Opposition is growing against encryption backdoors in messaging platforms, as a controversial bill aimed at fighting drug trafficking is being reviewed by the National Assembly. Critics, including lawmakers and cybersecurity experts, argue that such measures threaten digital security and undermine encryption. Concerns are raised about potential vulnerabilities being exploited by malicious actors. The debate also has international implications, with messaging services like Signal and Apple reconsidering their encryption practices in response to new legislation.
Growing Opposition to Encryption Backdoors
The movement against the proposed backdoors in encrypted messaging platforms is gaining momentum, as critics prepare to confront this controversial aspect of a bill aimed at combating drug trafficking. This week, the National Assembly will scrutinize the bill, with the law commission set to conduct its first review on Tuesday, March 4.
Just over a month ago, the Senate approved a contentious amendment requiring encrypted messaging services to implement technical measures that would allow intelligence agencies to access user communications. This decision has sparked significant backlash from various stakeholders.
Concerns Over Digital Security
Opponents, including Deputy Eric Bothorel from the Côtes-d’Armor region, have raised alarms about the potential implications for digital security. Bothorel expressed his concerns on LinkedIn, stating that such a provision undermines the security of digital communications. He emphasized that mandating a reduction in encryption strength contradicts the essential tenets of cybersecurity.
Guillaume Poupard, former director general of Anssi, also echoed these sentiments, warning against the dangerous consequences of seemingly beneficial proposals. He referred to a 2016 analysis highlighting existing legal provisions that allow for assistance from cryptology providers to bypass security measures, which raises concerns about the feasibility of ensuring that such backdoors are only accessible to authorized entities. In reality, these vulnerabilities could be exploited by various attackers, from state-sponsored hackers to opportunistic cybercriminals.
The French Alliance of Digital Industries has voiced its apprehension regarding the cybersecurity risks posed by this amendment. This organization, which includes major companies like Apple, Amazon, and Airbus, has formally reached out to parliamentarians, urging consultations with key cybersecurity agencies such as Anssi, Cnil, and Arcep before the National Assembly debates the proposal.
Olvid, a company specializing in encrypted messaging solutions, also expressed skepticism, stating that a “safe” backdoor is unattainable. They raised questions about the legislators’ true motives, suggesting that the amendment might be designed to compel messaging services like Telegram to disclose user data that is already accessible in plaintext. Furthermore, they pointed out that Telegram is misleadingly categorized as an encrypted messaging service, as group chats are stored in clear text on servers, raising concerns about the amendment’s potential implications for user privacy.
International Repercussions
The debate surrounding encryption extends beyond France’s borders. The Signal Foundation’s president recently warned that the application may cease to operate in Sweden if new legislation mandates messaging platforms to retain user messages. Additionally, Apple announced that it disabled advanced data protection for its UK users, leading to significant implications for end-to-end encryption across various services, including iCloud backups and photo storage, which poses a major security concern for many users.