A recent revision to a proposal in the European Union Council that would require the operators of communications services to develop a method for “upload moderation” of content such as pictures and videos has drawn sharp criticism from the president of Signal, one of the more popular secure messaging apps.
EU legislators have been considering various proposals that are ostensibly aimed at addressing the issue of child exploitation material on encrypted messaging and communications platforms for several years. Previous versions have included language that required client-side, or on-device, scanning of private messages and photos, something that cryptographers and computer scientists fought against this clause, explaining that it was not possible without introducing crippling security weaknesses to the encryption schemes on those devices and apps. That version was eventually voted down, but debate about the ability to somehow inspect encrypted messages and files has continued and the most recent proposal includes a requirement that platform operators have the ability to do so-called “upload moderation” of these files.
That idea has not gone over well in the security and privacy communities, as any implementation of that kind of technology would affect not just European companies and users, but people and operators around the world. The proposal would not be voluntary and the EU Council may reach a decision on it later this week.
“There is no way to implement such proposals in the context of end-to-end encrypted communications without fundamentally undermining encryption and creating a dangerous vulnerability in core infrastructure that would have global implications well beyond Europe,” Meredith Whittaker, president of Signal, the non-profit that operaties the secure messaging platform of the same name, said in a post Monday.
Whittaker echoed the sentiments of many in the cryptography and privacy communities who have repeatedly pointed out the dangers of introducing a weakness intentionally into these platforms. But lawmakers in the EU and elsewhere have continually gone down the same road, tweaking the language and looking for new ways to say the same thing.
“Rhetorical games are cute in marketing or tabloid reporting, but they are dangerous and naive when applied to such a serious topic with such high stakes. So let’s be very clear, again: mandating mass scanning of private communications fundamentally undermines encryption. Full stop. Whether this happens via tampering with, for instance, an encryption algorithm’s random number generation, or by implementing a key escrow system, or by forcing communications to pass through a surveillance system before they’re encrypted. We can call it a backdoor, a front door, or ‘upload moderation’,” Whittaker said.
“But whatever we call it, each one of these approaches creates a vulnerability that can be exploited by hackers and hostile nation states, removing the protection of unbreakable math and putting in its place a high-value vulnerability.”
Congress has considered various bills in the last few years that have included similar proposals, but none has made it through the process yet. There are likely to be future bills in the U.S., Europe, and elsewhere, however.
“Either end-to-end encryption protects everyone, and enshrines security and privacy, or it’s broken for everyone. And breaking end-to-end encryption, particularly at such a geopolitically volatile time, is a disastrous proposition,” Whittaker said.