The Cybersecurity Advisors Network believes that the security and privacy of information are fundamental to a thriving digital economy and society. We are committed to supporting initiatives, standards, technologies, and laws that enhance the global information ecosystem’s security, trustworthiness, safety, and resilience. Central to this commitment is our unwavering support for strong end-to-end encryption.
The Importance of Encryption
Encryption does more than protect technological infrastructures; it has significant social, political, and economic implications. By securing business transactions and voting processes, encryption ensures that these activities remain confidential and reliable. It also protects individuals’ privacy and shields them from cyber threats. In regions where fundamental rights are threatened, encryption enables dissidents and members of other threatened groups, such as LGBTQ, to communicate securely and free from governmental eavesdropping.
The Risks of Encryption Backdoors
Laws requiring encryption backdoors are often based in good intentions. However, introducing backdoors into encryption solutions compromises the very data security we strive to uphold. Such vulnerabilities can be exploited by malicious actors, lead to government overreach, or introduce unintentional security flaws. Importantly, criminals will bypass these laws by using unregulated encrypted platforms, rendering the backdoors ineffective.
Recent Legislative Challenges
In recent months, CyAN has voiced its opposition to several legislative efforts that threatened encryption integrity:
- The EU’s Chat Control proposal aimed to mandate backdoors in encryption but was ultimately defeated with concerted opposition from various stakeholders.
- In the UK, despite significant pushback, Apple has been forced to disable end-to-end encryption for iCloud users, significantly undermining user privacy and security.
Meanwhile, new threats to the integrity of end-to-end encryption have emerged in Europe:
- Sweden has issued demands to the Signal Foundation to allow access to encrypted messages. Signal has responded by threatening to exit the Swedish market rather than comply.
- France is contemplating an amendment to its “Narcotrafic” law that would compel encrypted messaging services to decrypt messages on law enforcement requests, ostensibly to combat drug trafficking. This move has been criticized widely, including by privacy advocates like Tuta, highlighting the potential for serious privacy violations.
Both of these proposals would have a serious and detrimental impact on all services relying on end-to-end encryption – including secure messengers like Signal and WhatsApp, VPNs, and others.
CyAN’s Stance
While we recognize and appreciate the efforts of law enforcement and intelligence agencies in combating crimes such as child exploitation, drug trafficking, and terrorism, these efforts must not compromise the overarching need for privacy and security. CyAN strongly opposes any legislative proposals that threaten the integrity of encryption and, by extension, the privacy and security of the global digital community.
As part of our ongoing commitment to fostering a secure, private, and resilient digital world, CyAN will continue to lead and support efforts to preserve the strength of encryption. We urge legislators and the public to stand with us in opposing any initiatives that undermine these fundamental digital protections.