The Joint Declaration was agreed upon at an informal meeting of the European Chiefs of Police in London hosted by the National Crime Agency on 18 April.
Police Chiefs of all EU Member States and Schengen Associated Countries were invited, alongside Europol’s Executive Director.
Here is the declaration (pdf).
“Thieve’s Guild calls for homeowners to take actions against door lock rollout”
You win the Internet for today!
I need privacy not because my actions are questionable but because your judgement and intentions are questionable.
Also the judgement and laws could change. Potentially rendering everything you do now illegal. Therefore it could be used for prosecuting you later for something you did while it was perfectly legal.
Our societies have not previously tolerated spaces that are beyond the reach of law enforcement, where criminals can communicate safely and child abuse can flourish.
I am pretty sure, churches were “tolerated spaces” bevor e2ee was a thing.
Our societies have previously tolerated a whole lot of spaces where conversations could be had without fear of law enforcement listening in, but many of those have disappeared as communications moved online. Encryption is the only thing that can restore the balance.
Yeah it’s called a private residence and I’m concerned cops don’t see it as a “them free space”
But that’s exactly their point: it it’s legal for them to bug your house when all prerequisites are met. That last part is very important. Without voicing my opinion: that is the current law in many western democracies.
End-to-end encryption means that even with very stringent limitations, they would never be able to listen in. None of the previous spaces “beyond their reach” has been that.
And BTW as far as I know churches have never been this, legally. There was a time when you could find asylum in a church, and you couldn’t be arrested, but they were never barred from law enforcement listening in.
And, for the record, this part is my opinion: end-to-end encryption should be possible, and without backdoors.
God works in encrypted ways
And letters. If you go to the stasi museum in Berlin they have the letter opening equipment as proof of how despicable they were.
The West did (and still does) spy on people to a similar extent, they just have been less obnoxious about it (wholesale spying, but no wholesale persecution) so nobody gets too upset and makes a revolution or something.
You don’t even have to go so far.
Several European countries consider physical letters to be confidential.
https://en.wikipedia.org/wiki/Secrecy_of_correspondenceStrangely enough that confidentiality suddenly no longer applies to other, “newer” forms of communication.
Probably because it’s less easy for security services to ignore.
If you make encryption illegal, only criminals will use encryption!
As far as I know killing people is illegal, hasn’t stopped some to do it nevertheless. And it won’t help protect the infamous “the children” either.
that’s a bad metaphor, because killing beeing illegal actually stops a lot of killing, but also killing is usually actually considered a bad thing while encryption is not.
making encryption illegal is like saying “we don’t want anybody to enjoy this good thing, because it’s also good for criminals” while with killing, not enjoying it is what non-criminals would have done anyway.
I guess that means that those same police chiefs don’t use any end to end encryption whatsoever.
The only question here is: why do European police chiefs want to help Russia and China intercept our communications?
Because they secretly like authoritarian systems?
secretly?
And it is with the good old “think of the children”. They keep trying to sneak in legislation at EU level to kill privacy, I dread to see the day when it will pass (especially if at the next elections there will be a shift to the right)…
Kids need privacy too. Takes a pedo to disagree.
In the minds of the authoritarian right that’s driving this disgusting “debate”, kids don’t have rights, because they are are their parents’ property.
Learn to hack, pigs.
The pigs want easier targets because they’re losing the game with it’s initial conditions.
Hungary is in bed with the CCP. Maybe the other police forces see advantages to themselves. It remains to be seen which of these chiefs are still in their positions a year from now, given the EU’s generally pro-privacy stance
There’s not much they can do about PGP, though. Sure, encrypting stuff manually can get a little bit annoying, but nothing a quick browset extension wouldn’t fix.
The moat difficult part will ve convincing your friends to use it, and actually sharing keys, but if you really need to hide what you’re talking about, it’s not like stopping a e2e rollout will help in amy capacity. Quite the contrary - people who they want to target with this will only start to be even more carefull, reaulting in them loosing access even to those backdoored privacy messengers they already probably have and criminals rely on.
What if they make it illegal and jail people whose messages they can’t open?
That’s the whole point of making end to end encryption illegal. So, yes, this will happen.
Once you have a tool that uses pgp with keys you provide, and encrypts messages in normal chats, changing the actuall message format would probably be easy, so there’s plenty of room for adittional steganography. Images would make for a perfect cover, with something like last-bit steganography.
But, I hope it won’t come to that.
They will have tools to scan for steganography. I bet Palantir or some other dodgy tech bro company is more than happy to sell something like that to them. And with PGP’s not only strong encryption, but just as strong authentication, they’ll have no problem whatsoever proving that it was you who sent those illegal encrypted messages.
That’s true. I guess that in this case, your best bet is (assuming you don’t have something so illegal to hide, that they do want to expend large amount of resources on you) to just go security by obscurity, and have some kind of obscure custom steganography that’s not widely used.
And for PGP - I though that there’s a difference between signing and encrypting a message, and when you only encrypt and don’t sign, they can’t attribute the message to you, assuming they don’t have your private key or the original plaintext? Or is it possible to attribute a encrypted message using only public key and cyphertext?
Or is it possible to attribute a encrypted message using only public key and cyphertext?
I’m not entirely sure, and was more thinking of the standard application of PGP where encryption and signing go hand in hand.
Been routing for Europol for a long time, not anymore. What a shame
I mean, E2E encryption is gonna make life harder for police than its been since we standardized on poorly-secured electronic communication devices. The FBI isn’t too keen on it either.
There’s probably going to be a cost in terms of criminality, but I think that it’s one worth paying.
is this declaration about e2e in general, or is there a specific new rollout they are referencing?
The declaration, published today and supported by Europol and the European Police Chiefs, comes as end-to-end encryption has started to be rolled out across Meta’s messenger platform.
Asking the real questions here. It’s not like e2e is about to be rolled out, pgp existed for decades
What they are concered with is e2ee moving from just being for nerds and people who really want to keep secrets (organised crime etc) and expanding to the general population though mainstream messaging apps.
WhatsApp already has e2e. It’s the most popular app ever, what’s left there to roll out? Signal is e2e, telegram is e2e-able, protonmail is already famous, etc etc.
Facebook Messenger. After WhatsApp and WeChat, the third largest one in term of active monthly users apparently.
Thank you to translate the “Meta Messenger”, I was a bit confused as the only messenger of meta I was aware of is Whatsapp, whuch is e2e since like forever in software terms.