- More than 60 groups call on governments to protect encryption
- Signatories warn backdoors create systemic security risks
- This commitment comes at a time when encryption is under constant scrutiny
A total of 61 organizations from the technology and privacy sectors have signed a new global declaration urging governments to protect strong encryption.
Shared by ACT (The App Association), the statement notes that the weakening of encrypted services threatens both security and the digital economy.
The letter comes amid growing political pressure against encrypted communications around the world, particularly in the EU, where debate around the Chat Control bill continues to intensify.
Various encryption backdoor proposals introduce an additional element of vulnerability, experts warn, and there is no way to guarantee that these vulnerabilities won’t be exploited later.
Among the signatories is the VPN Trust Initiative, a consortium representing several of the top VPN providers. VPNs have also been targeted by some governments as part of these recent efforts.
“Strong encryption is essential”
The global declaration highlights the importance of encryption in many aspects of our digital lives.
The letter notes that encryption “protects user privacy, protects sensitive data, and enables trust.” All of these are called “foundations of commerce, communication and innovation”.
Without encryption, users are much less likely to use various applications with confidence. Knowing that your private data or conversations may be subject to surveillance or data leaks means that many of the most privacy-conscious users could be left without secure communication options.
The letter notes that undermining encryption through things like backdoors or key escrow schemes weakens user trust in various digital services. This also affects the digital economy and small businesses.
What’s more, it introduces systemic vulnerabilities – it’s inevitable. You can’t create a loophole in the system and let only law enforcement use it; cybercriminals are also very likely to find their way there.
The coalition recognizes that governments and national security agencies must be able to access evidence and fight crime, but it notes that this should be done in ways that “do not compromise the security and privacy of billions of consumers and business users.”
Signatories include some of the largest organizations in technology and data privacy, including the VPN Trust Initiative (VTI). This organization, led by founding members like ExpressVPN, NordVPN, and VyprVPN, sets the industry standards for VPN providers.
Encrypted data is constantly at risk
The call to protect encryption comes amid attempts by governments to access encrypted data. This is particularly prevalent in the EU, where several recent proposals have alarmed privacy experts.
The European Commission presented a new roadmap in June this year, seeking to establish a way for law enforcement to access citizens’ private data by 2030.
Previously, end-to-end encryption was considered “the biggest technical challenge”, and tools such as VPN services and encrypted chat applications were both seen as a threat to the effectiveness of investigative work.
European lawmakers also support the Chat Control proposal, which could introduce client-side analysis. This would involve scanning private chats on the device before they are encrypted. The latest proposal to control the discussions has now received broad support from EU lawmakers and would have moved to the next legislative stage.
Not all law enforcement officials agree with this point of view. James A. Baker, former general counsel of the United States Federal Bureau of Investigation, said: “Encryption is vital for law enforcement to protect society. » He also called client-side analytics a “fundamentally bad idea.”
