The EU Commission and Europol have been working on access to encrypted content since 2015. The breakthrough came in 2020 with the German Council Presidency.
Since the advent of encrypted communications and simple methods for their use, governments have been working on measures to circumvent them. That’s why 30 years ago, the US military secret service proposed building backdoors into computers. This opened the first “crypto war”: On the one side, the development of secure applications by well-meaning hackers, on the other side, authorities with new technical procedures to undermine the technology.
But secure communication is also essential for authorities and businesses. This is why, for example, the then first red-green German government under Gerhard Schröder (Social Democratic Party) published a policy paper in 1999 advocating encryption. The following governments also adhered to these “Cornerstones of German Crypto Policy” and referred to the goal anchored in it of making Germany the “No. 1 location for encryption”. However, it states restrictively: “The spread of strong encryption methods must not undermine the legal powers of law enforcement and security authorities to monitor telecommunications.”
After the attacks of 11 September 2001, the topic was again in the news, which is why critics like to talk about the second “crypto war”. At the latest, the revelations by Edward Snowden showed the considerable capabilities that the secret services had developed during this time – and had thus won the battle unnoticed for a while. But this also made secure, encrypted communication more popular and, with various tools, more user-friendly. Thus, a good ten years ago, the third “crypto war” broke out, this time also in the European Union.
It started in 2015 with the then EU Anti-Terrorism Coordinator calling on the Commission to find ways to force online services to install backdoors for encrypted communication (“share encryption keys”). In the same year, the Commission announced in its “Security Agenda” that law enforcement concerns about “new encryption techniques” will be addressed. Backing came from the then director of the EU police agency Europol, who warned several times against the increasing use of encryption technologies as “one of the main tools of terrorists and criminals”.
Time and again since then, the Commission and Europol have met with authorities, companies and institutes to press for access to encrypted content. After numerous working groups, questionnaires, feasibility studies, “progress groups” and special meetings, the German EU Presidency brought a breakthrough with a Council resolution on “security through encryption and security despite encryption”. This called on communication service providers “and other relevant stakeholders” to cooperate on “technical solutions and standards”.
The EU Commissioner for Home Affairs, Ylva Johansson, now wants to finally implement this plan. In 2020, the magazine “Politico” made public a study in which the Commission had technical options for accessing encrypted content on mobile phones examined. What finally prevailed was ” client-side scanning”, as it is now proposed in the regulation on “chat control”. The battle over this regulation is thus the last “crypto war” for the time being, in which nothing less than secure and private communication is at stake.
Published in German in „nd“.
Image: Protest to Interior Minister Nancy Faeser on 8 June 2022 in Berlin (Till Rimmele, CC-BY 4.0).