Encryption – Security Architectures in the EU

German Presidency: G7 countries support EU policy on chat control

In Eltville in November, the G7 interior ministers want to put pressure on internet companies to use filter technologies to detect sexual abuse and grooming of children. The driver is Great Britain, which is leading the way with a new law. Encryption is also affected.

On May 11, 2022, the EU Commission presented its proposal for a regulation to combat child abuse. This contains numerous obligations for Internet service providers, including measures to assess and minimize the risk of the spread of sexual abuse and grooming. If this risk is assessed as „high,“ authorities can issue so-called detection orders. Companies must then deploy filtering technologies that, as it stands now, will also block out encrypted communications.

The proposal, which the Commission drafted after repeated requests from the Council of 27 EU member states, will be discussed for the first time at the informal Justice and Home Affairs Council in Prague on Monday. In the Internet civil society, the plan, dubbed „chat control,“ is facing widespread opposition. The EU governments are now getting support from the G7 countries, whose heads of government addressed the issue at their summit in Elmau a week ago. Under the German G7 presidency, the interior ministers were subsequently tasked with taking measures. „German Presidency: G7 countries support EU policy on chat control“ weiterlesen

Data retention and decryption: Justice and Home Affairs Council wants more surveillance

EU member states will call for bypassing encryption also for counterterrorism and law enforcement. In addition, the entry of extremism suspects should be prevented and their assets frozen in the Union.

Tomorrow, the EU justice ministers will hold their regular meeting in Luxembourg, followed the next day by the interior ministers. Together, they form the Justice and Home Affairs Council, where member states adopt pending legislation or make policy statements.

In addition to the legislative projects, the interior ministers also want to adopt conclusions on the fight against terrorism on Friday. Under the title „Protecting Europeans from terrorism: achievements and next steps“, measures are called for in various areas. There are now several versions of the document, all of which have so far been classified. However, the British civil liberties organization Statewatch has posted an April 11 version online. „Data retention and decryption: Justice and Home Affairs Council wants more surveillance“ weiterlesen

Chat control: Schengen states should promote decryption of messengers

The EU Commission is collecting outstanding cases with which it can promote the interception of messengers. Great Britain is going even further.

In six weeks, the European Commission plans to present its proposal for „legislation to effectively combat child sexual abuse“. According to the meeting calendar, this could take place on 2 March as things stand.

Presumably, the package also includes the long-awaited proposal for a regulation to identify, remove and report „illegal online content“ to combat child sexual abuse. Providers of messenger services or chat programmes would be obliged to automatically search their customers‘ communication for relevant material and make it accessible to law enforcement.

Originally, the planned regulation was already announced for spring of last year. The reason for the delay is probably the explosive nature of the law. It also affects encrypted content, including services such as Signal, Threema or Whatsapp. MEP Patrick Breyer has coined the catchword chat control for this forced screening. As with data retention, this is a mass surveillance of all citizens without any reason. „Chat control: Schengen states should promote decryption of messengers“ weiterlesen

Planned regulation: EU Commission postpones mandatory screening of encrypted chats

Providers of messengers and cloud services will be allowed to voluntarily screen for child abuse content worthy of prosecution, which is to become mandatory across the EU. The Council and Commission are pushing for an extension to other crime areas. Next week, the EU interior ministers will publish a declaration on this.

On 1 December, the European Commission planned to present its proposal for a regulation for „detection, removal and reporting of illegal content online“ in the area of child sexual abuse. It would require providers of messenger services or chat programmes to automatically scan private communications for such material.

But the already delayed bill is now being postponed again. This emerges from a comparison of the Commission’s agendas. The latest version, dated 26 October, no longer includes the legislative proposal. Originally, the Commission wanted to present the EU regulation already in spring. So far, there is no new date. „Planned regulation: EU Commission postpones mandatory screening of encrypted chats“ weiterlesen

Restrictive in cyberspace

New German cybersecurity guidelines harbour even more surveillance and centralised powers

The Federal Cabinet today approved the new „Cybersecurity Strategy for Germany“. The draft, prepared by the Federal Ministry of the Interior, is to be in place for five years and replaces the previous version from 2016. The document describes four different guidelines. Cybersecurity is to be understood as a joint task of the state, business, science and society. Associations as well as citizens themselves should also find „common answers“ to cyber threats. Under the heading „Digital Sovereignty“, the Federal Government wants to invest more in research and develop cyber security into a quality feature „Made in Germany“. „Restrictive in cyberspace“ weiterlesen

EU Council and Commission: New roadmap for access to encryption

The Portuguese Presidency is calling for an EU-wide regulation on access to encrypted content by police and judiciary. This should also affect device manufacturers. Failure to comply could result in companies being banned from doing business in the EU.

The European Union is to adopt a legal framework on decryption in the near future so that authorities can access „lawfully relevant data“. This was written by the Portuguese EU Council Presidency in a Communication which also presents a roadmap for this purpose. An important milestone is a proposal for „way forward“, which the EU Commission will prepare by 2022.

The paper from Portugal has been coordinated with the previous German and the upcoming Slovenian EU Presidencies. The German Ministry of the Interior had taken a new initiative against end-to-end encryption at the start of this so-called trio presidency and adopted a Resolution and Conclusions on the implementation of decryption capabilities. It states that the member states themselves should decide on the methods they use. „EU Council and Commission: New roadmap for access to encryption“ weiterlesen

Security research: EU Commission to fund technology to decrypt 5G connections

European police authorities are invited to submit proposals for the development of an interception platform. Authorities from third countries can also participate in the research project. Several German initiatives, including those of the domestic secret service, served as door openers.

The EU Commission announces new efforts to break end-to-end encrypted communications. This is according to the work programme of the Horizon 2020 research framework programme, which proposes numerous new projects in the area of „Civil Security for Society“ for the next two years. According to this, the Commission wants to spend five million euros on a platform for penetrating encrypted telephony.

The focus is on intercepting connections of the fifth mobile phone generation, which makes encrypted and anonymised connections technically possible. The project in the research line „Fighting crime and terrorism“ is therefore entitled „Lawful interception using new and emerging technologies (5G & beyond, quantum computing and encryption)“. „Security research: EU Commission to fund technology to decrypt 5G connections“ weiterlesen

How it all began: Five years of fight against end-to-end encryption

The German EU Presidency wants to enable police forces and secret services to circumvent end-to-end encrypted communication or to use technical tools to defeat it.

A look at the activities carried out over the past five years allows some conclusions about who is particularly committed to the new crypto war. In its wake, Europol is also developing new capabilities for using Trojans and cracking encrypted storage media. „How it all began: Five years of fight against end-to-end encryption“ weiterlesen

The EU in Crypto War

Once again, the EU member states demand the weakening of encryption, associations and activists protest vehemently

The German EU Council Presidency wants to pass a resolution to give police forces and secret services easier access to encrypted communications. Operators of end-to-end encrypted services are to provide the authorities with opportunities to intercept. This would apply to platforms such as Signal or WhatsApp, which encrypt their data streams in general. Telegram also offers its users this option, but the end-to-end encryption must be set separately in the app.

On December 3, the resolution drafted by the German Federal Ministry of the Interior is to be discussed and adopted at the Council of Interior Ministers in Brussels. The British civil rights organization Statewatch had put a first draft online, and on Sunday the Austrian Broadcasting Corporation (ORF) published a new version. It functionalizes the recent attack in Vienna as a necessity for competent authorities to read encrypted communication. „The EU in Crypto War“ weiterlesen

Right-wing attacks: German Police and Europol cannot decrypt suspects‘ devices

The Berlin police fail to crack the mobile phone and laptop of a neo-Nazi. This is stated in the final report of the investigation team on arson and spraying in the Neukölln district. Federal authorities and companies have also chipped their teeth at the devices.

The investigation of a right-wing series of attacks in Berlin is made considerably more difficult by the encryption of devices that the police confiscated from suspects. This is stated in the final report of the „Fokus“ investigation team. Accordingly, the police have asked several official and private agencies for help with decryption, each time unsuccessfully. The classified report has 72 pages, in a much shorter open version the explanations on digital forensics are missing. There is only a footnote stating that „work continues on the decryption of two encrypted devices of a suspect“.

For several years left-wing activists and projects in the Berlin district of Neukölln have been plagued by arson and spraying, while three members of the right-wing scene known to the police are suspected. Because the police were slow in investigating, Senator of the Interior Andreas Geisel (SPD) set up the „Fokus“ investigation team over a year ago. „Independent“ police officers were supposed to check the work of their colleagues. However, there is still no new evidence against the three main suspects Sebastian T., Tilo P. and Julian B. after the end of the new investigation. „Right-wing attacks: German Police and Europol cannot decrypt suspects‘ devices“ weiterlesen