Crime should not be an excuse to break encryption. Encrypted communications are either secure (and private) or they are not.
This is what some experts told TechRadar, commenting on Europol’s recent headline statement. Speaking to the Financial Times, Catherine De Bolle said that tech giants have a “social responsibility” to give police access to encrypted messages used by criminals.
“Anonymity is not a fundamental right,” he said, arguing that law enforcement must be able to decipher encrypted messages to fight crime.
However, experts warn that creating a back door to law enforcement will undermine protections for everyone, leading to unsustainable consequences.
The encryption enigma
Tensions between technologists and law enforcement over end-to-end encryption are not new. Encryption refers to encoding data into an unreadable format to prevent third-party access and ensure that communications remain private between the sender and receiver, end-to-end.
However, as encrypted messaging apps have become more widespread, law enforcement has argued that police officers must be able to decode these private messages to successfully catch criminals.
The moment an end-to-end encrypted system contains a “backdoor”, it is no longer secure
Amandine Le Pape, Chief Operating Officer at Element
In the EU, for example, lawmakers are currently pushing the so-called Chat Control proposal which, if enacted, will require all encrypted communications providers to create such a backdoor in their software. Other countries, including the United States, are also considering similar legislation.
“The truth is that people – and organizations – want secure communications, except when it causes inconvenience,” said Amandine Le Pape, chief operating officer of Element, a secure communications platform used by government, defense and national security organizations.
A police team, Le Pape noted, needs its own communication to be secure. Imagine what could happen if an organized crime gang were able to compromise the law enforcement network. However, this is exactly what would happen to citizens if providers of secure communication platforms had to have mandatory encryption backdoors.
“On a technical level, the moment an end-to-end encrypted system contains a ‘backdoor,’ it is no longer secure,” said Le Pape, explaining how the same backdoor can also be exploited by ‘bad guys’ with the same goal.
US authorities installed backdoors to massively monitor their own citizens. Someone hacked into the back doors and millions of Americans’ communications ended up in unwanted hands. They are doing the same thing over and over again and expecting different results. Announcement today… pic.twitter.com/XgwmBNx1VfJanuary 20, 2025
Jan Jonsson, CEO of Mullvad VPN, agrees with this. “Any [De Bolle] is aware of the consequences of backdoors and wants to impose mass surveillance on the population. Either you don’t understand the basics,” Jonsson told TechRadar. “The communication is secure or it isn’t.”
The Salt Typhoon attack – the China-linked cyberattack targeting all major US telecommunications companies – is a reminder of such a threat. Attackers exploit a malware-laden backdoor to gain access and spy on people’s communications. This led US authorities to warn all citizens to switch to encryption.
That’s why, according to Element’s Le Pape, legal efforts to weaken communications security are unlikely to be implemented in the near future.
While the debate swings back and forth, he explains, the tech minds guiding the legislation support the need for end-to-end encryption. This is also the reason why, for example, the EU cannot reach an agreement on chat control after more than two years.
Mullvad’s Jonsson seems less optimistic about this, arguing that Europol was involved in both the Chat Control proposal and the so-called Going Dark initiative in the EU.
He said: “We hope that politicians realize the security risks and violations of fundamental rights that these initiatives entail.”
