European Law Enforcement Officials Declare Encryption Must Be Broken To Ensure Public Safety
The European government has spent a few years trying to break encryption. The results have been, at best, mixed. Of course, the EU government claims it's not actually interested in breaking encryption. Instead, it hides its intentions behind phrases like client-side scanning" and chat control." But it all just means the same thing: purposefully weakening or breaking encryption to allow the government to monitor communications.
Client-side scanning would necessitate the removal of one end of end-to-end encryption. Monitoring communications for chat control" would mean the same thing. Fortunately, plenty of EU members disagreed with these proposals, finally forcing the EU Commission to drop its anti-encryption demands... for now.
As the EU government moves on from its failed proposal, it's undergoing the usual stages of grief. First and foremost is denial - something often expressed in op-eds and formal statements that are short on facts or logic, but long on strawmen and cognitive dissonance.
But there's still a desire to undermine encryption - one that simply won't go away just because several EU members nations are against it. And here's where the cops have decided to insert themselves, even though most EU citizens couldn't care less about law enforcement's thoughts on policy issues. I mean, they're always the same sort of thing: less accountability, more power, fewer rights for citizens, etc.
Unfortunately, the ruling class tends to listen to cops because cops are part of the conjoined triangles (or whatever) that ensures people in power retain their power while being protected from the people being ruled. What works for cops works for the rest of the government, and that's why this statement carries some weight, even if it's exactly the sort of thing you'd expect to roll out of a cop's mouth.
This statement [PDF], released by the European Police Chiefs, has been prompted by Meta's rollout of end-to-end encryption for its Facebook Messenger service.
European Police Chiefs are calling for industry and governments to take urgent action to ensure public safety across social media platforms.
Privacy measures currently being rolled out, such as end-to-end encryption, will stop tech companies from seeing any offending that occurs on their platforms. It will also stop law enforcement's ability to obtain and use this evidence in investigations to prevent and prosecute the most serious crimes such as child sexual abuse, human trafficking, drug smuggling, homicides, economic crime and terrorism offences.
The declaration, published today and supported by Europol and the European Police Chiefs, comes as end-to-end encryption has started to be rolled out across Meta's messenger platform.
Well, ensuring public safety often takes the form of securing people's private communications, i.e., the end-to-end encryption this formal statement rails against. I'm sure the EU police chiefs and the people who work for them appreciate the security enabled by encryption, whether its protecting their devices from the curiosity of interlopers or shielding their communications from public view.
But what works best for cops can't be extended to the general public because, unlike cops shops, the public is known to be riddled with criminals. (Yes, I know. But I'm trying my best to explain this from the perspective of law enforcement officials, who would never admit they're not doing much to keep their own backyards clean, so to speak.)
The letter opens with an admission by the collective of police chiefs that they're unable to do their jobs unless tech companies do half the work for them.
We, the European Police Chiefs, recognise that law enforcement and the technology industry have a shared duty to keep the public safe, especially children. We have a proud partnership of complementary actions towards that end. That partnership is at risk.
Two key capabilities are crucial to supporting online safety.
First, the ability of technology companies to reactively provide to law enforcement investigations - on the basis of a lawful authority with strong safeguards and oversight - the data of suspected criminals on their service. This is known as lawful access'.
We'll pause here for a moment because Europol has already given us plenty to work with. First, there's the invocation of the children," which is always a leading indicator of disingenuous arguments. If you're say you're doing it for the kids, you can get all kinds of irrational because who in their right mind would argue against someone who claims to be deeply interested in protecting children from criminals?
Then there's the phrase lawful access," which means nothing more than cops believe they should have access to any potential evidence just because they have a warrant. This supposed hole in law enforcement efficiency is blamed on the advent of encryption, even though criminals have been destroying or hiding evidence for years but no law enforcement official ever sent out a statement demanding the manufacturers of fire pits, paper shredders, or bridges over bodies of water stop making it so easy for criminals to hide evidence from investigators.
Moving on, there's more of the same stuff for a couple of paragraphs. It's the police chiefs griping that evidence is now suddenly out of reach and that's because tech companies won't create encryption backdoors or just refuse to deploy encryption in the first place. More is said about crimes against children, terrorism, human trafficking, drug smuggling, and (LOL) economic crime," the last of which is something no government body is truly serious about because it would require prosecuting people who give them massive amounts of money in exchange for government goods and services. If you've heard these arguments once, you've heard them a thousand times. We won't rehash them here.
But we will quote the statement again because it goes back to the we've never had trouble obtaining evidence before this exact point in time" well, even though that's clearly false.
Our societies have not previously tolerated spaces that are beyond the reach of law enforcement, where criminals can communicate safely and child abuse can flourish. They should not now. We cannot let ourselves be blinded to crime. We know from the protections afforded by the darkweb how rapidly and extensively criminals exploit such anonymity.
OK, chief. I don't remember any mobs (flash or pitchfork-wielding) wandering into neighborhoods to destroy fireplaces, paper shredders, or toilets because those areas might be beyond the reach of law enforcement" when it comes to ensuring evidence is always accessible to investigators. And they've never taken down phone lines or slashed postal vehicles' tires just because criminals might use those methods to communicate safely."
Our societies have always understood criminals will have options, some of which are beyond the reach of law enforcement. They don't want to see those options destroyed or undermined just because criminals also happen to use the same options non-criminals use.
Then there's the unneeded swipe at anonymity," which suggests Europol's top cops think online anonymity is problematic in and of itself - even the stuff that exists out in the open away from the depths of the dark web."
Finally, the cops of Europe reach the nerd harder" point of their message - one that claims to be conciliatory but is anything but:
We are committed to supporting the development of critical innovations, such as encryption, as a means of strengthening the cyber security and privacy of citizens. However, we do not accept that there need be a binary choice between cyber security or privacy on the one hand and public safety on the other. Absolutism on either side is not helpful. Our view is that technical solutions do exist; they simply require flexibility from industry as well as from governments.
Whenever government entities pushing new forms of intrusion start talking about flexibility," that trait should only apply to those on the receiving end of the imposition. Governments will never back down. It's always the other side that's expected to compromise their standards and ethics.
This statement isn't going to budge the needle for Meta or others offering the same level of security for their users. But it may light a small fire under the asses of enemies of encryption in the European government. And that's the real danger of this collection of cliches presenting itself as a principled stance on the issue.