Finger pressing padlock icon on virtual screen showing the importance of encryption in a data retention world
Encryption and Why It Matters in a Data Retention World by Jennifer Baker, EU Policy Correspondent

Encryption and Why It Matters in a Data Retention World

Despite the landmark ruling by the European Court of Justice in 2016, saying that indiscriminate data retention was illegal, several European countries are once again seeking to bring back the practice.

From the point of view of privacy advocates, the indiscriminate retention of communications data is highly harmful for many sectors of society as it impairs confidential communication. The “if you’ve nothing to hide…” comment is often trotted out in defence of privacy invasive practices, but in many areas of society professionals depend on confidentiality, for example psychotherapists, doctors, lawyers, workers councils, marriage counsellors, fertility centres, drug abuse counsellors, other counselling services and of course journalists to name but a few.

German MEP Patrick Breyer explains: “The recording of information about all citizens‘ everyday communications, movements and Internet use constitutes the greatest threat to our right to a self-determined and private life yet. Hundreds of innocent people could have been wrongly convicted in Denmark due to errors in retained communications data — the European Parliament will shortly address this case. Telecommunications data are particularly vulnerable to subjecting innocent people to criminal investigation and must therefore not be piled up without suspicion. Let us stop mass surveillance without cause! My work in the European Parliament is committed to this cause.”

While the likes of Breyer try to fight the mission creep of surveillance through policy and laws, others feel more inclined to take matters into their own hands and simply encrypt their communications. However even these measures have taken a blow.

In recent weeks, authorities the US, the UK and Australia have called on Facebook to not deploy end-to-end encryption.

According to reports the social network is currently working on developing better encryption. Specifically, governments asked Facebook to suspend plans “until [Facebook] can guarantee the added privacy does not reduce public safety”.

The Computer & Communications Industry Association, CCIA, is among those dismayed by the news.

As CCIA President & CEO Ed Black explained: “Strong encryption is increasingly vital to the privacy and security of individuals, national security and economic prosperity. Companies should be encouraged to develop and employ the security standards that the public expects for their devices and online activity.”

More than 50 civil society organizations also came out in support of Facebook’s plans to increase end-to-end security across its services and products. “We believe they have this entirely backwards: each day that platforms do not support strong end-to-end security is another day that this data can be breached, mishandled, or otherwise obtained by powerful entities or rogue actors to exploit it,” they said in an open letter.

Of course this isn’t only about Facebook, most security agencies would like to see encryption weakened across the board, but the focus on the world’s most popular platform is inevitable.

“Given the remarkable reach of Facebook’s messaging services, ensuring default end-to-end security will provide a substantial boon to worldwide communications freedom, to public safety, and to democratic values,”

Calls for so-called “backdoors” or “exceptional access” from authorities are nothing new,

and almost always cite “illegal content and activity”, including “child sexual exploitation and abuse” and “terrorism” as the reason they are needed. This time however “foreign adversaries’ attempts to undermine democratic values and institutions” has been added to the list of justifications.

“The UK, United States, and Australian authorities are once again falling into a false dichotomy between security and encryption,” said Guillermo Beltra, Policy Director of Access Now. “The reality is that encryption is an essential technology that strengthens the security of the internet’s infrastructure and enables users to enjoy their civil and political rights and express themselves freely.”

“Both Facebook and law enforcement already enjoy robust tools to uncover and pursue perpetrators of illegal activities,” said Peter Micek, General Counsel of Access Now. “Weakening encryption only puts innocent lives at risk. Survivors of sexual abuse and exploitation need more protection for the privacy and security of their personal data and accounts – not less. Human rights defenders also rely on the protection encryption provides as they speak up against abuses by governments and other actors. Lives are at risk when security fails and data leaks, so we support Facebook and other platforms in implementing robust and seamless encryption across their services and the global internet.”