A participant sits with a laptop computer as he attends the annual Chaos Communication Congress of the Chaos Computer Club at the Berlin Congress Center on December 28, 2010 in Berlin, Germany.
EU plans to protect internet users’ confidentiality have come under criticism for potentially making it more difficult to police online material.
Draft legislation has called for end-to-end encryption to be imposed “when available” and a ban on backdoor access to secure platforms “that offer guaranteed access to law enforcement”, says Engadget.
The aim is to protect sensitive and personal details from hackers or government surveillance.
However, as strengthened web security has a host of benefits and flaws, it could have significant ramifications for both law enforcement and private online users.
What is end-to-end encryption?
End-to-end encryption is a security tool that “prevents unauthorised access to your data”, says Wired. Basically, it keeps the likes of email, chat apps and online banking secure by virtually locking the information between the user and the service provider. A website using end-to-end encryption will have an address beginning with “https”, while non-encrypted sites are prefixed with “http”.
It works by “scrambling” the data send between the two parties, adds the website, transforming the information “into a lengthy code” that is “unreadable for anybody else attempting to access it”.
An example of end-to-end encryption can be seen in the online chat app Whatsapp, says The Sun. Information sent between users can’t be intercepted by others, including WhatsApp itself.
Reports that Westminster terrorist Khalid Masood used WhatsApp before his attack led Home Secretary Amber Rudd to declare end-to-end encryption was “completely unacceptable”, reports The Guardian.
How does a backdoor work?
Tech companies such as Apple and Google build products with “whole-device encryption” that cannot be unlocked by either the authorities or the firms themselves, The Verge reports.
Backdoor to encryption will allow a select few, such as the police or tech firms, to access a user’s online or offline information.
Why might the EU ban it?
The EU’s proposals relate to “Article 7 of the EU’s Charter of Fundamental Rights”, which guarantees Europeans “a right to personal privacy, as well as privacy in their family life and at home”, reports MacRumors. [https://www.macrumors.com/2017/06/19/eu-proposals-ban-encryption-backdoo… “By extension, the ‘confidentiality and safety’ of EU citizens’ electronic communications needs to be ‘guaranteed’ in the same manner.”
Backdoors “may reveal highly sensitive information about citizens” and so infringe the personal privacy of internet and chat-apps users, it adds.
The security benefits of backdoors
The concept of a backdoor aims to balance the security of everyday web users while providing authorities with an access route to clamp down on illegal or extremist material.
Speaking on the BBC in March, the Home Secretary argued it would give UK intelligence services “the ability to get into situations like encrypted Whatsapp”
Companies which use encrypted services have responsibility to “engage with the government, to engage with law enforcement agencies when there is a terrorist situation”, she added, and providing a backdoor to would “make sure there’s no hiding place for terrorists”.
Rudd’s boss Theresa May agrees, saying tech companies “provide the safe space” for extremist content to grow.
But there are some flaws
According to computer scientists at the Massachusetts Institute of Technology, backdoors would be “unworkable in practice” as “new technology features would have to be deployed and tested with literally hundreds of thousands of developers all around the world”.
They also say “bad actors” could obtain backdoor keys and “enjoy the same privilege” as law enforcement agencies.
Meanwhile, Marty P Kamden, head of marketing at virtual private network firm NordVPN, told Forbes “there is no proven record showing that internet restriction could prevent any sinister plots from happening”.
He argues that a backdoor “can actually be used by the same people that the government wants to keep track of” and that the system “gives away a lot of private information about each citizen and puts big power in the hands of anyone who wants to take advantage of it”.