- More than 60 groups call on governments to protect encryption
- Signatories warn that backdoors create systemic security risks
- The compromise comes at a time when encryption is constantly coming under scrutiny
A total of 61 organizations from across the tech industry and privacy world have signed a new global statement urging governments to protect strong encryption.
Shared by ACT (The App Association), the statement notes that the weakening of encrypted services threatens both security and the digital economy.
The letter comes amid growing political pressure against encrypted communications around the world, especially in the EU, where the debate around the Chat Control bill continues to intensify.
Various proposed encryption backdoors introduce an additional element of vulnerability, experts warn, and there is no way to guarantee that these vulnerabilities will not be exploited later.
Among the signatories is the VPN Trust Initiative, which is a consortium representing many of the best VPN providers. Some governments have also targeted VPNs as part of these recent efforts.
“Strong encryption is essential”
The global statement highlights the importance of encryption in many aspects of our digital lives.
The letter notes that encryption “safeguards user privacy, protects sensitive data, and enables trust.” All of them are known as “foundations of commerce, communication and innovation.”
Without encryption, users are much less likely to use multiple applications with complete confidence. Knowing that your data or private conversations may be subject to surveillance or data leaks means that many of the most privacy-conscious users could be left without secure options for communicating.
The letter notes that undermining encryption through backdoors or key escrow systems weakens the trust users have in various digital services. It also affects the digital economy and small businesses.
More than that, it introduces systemic vulnerabilities, something that is inevitable. You cannot create a flaw in the system and only allow it to be used by law enforcement; It is very likely that cybercriminals will also find their way.
The coalition recognizes that governments and national security agencies must be able to access evidence and fight crime, but notes that this must be done through ways that “do not compromise the security and privacy of billions of consumers and business users.”
Signatories include some of the largest organizations in technology and data privacy, including the VPN Trust Initiative (VTI). This organization, led by founding members such as ExpressVPN, NordVPN, and VyprVPN, sets industry standards for VPN providers.
Encrypted data is in constant danger
The call to protect encryption comes against a backdrop of attempts by governments to gain access to encrypted data. This is especially prevalent in the EU, where several recent proposals have raised alarm among privacy experts.
The EU Commission presented a new roadmap in June this year, seeking to establish a way for law enforcement to access citizens’ private data by 2030.
Previously, end-to-end encryption was highlighted as “the biggest technical challenge,” and tools like VPN services and encrypted chat apps were seen as a threat to effective investigative work.
European lawmakers are also pushing the Chat Control proposal, which could introduce client-side scanning. This would involve scanning private chats on the device before they are encrypted. Chat Control’s latest proposal has now received broad support from EU lawmakers and has reportedly moved on to the next legislative step.
Not all representatives of law enforcement agencies agree with this opinion. James A. Baker, former general counsel of the US Federal Bureau of Investigation, said: “Encryption is vital for law enforcement to protect society.” He also referred to client-side scanning as a “fundamentally bad idea.”
