France & Germany seek to force WhatsApp & Telegram to unlock encrypted messages
Privacy advocates have been alarmed by calls of French and German interior ministers, who proposed a law that would make it compulsory for digital messenger services to offer unencrypted records of users’ conversations to security services.
France’s Bernard Cazeneuve and Germany’s Thomas de Maiziere shared a platform, as they spoke to the press following a Paris meeting on combating terrorism.
Cazeneuve said the countries were “not questioning the idea of encryption” – the ability to send messages digitally that cannot be easily intercepted and deciphered by outsiders – but nonetheless pushed for a new law to be discussed by EU leaders during next month’s meeting in the Slovakian capital, Bratislava.
"If such legislation was adopted, this would allow us to impose obligations at the European level on non-cooperative operators," said the French minister.
Additionally, Cazeneuve and de Maiziere called for a bolstering of external EU borders, better information sharing between member states, and implementation of facial recognition software that could identify suspects in public places.
Cazeneuve specifically drew attention to Telegram, a fast-rising messenger service, founded three years ago by Russian tech entrepreneur Pavel Durov. Legally domiciled in several countries around the world, Telegram prides itself on extra security measures, functions such as self-destructing messages, and not kowtowing to governments.
Officials say that the app has been used to broadcast radical Islamist propaganda, and is also popular with terrorists planning attacks, with its latest documented use among the two men who murdered an elderly Catholic priest in Normandy, in France, earlier this month.
"Exchanges made via applications like Telegram must be able to be identified and used in legal proceedings," insisted Cazeneuve.
Facebook’s WhatsApp and Messenger, as well as Viber, are also likely to face the same requests.
The EU’s ePrivacy Directive is already under review, and the European Commission endorsed the ministers’ joint statement.
But privacy advocates are not impressed, particularly at the prospect of giving the government “back doors” – keys that could bypass encryption.
"How could we then prevent terrorists from creating their own encrypted apps and as a consequence enjoy a higher level of security than users who have nothing to hide," a group of leading privacy advocates wrote in a public appeal in Le Monde newspaper on Monday, in anticipation of Tuesday’s security meeting. "Cracking down on encryption for the wider public would therefore give a monopoly on its usage to organizations that would abuse it."
International policy director for the Computer and Communications Industry Association Christian Borggreen has said that recent Islamist attacks in Nice and Brussels should not lead to overly simplistic thinking.
“It is certainly understandable that some would respond to recent tragedies with backdoors and more government access. But weakened security ultimately leaves online systems more vulnerable to all types of attacks from terrorists to hackers. This should be a time to increase security – not weaken it,” he told Ars Technica.