EU warned of ‘slippery slope’ with new encryption plans

28 Jan 2021

Image: © ktsdesign/

ProtonMail, Threema, Tresorit and Tutanota are sounding the alarm over a resolution adopted by the Council of the European Union.

A group of encrypted service providers has penned an open letter to EU lawmakers to denounce plans to alter encryption rules in Europe.

ProtonMail, Threema, Tresorit and Tutanota, which provide email and data storage products, said the stance recently taken by the Council of the European Union will undermine security for Europeans.

In December, the Council adopted a resolution on encryption with the slogan “security through encryption and security despite encryption”, which had been anticipated but still came in for criticism.

The Council said that encryption is necessary for “protecting fundamental rights and the digital security of governments, industry and society” but also argued for law enforcement having the ability to “exercise their lawful powers, both online and offline protecting our societies and citizens”.

It is seeking to create some balance between encryption for users but also access for authorities when necessary. However, the open letter from the four companies said the language used in the resolution could be interpreted as stipulating backdoors into encrypted communications.

“The resolution makes a fundamental misunderstanding: encryption is an absolute, data is either encrypted or it isn’t, users have privacy or they don’t,” the letter reads.

“The desire to give law enforcement more tools to fight crime is obviously understandable. But the proposals are the digital equivalent of giving law enforcement a key to every citizen’s home and might begin a slippery slope towards greater violations of personal privacy.”

While the resolution adopted by the Council is not legally binding, it could open up opportunities for the Commission to prepare proposals for possible legislation.

“This is not the first time we’ve seen anti-encryption rhetoric emanating from some parts of Europe, and I doubt it will be the last. But that does not mean we should be complacent,” Andy Yen, chief executive of ProtonMail, said.

“The difference this time is that the Council has taken a more subtle approach and avoided explicitly using words like ‘ban’ or ‘backdoor’. But make no mistake, this is the intention. It’s important that steps are taken now to prevent these proposals going too far and keep European’s rights to privacy intact.”

Encrypted and secure communications have garnered a lot of attention of late after the backlash against WhatsApp’s latest update. The furore saw swathes of sign-ups for alternative encrypted messaging apps such as Signal and Telegram. WhatsApp’s update has since been pushed back to May.

The letter from ProtonMail, Threema, Tresorit and Tutanota has been issued to coincide with Data Privacy Day, a campaigning initiative by the National Cybersecurity Alliance, a group of tech and finance firms.

Jonathan Keane is a freelance business and technology journalist based in Dublin