European Parliament Committee Recommends End-To-End Encryption For All Electronic Communications

The European Parliament's (EP’s) Committee on Civil Liberties, Justice, and Home Affairs released a draft proposal for a new Regulation on Privacy and Electronic Communications. The draft recommends a regulation that will enforce end-to-end encryption on all communications to protect European Union citizens’ fundamental privacy rights. The committee also recommended a ban on backdoors.

Enforcement Of EU’s Charter Of Fundamental Rights

Article 7 of the E.U.’s Charter of Fundamental Rights says that E.U. citizens have a right to personal privacy, as well as privacy in their family life and at home. According to the EP committee, the privacy of communications between individuals is also an important dimension of this right.

The EP committee added that:

Confidentiality of electronic communications ensures that information exchanged between parties and the external elements of such communication, including when the information has been sent, from where, to whom, is not to be revealed to anyone other than to the parties involved in a communication. The principle of confidentiality should apply to current and future means of communication, including calls, internet access, instant messaging applications, e-mail, internet phone calls and messaging provided through social media.

Protecting Citizens Against Hacking Of Personal Information

The EP committee believes that encryption needs to be used to protect EU citizens’ sensitive information such as personal experiences and emotions, medical conditions, sexual preferences, and political views. The disclosure of this info could lead to personal and social harm, or economic loss.

The committee also argued that it’s not just the content of information that needs to be protected, but also the metadata associated with it:

The metadata includes the numbers called, the websites visited, geographical location, the time, date and duration when an individual made a call etc., allowing precise conclusions to be drawn regarding the private lives of the persons involved in the electronic communication, such as their social relationships, their habits and activities of everyday life, their interests, tastes etc. The protection of confidentiality of communications is also an essential condition for the respect of other related fundamental rights and freedoms, such as the protection of freedom of thought, conscience and religion, and freedom of expression and information.

The EP committee also noted that electronic communications are generally personal data, which means they should also be protected under the recently passed General Data Protection Regulation. Therefore, the new regulation on private communications should not lower the protections written in the GDPR, but it should instead offer complementary safeguards for the confidentiality of communications.

Providers Affected By The Regulation

The updated Regulation on Privacy and Electronic Communications will apply to providers of electronic communication services, providers of publicly available directories, and software providers that permit electronic communications and the retrieval of information on the internet.

We’ve lately seen some EU member states push for increased surveillance and even backdoors in encrypted communications, so there seems to be some conflict here between what the European Parliament institutional bodies may want and what some member states do.

However, if this proposal for the new Regulation on Privacy and Electronic Communications passes, it should significantly increase the privacy of E.U. citizens’ communications, and it won’t be so easy to roll back the changes to add backdoors in the future.

The committee makes it clear that backdoors introduced by member states should be forbidden:

The providers of electronic communications services shall ensure that there is sufficient protection in place against unauthorised access or alterations to the electronic communications data, and that the confidentiality and safety of the transmission are also guaranteed by the nature of the means of transmission used or by state-of-the-art end-to-end encryption of the electronic communications data. Furthermore, when encryption of electronic communications data is used, decryption, reverse engineering or monitoring of such communications shall be prohibited. Member States shall not impose any obligations on electronic communications service providers that would result in the weakening of the security and encryption of their networks and services

Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
  • JamesSneed
    It must be nice to live in a country that has a citizens first policy. I do not want to move to the EU but I wish the US would change its culture in politics from corporations first to citizens first. The EU also has a lovely 2-year warranty law to keep companies from making stuff that will fail in a year or so.
    Reply
  • dstarr3
    Seriously. Living in a first-world nation must be nice. Americans have no clue what it's like anymore.
    Reply
  • Morbus
    Thank the gods for common sense!
    Also, I'm glad we, Europeans, can keep laughing at the rest of the world.
    Reply
  • hannibal
    I am European and don't feel anything that is laughtable in other countries, but I agree that citicens should be priority in everywhere. USA should remember its constitution law and think what is its spirit. It is a guideline that would work in most cases anywhere in the world!
    But everything has to start somewhere and I hope that all electronic and information companies take this matter very seriously. Soon other parts of the world will demand the same in their areas too.
    Reply
  • JamesSneed
    19825682 said:
    I am European and don't feel anything that is laughtable in other countries, but I agree that citicens should be priority in everywhere. USA should remember its constitution law and think what is its spirit. It is a guideline that would work in most cases anywhere in the world!
    But everything has to start somewhere and I hope that all electronic and information companies take this matter very seriously. Soon other parts of the world will demand the same in their areas too.

    Being from the US I hope we follow the EU in many areas that effect consumers and citizens as you seem to intact some of the most lovely legislation to protect the everyday person.
    Reply
  • Gillerer
    You need to remember this news piece is only about a European Parliament committee proposal. EP is often at the forefront of civil liberties talks, but if the national governments don't agree to it, nothing will happen.

    As a EU citizen, the European Parliament often feels more like a think tank than a legislative body, considering how little effect their decisions have.
    Reply