Internal Security (COSI) will decide on how to proceed. There, the national interior ministries are coordinating among themselves.
Second paper from the EU Commission
In its communication of 18 September, the German Council Presidency emphasizes the benefits of encryption. However, the German Federal Ministry of the Interior, which is responsible for Justice and Home Affairs in the EU, also calls for a “proper balance between the protection of privacy, intellectual property protection and lawful law enforcement and judicial access”. The areas in which authorities are to have encrypted data streams to be accessed include terrorism, organized crime and cybercrime.
The paper prepared by German authorities has been a coordinated effort with the European Commission. Also on 18 September, the Commission services described possible solutions for access to encrypted data in a document published by Statewatch. The focus was on investigations into the sexual abuse of children. The Brussels authors point out that the document is “not in any circumstances” an official statement. However, two weeks ago, the Directorate-General of the Commission also listed 28 pages of possibilities for decryption.
Similar procedure for the publication of “electronic evidence
So there is still no legislative EU proposal against encryption. This could change after the planned declaration of all member states. In it, the Council could ask the Commission to draw up a directive or regulation to force Internet companies to cooperate when they offer services within the European Union. The latter would then be discussed in a trialogue with Parliament and the Commission. At present, the Member States want to reach such an agreement in the area of the release of “electronic evidence”. The Commission is currently negotiating a further agreement on “e-Evidence” with the USA.
Since the Slovakian EU Presidency in 2016, the ministers of the interior and justice of the Member States have been working on the decryption of digital content in a four-stage model. Various Commission departments have then begun a process with EU agencies and law enforcement authorities. The anti-terrorism coordinator also dealt with decryption procedures. Europol subsequently set up a “decryption platform” which offers national authorities assistance in reading encrypted devices.
“Five Eyes” to Facebook
To give the Internet industry more responsibility is the Council’s and the Commission’s response to an announcement by Facebook to implement end-to-end encryption for its messengers. This would lead to “a considerable loss of electronic evidence” in the detection of child sexual abuse, for example. The German Federal Minister of the Interior Horst Seehofer made a similar statement last spring.
In an open letter a few months later, the so-called “Five Eyes” on Facebook reacted on the same issue after CEO Mark Zuckerberg announced more encryption in Facebook chats. The five governments from the USA, Canada, Great Britain, Australia and New Zealand called on the technology company to allow police and secret services to access encrypted data “in a readable and usable format” upon request. The “Five Eyes” are known for their cooperation of foreign intelligence services. In the letter to Facebook, however, the governments focus on protection against child abuse as an argument against encryption.