The end of cryptography in Europe

This is the content of the letter on which the Italian Pirate Party is collecting signatures, add your signature at the bottom of the letter (see also the initiative of the European Pirate Party)

Is the end of cryptography and computer security in the European Union a matter of days?

Dear MEP, computer security and digital civil rights experts have always agreed that cryptographic techniques must be as robust and inviolable as possible. The European Union now wants the opposite.

This is not the first time it has happened. Since the infamous “Clipper Chip”, military intelligence and executive bodies have regularly promoted efforts to introduce the ability to violate End-to-End cryptographic technologies (such as HTTPS), allowing third-party access to any encrypted communication.

They’re lobbying to carry out legally authorised interceptions.

The EU Council is now expected to legislate on this issue in a few days, precisely the 25 November 2020.

From an IT security point of view, this statement is absurd.

IT security experts say it aloud and clear: any system that bypasses a cryptographic technique will inevitably have “bugs”. Such bypasses are generally of higher technical complexity than the method it has to “bypass”. Just one of these probable bugs will be enough to make technologies that are used worldwide by citizens, companies and governments, useless.

We are trading an all-to-prove advantage for certain and extensive damage.

From a digital civil rights point of view, every technology of this type will be abused, legally or not (Zuboff’s third law).

Current interception systems, for instance, are often technically violated and abused and typically sold to “rogue states”, then used against dissidents and human rights supporters.

In terms of crime-fighting, digitisation has not weakened but improved crime investigation techniques. That is not only true in cybercrime, but also in other criminal fields. Besides being misleading, it is not questionable but entirely wrong to claim that cryptography weakens law enforcement.

All computer sciences help in fighting crime.

The systematic “psychological trap” of supporting a war on crime to protect minors, justifying these measures, demonstrates the fact that this request is vain.

In reality, weakening E2E cryptographic techniques, both in a legal or an illegal form, will be used only against ordinary citizens.

Might our past teach us anything, it will probably be for the sake of mass surveillance and certainly not just for the repression of crime.

Criminals, who are flexible and without constraints, will utilize newfound mixes of physical and IT techniques to continue their illegal activities.

To sum up; the weakening of cryptographic techniques will not result in the decline of crime, but will threaten both computer security and civil rights, digital and not, of EU citizens.

We, therefore, ask you to take a position in all possible ways against the Draft Council Resolution on Encryption. Address it to the traditional media and [email protected], [email protected] and [email protected], and to ask the Council of Europe not to approve this measure.

Add your signature to this request: