EU’s Data Protection Supervisor opines that encryption of the communications of EU citizens should be backed on all media and any attempts to reverse engineer or decrypt them should be completely prohibited. This was the conclusion reached regarding EU’s ePrivacy Directive.
The European Union’s Data Protection Supervisor (EDPS) came to the conclusion that when talking about the privacy of EU citizens, encryption should not only be allowed, it should be backed, encouraged, and mandated.
Giovanni Buttarelli said that the EU is going to come up with a new ‘Cookie Law’. He said that the privacy of the citizens should be the utmost priority. This is contrary to what most of the world governments and intelligence agencies advocate. They are of the opinion that in order to ensure national security some sort of censorship and surveillance is a necessity. But Buttarelli said that the new General Data Protection Regulation should protect the citizens, not cause more problems.
The announcement comes at a time when the UK is poised to pass the Snooper’s Charter. The Snooper’s Charter would enable the government not only to spy on their citizens heavily but also install backdoors into services. Moreover, it would even empower the government to ban encryption. Buttarelli’s announcement also comes at a time when the EU was facing increasing criticism about its Privacy Shield agreement with the US government.
All in all, this announcement is a clear statement against agencies like the NSA, GHCQ, who perpetrate and enforce mass surveillance and are continuously on the lookout to gain more power to that end. Buttarelli certainly absolves the EU from all blame in this war of encryption vs censorship. He was even quite vocal about people’s suggestion of making government request for user data more transparent. Again, he was in full support of this suggestion, saying that it should be a practise to publish occasional statistics about user data requests. This news, which comes at a time when even acknowledging that the authorities have requested for your data is illegal, is certainly most welcomed.
It remains to be seen whether this progressive move by the EUDPS gets the backing it deserves. All the governments across the world are certainly miffed with this, but it is one of the first major announcements from an organization of such stature in support of cybersecurity and privacy.