French Government Rejects Encryption Backdoors
The French government last week dismissed a proposed amendment to its upcoming Digital Republic Bill which would have mandated backdoors be introduced to end-to-end encrypted comms platforms.
Digital secretary Axelle Lemaire rejected the proposal made by Republican Nathalie Kosciusko-Morizet, which claimed police and gendarmes should be given access to such systems under the supervision of a judge.
Referencing the vulnerabilities found in Juniper routers recently, Lemaire claimed such plans would “open the door to players with less laudable intentions” as well as damage the credibility of companies acceding to such demands, according to French site Numerama.
"What you propose is a design by vulnerability,” she argued. “With a backdoor, personal data is not protected at all.”
The controversial amendment was proposed in response to the terror attacks in Paris in November that left over 100 dead – even though there’s no evidence that backdoor access to encrypted comms would have prevented the atrocities.
The French government’s stance puts it alongside the Netherlands, which recently stated its position as anti-backdoor and pro strong encryption, for many of the same reasons.
The move highlights a widening gulf between these states and the likes of the UK and US, where the respective governments are pushing hard for law enforcers to have such powers.
In the UK, this could soon be enshrined in law if the current Investigatory Powers Bill is passed by parliament, despite strong opposition from rights groups and even former NSA operatives.
In the US, discussions are still ongoing behind the scenes, despite the repeated assurances from the likes of Apple supremo Tim Cook that no such deal would be reached.
It’s telling that pro-backdoor politicians in both countries have tried to use the events in Paris to back their stance, but leaders in France have resisted such over-simplified arguments.
The Digital Republic Bill by and large contains measures to bolster cloud security, privacy by design and the principal of net neutrality.
Source: Information Security Magazine