MENUMENU

E.U. officials want U.S. tech companies to add encryption backdoors

EU flag with partially open door in center

Governments want tech companies to make their work easier.

Europe will follow the U.S.’s lead in the debate over whether to weaken encryption to aid law enforcement and counterterrorism investigations.

French and E.U. officials met Thursday with representatives from Apple, Facebook, Google, Microsoft, and Twitter to discuss how the companies could help government agencies catch terrorists. The meetings mostly focused on getting companies to quickly take down jihadist propaganda, the Wall Street Journal reported, but government officials also raised the issue of encryption.

The Nov. 13 Paris attacks heightened concerns that terrorists have been using encryption to hide their communications from government surveillance. Despite their being no public evidence for this concern, senior U.S. intelligence officials seized on the incident to renew their calls for tech companies to add so-called “backdoors” to their encryption that the government could access with a warrant.

Security experts widely condemn backdoors as unsafe and counterproductive, but that hasn’t stopped U.S. and European politicians from suggesting that tech firms add them to their products.

“Communication between terrorists is increasingly taking place using highly sophisticated encryption techniques and this needs to be addressed,” an E.U. official told the Wall Street Journal.

In asking tech companies to weaken their encryption, European governments are following the American playbook. The Obama administration considered proposals to mandate backdoors, but later abandoned them as unworkable. However, U.S. officials continue to privately pressure tech companies to voluntarily add backdoors.

Google and Facebook spokespeople confirmed that their companies attended both the E.U. and France meetings. Apple attended the meeting in France, but not the one in Brussels.

A Google spokeswoman described the talks as “constructive” and stressed that they focused on how tech companies and governments could cooperate to handle online extremist content. She did not dispute that encryption was also a topic.

Representatives from Microsoft and Twitter did not respond to requests for comment on the European talks. An Apple spokesman declined to comment on the record about the extent to which encryption factored into the meetings.

Apple’s participation is noteworthy, because it was the Cupertino company’s decision to dramatically strengthen the encryption in iOS 8 that prompted FBI Director James Comey to reignite the long-running “crypto wars” with a message about terrorists “going dark” behind encryption. Apple CEO Tim Cook has been the tech industry’s loudest voice in the fight against backdoors.

The Paris attacks have prompted many European nations to grapple anew with the questions of liberty and security that the United States tried to address after the Sept. 11, 2001, terrorist attacks. In the aftermath of those attacks, Congress passed the USA Patriot Act, a sweeping surveillance law that authorized many new spy programs, some of which former National Security Agency contractor Edward Snowden revealed to a stunned public beginning in 2013.

Congress reformed one of those programs, a bulk phone-records collection operation, in June, but the NSA and other agencies still retain far-reaching surveillance and wiretapping authority.

Rep. Jim Sensenbrenner (R-Wisc.), the lead author of the Patriot Act, recently warned European officials not to emulate his mistakes by overreacting to terrorist attacks and instituting indiscriminate mass surveillance.

“Sadly,” a former French intelligence official told the Journal, “all of this is happening only because of recent events.”

As European officials press tech companies to weaken their encryption, U.S. and E.U. negotiators are also working on a new data-privacy deal to facilitate the transfer of data between their territories. The European Court of Justice threw out the previous Safe Harbor agreement when it determined that U.S. tech companies could not guarantee the privacy of European customers’ data because they were subject to intrusive American surveillance programs.

Illustration by Jason Reed

Eric Geller

Eric Geller

Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.