The Council of the EU is currently working on draft conclusions calling for the development of technical solutions enabling law enforcement and judicial authorities to access encrypted data in the context of their mandate. The draft text, which is still confidential, was leaked on Monday 9 November by Austrian broadcaster ORF, prompting an avalanche of criticism on Twitter.
The draft document, which has yet to be approved by the Member States, points out that the competent authorities in the field of security and criminal justice are increasingly hampered by encryption.
Developing technical solutions
“There are situations in which encryption makes the analysis of the content of communications in the context of access to electronic evidence extremely difficult or practically impossible, despite the fact that access to such data is legal”, says the text, which is still confidential at this stage. It highlights the need to develop a coherent regulatory framework across the EU that would allow competent authorities to carry out their tasks and, in particular, the importance of defining and establishing innovative approaches to new technologies.
“Potential technological solutions will have to allow authorities to use their investigative powers, which are subject to proportionality, necessity and judicial review according to their national legislation, while supporting fundamental rights and preserving the benefits of encryption”, it adds.
Twitter response is overwhelming
The leaked document caused an avalanche of reactions from digital rights organisations and several MEPs.
MEP Patrick Breyer (Greens/EFA, Germany), a member of the German Pirate Party, expressed doubts about the idea of “partial backdoor”, which he said could not exist. “Anyone who sacrifices secure encryption in order allow for eavesdropping will destroy the protection of private secrets, business secrets and State secrets, and open the door to mass-spying by foreign secret services and hacker attacks”, he warns.
Faced with the uproar, a spokesman for the German Federal Ministry of the Interior stated, on behalf of the German EU Council Presidency, that the aim of the initiative was to “enter into a permanent dialogue with companies in order to achieve a general consensus and to work together with companies on proposed solutions that represent the least possible interference with encryption systems”. He added that the current draft does not contain “any solution proposals”. And he added: “Rather, it is intended as a first step towards a trusting discussion and cooperation between politics, business and academia”.
Adoption in Coreper on 25 November
Member States may submit their comments on the draft text until 12 November, with a view to its adoption by the Committee of Permanent Representatives on 25 November. The EU Council will then have to formally approve the text by written procedure.
See the draft conclusions: https://bit.ly/35gR5TF (Original version in French by Sophie Petitjean)