Experts "deeply concerned" by the EU plan to weaken encryption

Date:
Tue, 27 May 2025 16:21:35 +0000

Description:
ProtectEU keeps raising concerns among tech experts as the Global Encryption Alliance now urges the European Commission to protect strong encryption.

FULL STORY

The EU plan to create a legal backdoor into encrypted communications keeps raising concerns.

This time, 89 signatories coming from the tech industry including civil society organizations, some of the best VPN and email providers, and cybersecurity experts are warning against the privacy and security dangers
of the Technology Roadmap on encryption included in the ProtectEU strategy.

In a joint letter published on Monday, May 26, 2025, experts are now urging
the European Commission to "reframe its approach" and protect strong
encryption practices.

The need for strong encryption

"While we recognize the importance of elevating security efforts during
moments of increased geopolitical instability, we are concerned by the
framing of the technology roadmap," experts wrote.

Encryption , the scrambling of data into an unreadable form to prevent unwanted access, is the backbone of how services like Signal, WhatsApp, and Proton Mail work. Yet, law enforcement has long argued that this technology
is an obstacle to criminal investigations.

As cyberattack incidents keep rising worldwide, though, even government
bodies, like the FBI and CISA in the US, have started to encourage citizens
to swicth to end-to-end encrypted services to fight back these threats.

The European Commission itself previously acknowledged encryption as needed
to protect the integrity of cyberspace, too.

This is why, for the signatories, who include the likes of Proton, Surfshark
, Tuta Mail , Mozilla, and Element, alongside leading cryptographers and digital rights groups, this technology remains a "key cybersecurity tool"
that cannot be compromised.

"Undermining encryption weakens the very foundation of secure communications and systems, leaving individuals, businesses, and public institutions more vulnerable to attacks," they wrote.

ProtectEU comes as the first step in the EU Commission's plan to bolster the security of the European bloc in the years to come. While we don't know much
at the time of writing, we do know the strategy includes finding a technical way to create encryption backdoors into software. That's exactly what most worries the tech benches.

They wrote: "We are deeply concerned by the Commissions continued focus on identifying ways to weaken or circumvent encryption. This undermines its own security objectives under the ProtectEU strategy."

The European Commission has already tried to weaken encryption with its proposal to scan all citizens' communications to halt the spread of child sexual material, in fact. Deemed by critics as Chat Control , the bill has
been failing to attract the needed majority since 2022.

Along the way, the European Court of Human Rights even ruled " illegal break encryption ," a hard blow for the supporters of client-side scanning technologies to monitor encrypted communications. Did you know? (Image
credit: Vlad Yushinov/via Getty Images) While messaging apps and email providers are set to be the main target of lawmakers, an EU expert group explicitly recently referred to VPN services as "key challenges" to the investigative work of law enforcement agencies for the very first time, alongside encrypted devices, apps, and new communications operators.

Now, experts believe that what lawmakers aim to do under the ProtectEU
strategy will lead to the same security, human rights, and accountability issues.

They then urge to reframe the Technology Roadmap on Encryption by taking into consideration also the industry concerns, not only those of law enforcement.

"Any future roadmap that aspires to be credible and balanced must consider
the feasibility of any potential technological capabilities and their
societal, technical, and legal impact," they conclude.

This is the second time digital rights and tech experts have gotten together
to call on the European Commission not to undermine encryption with the new ProtectEU plan since April 1, 2025, the day the plan was first unveiled. Also on that occasion, experts urged lawmakers to make them an active part of the process.

======================================================================
Link to news story: https://www.techradar.com/computing/cyber-security/experts-deeply-concerned-by -the-eu-plan-to-weaken-encryption

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

Experts "deeply concerned" by India's plan to force all smartphones to run pre-installed security app

Date:
Tue, 02 Dec 2025 17:40:55 +0000

Description:
Authorities said the state-owned Sanchar Saathi app comes as a way to halt cybercrime, but digital rights experts fear for users' privacy and mission creep. Here's all we know.

FULL STORY

India's telecoms ministry is forcing smartphone providers to install a state-owned security app, attracting strong criticism on privacy grounds.

The November 28 directive, which was first reported by Reuters , requires smartphone makers to preload all new devices with the Sanchar Saathi app,
while existing phones will have to download the application via a software update. Crucially, users won't be able to delete the software from their
phone.

The Indian government said the move is intended to tackle the recent surge in cybercrime and hacking incidents.

While Apple, Google, Samsung, and other phone-making firms have so far kept quiet, digital rights groups are "deeply concerned" about the requirement, which they believe could jeopardize people's rights.

Although the full text of the order is still unavailable, the Internet
Freedom Foundation (IFF) argues that such an order represents "a sharp and deeply worrying" expansion of executive control over citizens' digital
devices.

"Today, the app may be framed as a benign IMEI checker. Tomorrow, through a server-side update, it could be repurposed for client-side scanning for 'banned' applications, flag VPN usage, correlate SIM activity, or trawl SMS logs in the name of fraud detection," the civil society organization wrote in
a statement .

What is the Sanchar Saathi app and why it could be bad for privacy

Indian tech publication MediaNama has reported that the Sanchar Saathi app stems from an initiative from India's Department of Telecommunications and is designed to help users protect their devices against malicious activities,
such as online fraud, theft, and other crimes.

Citizens can use the app to report scams in real-time, enabling authorities
to track and respond to cybercrime in a more effective way.

While the application may prove useful, experts are critical of the disregard for user choice. As IFF argues: "This converts every smartphone sold in India into a vessel for state mandated software that the user cannot meaningfully refuse, control, or remove."

IFFs comments echo concerns raised by technology lawyer Mishi Choudhary, who told Reuters: "The government effectively removes user consent as a
meaningful choice."

However, concerns extend beyond user choice. There is a real risk that
current or future governments could expand the app's scope, effectively
turning it into a surveillance tool, which would compromise privacy even for those using one of the best VPN services.

As the IFF notes, "Nothing in the order constrains these possibilities."

The IFF has now filed a complaint with India's telecoms body and says it will keep fighting "until it is rescinded." It now remains to be seen if the likes of Apple and Google will also follow suit in challenging the order.

======================================================================
Link to news story: https://www.techradar.com/vpn/vpn-privacy-security/experts-deeply-concerned-by -indias-plan-to-force-all-smartphones-to-run-pre-installed-security-app

$$
--- SBBSecho 3.28-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)