Dutch government backs strong encryption, condemns backdoors

The Netherlands government issued a strong statement on Monday against weakening encryption for the purposes of law enforcement and intelligence agencies.

The move comes as governments in the United Kingdom and China act to legally require companies to give them access to wide swaths of encrypted Internet traffic. U.S. lawmakers are also considering introducing similar legislation.

The Dutch executive cabinet endorsed “the importance of strong encryption for Internet security to support the protection of privacy for citizens, companies, the government, and the entire Dutch economy,” Ard van der Steur, the Dutch minister of security and justice, wrote in the statement. “Therefore, the government believes that it is currently not desirable to take legal measures against the development, availability and use of encryption within the Netherlands.”

Encryption scrambles data so that only those with the keys to unscramble it can access it. For example, Internet users utilize encryption whenever they access a website that has an HTTPS connection, which protects their Web traffic from interception, and Apple iOS devices and Google Android devices are encrypted by default when the user turns on the lock screen.

Last month, the Netherlands parliament committed €500,000 in funding to OpenSSL, a free set of encryption tools used widely and sponsored in part by the United States government.

“Confidence in secure communication and storage data is essential for the future growth potential of the Dutch economy, which is mainly in the digital economy,” Van der Steur wrote. 

“Encryption supports respect for privacy and the secret communication of citizens by providing them a means to communicate protected data confidentially and with integrity. This is also important for the exercise of the freedom of expression. For example, it enables citizens, but also allows empowers important democratic functions like journalism by allowing confidential communication.”

Encryption is protected under privacy laws in Articles 10 and 13 in the Dutch constitution, Van der Steur argued, as well as Article 8 of the European Convention on Human Rights and Articles 7 and 8 in the European Union Charter.

Weakening encryption will also expose Internet traffic to eavesdropping by criminals, terrorists, and foreign intelligence services, Van der Steur said. That’s an argument supported by a wide variety of technologists warning against the weakening of encryption.

“The protection of these fundamental rights is applicable to the digital world,” he wrote.

The minister of security and justice described at length the virtues of encryption, from protecting laptops against theft to allowing the Dutch government itself to communicate online safely with its citizens about taxes and digital IDs.

“Cryptography is key to security in the digital domain,” Van der Steur argued.

The rights are not absolute, however, and “infringement is permissible” given “a legitimate purpose” as well as regulation and restriction by law, he said.

The global debate over encryption took on new urgency in 2015 after terrorist attacks in Paris and San Bernardino, California. Despite the lack of a direct connection between the violence and encryption—the Paris attackers used unencrypted text messages to coordinate—some lawmakers in the U.S. and other nations have renewed a fight to ban or limit strong end-to-end encryption.

If strong end-to-end encryption is banned in major Western nations, countries like the Netherlands may become important islands of legal cryptography that stymie anti-encryption efforts.

Photo via Jeroen Bennink/Flickr (CC BY 2.0) | Remix by Max Fleishman