Cybersecurity showdown at the European Parliament: where do MEPs stand on encryption?

The rising importance of online transactions is a challenge for policymakers, as regulators find it difficult to catch up with accelerating technological changes in the digital sphere. Making the internet safe for consumers is one of the key aspects in the implementation of the Digital Single Market (for more information on the most influential EU Parliamentarians on digital policy, check out our previous report).

However, despite the overall consensus on the next steps to be taken on cybersecurity, the EU political forces have very different views on how cybercrime should be tackled. One of the main sticking points is the use of encryption and, more broadly, encoding techniques. These tools allow users to ensure that one’s message cannot be either hijacked nor understood by no other than the intended recipient. On the other hand, privacy-enhancing tools make it more difficult for law enforcement authorities to use the internet to track criminal activities.

The political families within the European Parliament disagree on how to address the trade-off between ensuring the respect of the individual rights of EU citizens (privileged by the left-leaning forces, such as S&D, Greens and GUE-NGL) and allowing the authorities to access information in order to prosecute crimes online (favored by right-wing groups, such as the EPP and ECR).

We interviewed some of the key MEPs who have been working on cybercrime in order to shed some light on their positions on the matter, while also reaching out to activist organizations for additional comments. This report provides very useful insights on the current status of the affairs regarding regulation of encryption and onion routing techniques.

Who wants whistle-blowers to remain anonymous? 

Are anonymising tools a danger or an opportunity for society? MEPs have mixed views on the use of onion-routers. Onion-routing, simply put, allows its users to access unindexed web pages, unreachable with regular search engines (colloquially known as the Darknet) and transfer safely encrypted data.

When asked for their views on the matter, the Greens pointed out that hidden networks provide a free space for journalists and political activists in authoritarian countries. Green MEP Jan Phillip Albrecht goes further and advocates for the rights of ‘’whistleblowers [to] have legal protection across Europe.’’ The Swedish non-profit organization for digital rights DRFI reminds us that, indeed, the online democratic debate is at risk, and must be protected, namely, ‘’by ensuring public access to information online without risk of having their communication read by third parties.’’

Reached for comments, S&D MEP Miriam Dalli, shadow rapporteur for the S&D Group on the report on the fight against Cybercrime, went even further in suggesting that Europol ‘’must put together an anonymous reporting platform dedicated to the fight against Child Sexual Abuse material’’. Anonymous reporting can help fighting crime, as Dalli calls for getting [hacktivists] on board’ in order to fight online minor sexual violence.

PJvw83 Quotes December {Dalli} [draft3][06Dec2017]

The drawback for law-enforcement authorities is, of course, the diffusion of illegal content. In fact, the question of promoting onion-routing is bound to the more dubious Darknet. A very cautious approach to this question permeated the views of some political groups. The views of the EPP, vowing to exclude references to potentially dangerous privacy-enhancing techniques, clash with the ones of Greens/EFA, Social Democrats and GUE/NGL, as the latter opposed the portrayal of the Darknet as a tool predominately used for dark deeds.

The cautious treatment of the Darknet by the Conservatives found its logical conclusion in the proposals of the ECR group. MEP John Procter, the rapporteur for the Reformist group, went to the extent to suggest that ‘’Europol [could] monitor the Darknet’’ to determine threats and organize its response towards criminal activities. So quite a change from the Greens’ original position.

MEP agree to protect encryption, disagree on making it mandatory

Encryption-related issues lie at the heart of the fight against cybercrime. Most political groups agree on opposing the introduction of government-monitored backdoors in software or smartphones. Green MEP Albrecht is adamant on this point: “Member states shall not impose any obligations on electronic communications service providers that would result in the weakening of the security and encryption of their networks and services”. 

PJvw83 Quotes December {Albrecht} [draft4][06Dec2017]

DRFI reminds us that in this debate ‘’encryption helps with authenticity of communication’’, that is crucial when ‘’the consequences of large-scale identity theft are both costly and painful.’’

S&D MEP Dalli agrees, as she points out that “privacy can be compromised if the encryption process is not guaranteed. Most political groups seem to have agreed with such statement as a majority of EU Parliamentarians joined the call on Member States not to impose any obligation on electronic providers to loosen encryption.

But this consensus breaks when it comes to ensuring a broader use of encryption for the users. Should the European Parliament push for the introduction of a mandatory end-to-end encryption for online service providers? The Greens political group thinks so. MEP Albrecht insists for electronic communications services to provide ‘’sufficient protection against unauthorized access or alterations to the data’’ while guaranteeing the anonymity and security of said communications.

However, not all of his fellow colleagues are enthusiastic about this proposal. Several MEPs are concerned about the additional costs for businesses that a mandatory end-to-end encryption would entail. According to MEP Procter (ECR): ‘’Ultimately, [encryption] is a matter for providers and their consumers.” The Conservative MEP defended not enforcing strict rules on service providers so as not to burden the companies: “we should not force providers to have them.’’

PJvw83 Quotes December {Procter} [draft4][06Dec2017]

Special thanks to MEP Miriam Dalli, MEP Ian Philip Albrecht and MEP John Procter. Special thanks to Linus Nordberg from DFRI (Föreningen för Digitala fri och rättigheter ) and Nicholas Hernanz from the Green group.

Follow for more in-depth interviews with public opinion leaders and comprehensive analyses of European events.

If you are interested to deepen your knowledge of the actions of these MEPs or any of the other EU Parliamentarians, or simply to find out who and how is shaping EU politics in general (we regularly run assessments on the influence of MEPs), contact us at [email protected] .