Encryption – Security Architectures in the EU

Chat control: Schengen states should promote decryption of messengers

The EU Commission is collecting outstanding cases with which it can promote the interception of messengers. Great Britain is going even further.

In six weeks, the European Commission plans to present its proposal for „legislation to effectively combat child sexual abuse“. According to the meeting calendar, this could take place on 2 March as things stand.

Presumably, the package also includes the long-awaited proposal for a regulation to identify, remove and report „illegal online content“ to combat child sexual abuse. Providers of messenger services or chat programmes would be obliged to automatically search their customers‘ communication for relevant material and make it accessible to law enforcement.

Originally, the planned regulation was already announced for spring of last year. The reason for the delay is probably the explosive nature of the law. It also affects encrypted content, including services such as Signal, Threema or Whatsapp. MEP Patrick Breyer has coined the catchword chat control for this forced screening. As with data retention, this is a mass surveillance of all citizens without any reason. „Chat control: Schengen states should promote decryption of messengers“ weiterlesen

Planned regulation: EU Commission postpones mandatory screening of encrypted chats

Providers of messengers and cloud services will be allowed to voluntarily screen for child abuse content worthy of prosecution, which is to become mandatory across the EU. The Council and Commission are pushing for an extension to other crime areas. Next week, the EU interior ministers will publish a declaration on this.

On 1 December, the European Commission planned to present its proposal for a regulation for „detection, removal and reporting of illegal content online“ in the area of child sexual abuse. It would require providers of messenger services or chat programmes to automatically scan private communications for such material.

But the already delayed bill is now being postponed again. This emerges from a comparison of the Commission’s agendas. The latest version, dated 26 October, no longer includes the legislative proposal. Originally, the Commission wanted to present the EU regulation already in spring. So far, there is no new date. „Planned regulation: EU Commission postpones mandatory screening of encrypted chats“ weiterlesen

Restrictive in cyberspace

New German cybersecurity guidelines harbour even more surveillance and centralised powers

The Federal Cabinet today approved the new „Cybersecurity Strategy for Germany“. The draft, prepared by the Federal Ministry of the Interior, is to be in place for five years and replaces the previous version from 2016. The document describes four different guidelines. Cybersecurity is to be understood as a joint task of the state, business, science and society. Associations as well as citizens themselves should also find „common answers“ to cyber threats. Under the heading „Digital Sovereignty“, the Federal Government wants to invest more in research and develop cyber security into a quality feature „Made in Germany“. „Restrictive in cyberspace“ weiterlesen

EU Council and Commission: New roadmap for access to encryption

The Portuguese Presidency is calling for an EU-wide regulation on access to encrypted content by police and judiciary. This should also affect device manufacturers. Failure to comply could result in companies being banned from doing business in the EU.

The European Union is to adopt a legal framework on decryption in the near future so that authorities can access „lawfully relevant data“. This was written by the Portuguese EU Council Presidency in a Communication which also presents a roadmap for this purpose. An important milestone is a proposal for „way forward“, which the EU Commission will prepare by 2022.

The paper from Portugal has been coordinated with the previous German and the upcoming Slovenian EU Presidencies. The German Ministry of the Interior had taken a new initiative against end-to-end encryption at the start of this so-called trio presidency and adopted a Resolution and Conclusions on the implementation of decryption capabilities. It states that the member states themselves should decide on the methods they use. „EU Council and Commission: New roadmap for access to encryption“ weiterlesen

Security research: EU Commission to fund technology to decrypt 5G connections

European police authorities are invited to submit proposals for the development of an interception platform. Authorities from third countries can also participate in the research project. Several German initiatives, including those of the domestic secret service, served as door openers.

The EU Commission announces new efforts to break end-to-end encrypted communications. This is according to the work programme of the Horizon 2020 research framework programme, which proposes numerous new projects in the area of „Civil Security for Society“ for the next two years. According to this, the Commission wants to spend five million euros on a platform for penetrating encrypted telephony.

The focus is on intercepting connections of the fifth mobile phone generation, which makes encrypted and anonymised connections technically possible. The project in the research line „Fighting crime and terrorism“ is therefore entitled „Lawful interception using new and emerging technologies (5G & beyond, quantum computing and encryption)“. „Security research: EU Commission to fund technology to decrypt 5G connections“ weiterlesen

How it all began: Five years of fight against end-to-end encryption

The German EU Presidency wants to enable police forces and secret services to circumvent end-to-end encrypted communication or to use technical tools to defeat it.

A look at the activities carried out over the past five years allows some conclusions about who is particularly committed to the new crypto war. In its wake, Europol is also developing new capabilities for using Trojans and cracking encrypted storage media. „How it all began: Five years of fight against end-to-end encryption“ weiterlesen

The EU in Crypto War

Once again, the EU member states demand the weakening of encryption, associations and activists protest vehemently

The German EU Council Presidency wants to pass a resolution to give police forces and secret services easier access to encrypted communications. Operators of end-to-end encrypted services are to provide the authorities with opportunities to intercept. This would apply to platforms such as Signal or WhatsApp, which encrypt their data streams in general. Telegram also offers its users this option, but the end-to-end encryption must be set separately in the app.

On December 3, the resolution drafted by the German Federal Ministry of the Interior is to be discussed and adopted at the Council of Interior Ministers in Brussels. The British civil rights organization Statewatch had put a first draft online, and on Sunday the Austrian Broadcasting Corporation (ORF) published a new version. It functionalizes the recent attack in Vienna as a necessity for competent authorities to read encrypted communication. „The EU in Crypto War“ weiterlesen

Right-wing attacks: German Police and Europol cannot decrypt suspects‘ devices

The Berlin police fail to crack the mobile phone and laptop of a neo-Nazi. This is stated in the final report of the investigation team on arson and spraying in the Neukölln district. Federal authorities and companies have also chipped their teeth at the devices.

The investigation of a right-wing series of attacks in Berlin is made considerably more difficult by the encryption of devices that the police confiscated from suspects. This is stated in the final report of the „Fokus“ investigation team. Accordingly, the police have asked several official and private agencies for help with decryption, each time unsuccessfully. The classified report has 72 pages, in a much shorter open version the explanations on digital forensics are missing. There is only a footnote stating that „work continues on the decryption of two encrypted devices of a suspect“.

For several years left-wing activists and projects in the Berlin district of Neukölln have been plagued by arson and spraying, while three members of the right-wing scene known to the police are suspected. Because the police were slow in investigating, Senator of the Interior Andreas Geisel (SPD) set up the „Fokus“ investigation team over a year ago. „Independent“ police officers were supposed to check the work of their colleagues. However, there is still no new evidence against the three main suspects Sebastian T., Tilo P. and Julian B. after the end of the new investigation. „Right-wing attacks: German Police and Europol cannot decrypt suspects‘ devices“ weiterlesen

German Ministry of the Interior plans EU declaration against encryption

Since 2016, the Council and Commission of the European Union have been working on ways to decrypt digital content. After setting up a department at Europol, the Internet companies are now being urged to cooperate more. They are to provide police and secret services with decrypted data on request.

Within the framework of its EU Council Presidency, the German government wants to achieve a declaration on encrypted communication on the Internet. This common line taken by all member states should put pressure on service providers to introduce appropriate solutions for decrypting. According to a Council document published yesterday by the British Civil Liberties Organization, the individual governments are to send their position to an e-mail address of the German Ministry of the Interior by October 7. After that, the Standing Committee on Operational Cooperation on Internal Security (COSI) will decide on how to proceed. There, the national interior ministries are coordinating among themselves. „German Ministry of the Interior plans EU declaration against encryption“ weiterlesen

European Commission starts new attack on end-to-end encryption

The „decryption platform“ at Europol plans to switch to supercomputers soon. A working group is looking for ways to counter end-to-end encryption. By the end of the year, the Commission plans to present a study on how internet providers can break these secure connections and report criminal content to the relevant authorities.

For years, the European Commission has been calling for law enforcement authorities to have more access to encrypted communications. The Council, in which the Member States are organised, also adopted conclusions to this effect three years ago. In addition, the European Union’s “ Anti-Terrorism Co-ordinator“ Gilles de Kerchove regularly publishes papers calling for the elimination of secure communications. Most recently, Kerchove drew attention to the gaming community and its chats with end-to-end encryption. „European Commission starts new attack on end-to-end encryption“ weiterlesen