Croatia, Italy, Latvia, Poland and Hungary are backing new laws that allow police across the continent better access to private data as France, Germany, and the UK grapple with balance of privacy and security
The European Commission may soon debate a law that gives police better abilities to break through encryption thanks to the backing of five countries who want easier access for law enforcement. Hungary, Poland, Latvia, Italy, and Croatia are backing the idea.
“One of the most crucial aspects will be adopting new legislation that allows for acquisition of data stored in EU countries ‘in the cloud,’” Poland wrote to Slovakia, the country that currently controls the EU presidency. “Due to the lack of sufficiently precise definition of “e-evidence” in Polish criminal law, there are no specific/detailed provisions concerning access to data stored ‘in the cloud.'”
The issue became more political over the summer when Slovakia, who will hold the EU presidency for six months, requested reports from member states on how they deal with encrypted data during investigations and what might handicap their efforts.
In those surveys, several countries pointed to both financial and technical capability limitations to criminal and terrorist investigations. Poland was one of them.
“In general terms, national legislations could be more effective if an obligation for the suspects or accused to provide law enforcement authorities with encryption keys/passwords were required,” wrote Italy.
Some law enforcement and defense officials in Europe have been clamoring for better access of late in light of several terrorist attacks over the last couple of years, with prominent ones in the French cities of Paris and Nice.
“Encrypted communication via the internet and smartphones are a part of the problems investigators face in these instances,” Europol Director Rob Wainwright told POLITICO in March. “We have to find a more constructive legislative solution for this problem of encryption.”
Several countries have proposed rules domestically irrespective of policies across the continent. The UK’s Investigatory Powers Bill for instance, approved last week in Parliament, compels ISPs to save log data for as long as 12 months thanks to a so-called “data retention notice.”
Not every country in the bloc is thrilled about the idea of breaking down the walls of privacy.
“A regulation to prohibit or to weaken encryption for telecommunication and digital services has to be ruled out, in order to protect privacy and business secrets,” the German government responded to Slovakia’s request.
The German response continued, “In general, national law allows sufficiently effective securing of e-evidence. However, potential changes to the legal framework are constantly being examined and discussed.”
That demonstrates division within the German government itself on the issue, as Interior Minister Thomas de Maiziere alongside his French counterpart Bernard Cazeneuve recently wrote to the European Commission to help authorities get better access for terrorism investigations.
“If such legislation were passed, it would allow us, at European level, to impose obligations on operators that uncooperative disclose such to remove illegal content or decrypt messages, exclusively in the context of criminal investigations,” Cazeneuve said back in August.
Cazeneuve also named Telegram’s non-cooperation with French terror investigations as an example of why security forces need tougher laws. French police arrested a 16-year-old in August alleging she was planning attacks in the country on behalf of ISIS. She was found to be running an ISIS-supporting chat group on Telegram.
Germany is at the center of a continent-wide storm over Syrian refugees, many of whom are suspected of being sentinels for organizations like ISIS. As the country’s chancellor, Angela Merkel, fights off popular rage toward her liberal position on refugee accommodation, she is under pressure to ensure better vetting and preemptive action against potential terror cells.