EU privacy regulator wants ban on breaking encryption of communications

European Data Protection Supervisor Giovanni Buttarelli wants a new ePrivacy Directive proposal to ban the monitoring, cracking and reverse engineering of encrypted communications. A consultation on the legislation is currently underway.

Buttarelli writes this in an opinion, in which he elaborates on his recommendations for a revision of the directive. According to him, in addition to the ban, a right should be created to use end-to-end encryption without backdoors. The development of backdoors by encryption service providers, providers and other organizations should also be prohibited. In addition, the use of this form of encryption should be encouraged and, in some cases, required. That is why he calls on the European Commission to develop technical standards.

Buttarelli also argues for a technology-independent approach in the new directive, which protects all forms of electronic communication. This should not be limited to the services that are traditionally offered by telephony and internet providers, but also to, for example, Wi-Fi in hotels and public places. In addition, the rules must restrict the tracking of people by requiring the user’s permission. The new legislation should closely follow the General Data Protection Regulation, which was recently adopted.

The ePrivacy Directive currently regulates topics related to the protection of users in the field of, for example, cookies, spam and data retention. For example, the so-called ‘cookie law’ arises from this legislation. By means of a consultation that has now been concluded, the EU wants to gather views in order to come up with a proposal before the end of 2016. The EDPS is an independent supervisor, responsible for ensuring that the EU institutions take the protection of privacy into account, for example when developing new legislation.