While the battle between the FBI and Apple over backdoor access to iPhones ended without a legal ruling, it seems the European Union takes Apple’s side. The European Parliament has proposed legislation which would safeguard data privacy and specifically outlaw the creation of backdoors for law enforcement agencies.
The proposed legislation would also provide a legal right to use end-to-end encryption, preventing individual EU countries from banning its use …
The key wording appears in Amendment 116 in the proposed law.
When encryption of electronic communications data is used, decryption, reverse engineering or monitoring of such communications shall be prohibited. Member States shall not impose any obligations on electronic communications service providers that would result in the weakening of the security and encryption of their networks and services.
Should this become law, it would then be illegal for any EU country to require companies to create the kind of GovtOS the FBI asked of Apple.
Where end-to-end encrypted messages are concerned, the law would not only guarantee the right to use it, but would impose a duty on Internet service providers and others to use it themselves.
The providers of electronic communications services shall ensure that there is sufficient protection in place against unauthorised access or alterations to the electronic communications data, and that the confidentiality and safety of the transmission are also guaranteed by the nature of the means of transmission used or by state-of-the-art end-to-end encryption of the electronic communications data.
There are a lot of steps between a draft report and an enacted law, of course, so there is no guarantee that these proposals will make it through the process, but it’s certainly an encouraging sign. Sadly, the one country that has so far threatened to outlaw end-to-end encryption – the UK – is in the process of leaving the EU and so would not, for long at least, be bound by this.