EU wants internet firms to hand over encryption keys

EUObserver: A top EU official wants internet and telecommunication companies to hand over encryption keys to police and spy agencies as part of a wider crackdown on terrorism.

The EU’s counter-terrorism co-ordinator Gilles de Kerchove, in a document leaked by London-based civil liberties group Statewatch, says the European Commission should come up with rules that require the firms to help national governments snoop on possible suspects.

“Since the Snowden revelations, internet and telecommunications companies have started to use often de-centralised encryption which increasingly makes lawful interception by the relevant national authorities technically difficult or even impossible,” notes de Kerchove in the document.

Edward Snowden is a former US intelligence contractor who leaked files on how the US and UK intercept vast amounts of private data in the name of security.

The de Kerchove proposal joins similar recent calls made by the US and UK governments to weaken or ban certain forms of encryption.

UK prime minister David Cameron, in the aftermath of the Charlie Hebdo attack in Paris, said British intelligence agencies should have the legal ability to break the encrypted communications.

His plea was later joined by Obama who said post-Snowden encryption technologies was making it more difficult for spy agencies to crack suspect communications.

“If we find evidence of a terrorist plot … and despite having a phone number, despite having a social media address or email address, we can’t penetrate that, that’s a problem,” the US leader said.

Fears are mounting such proposals could force companies to introduce backdoor entries that would allow governments to pierce encrypted emails and smartphone message apps.

But critics warn that tech-savvy criminals can also exploit backdoors, leaving users more vulnerable to cyber attacks.

“Instead of protecting citizens, it will actually endanger citizens’ net security and trample fundamental rights to data protection and privacy,” said German Green MEP Jan Phillip Albrecht in a statement.

The US National Intelligence Council, in one of the documents leaked by Snowden, itself notes that strong encryption is the best defence against industrial espionage and online attacks from Russian and Chinese gangs.

Meanwhile, the de Kerchove paper goes further.

Last April, the Luxembourg-based European Court of Justice scrapped the EU data retention directive. But Kerchove wants the European Commission to come up with a new proposal.

He also wants a new Internet monitoring unit set up inside the EU police agency, Europol.

The unit would be tasked to comb the web for any illegal content and alert IT companies to remove it.

Kerchove suggests the police agency should also better align itself with the EU’s intelligence analysis centre, IntCen.