EU ministers are targeting encryption. We need to know more.

In July, Justice Ministers in the European Union met to discuss the “issue” of encryption in the context of the fight against crime and terrorism. In August, Bernard Cazeneuve and Thomas de Maiziere (the French and German ministers of interior, respectively) announced that because more people are using encryption, governments must develop a coordinated response. As a first step, in September, the Slovak Presidency to the Council of the European Union shared a questionnaire with council members. The questionnaire asks members to provide details about any national legislation they have on encryption.

It seems that, once again, an important legislative process is being set in motion behind closed doors; neither the questionnaire nor the answers were initially public. The lack of transparency around these actions, both at the EU and member state-level, prevents individuals, academics, civil society, and other stakeholders from participating in the debate. It also undermines the already vulnerable trust between EU citizens, their respective governments, and EU institutions.  

Since then, the council has declassified the questionnaire and a summary of the responses has been leaked, but we still can’t see the individual answers. There were 25 responses to the encryption questionnaire, and we believe the member state answers should be public record. They do not, after all, disclose anything but what is enshrined in the law, and they will go a long way in helping us understand how law is interpreted and applied across member states.

In advance of the Justice and Home Affairs Council meeting in December 2016, Access Now has sent a letter to the ministers of interior and justice of all the member states that submitted answers to the questionnaire. The letters ask the ministers to make their answers a matter of public record. These answers are key to the national and global debate about government limitations to developing and using encryption. They are essential to public understanding of the existing legislation concerning encryption.

We will keep tally of the member state responses in the table below.

Country Action File
Austria Original request by Access Now; FOI request by Bits of Freedom PDF
Croatia FOI request by Bits of Freedom PDF
Czech Republic FOI request by Bits of Freedom PDF
Denmark FOI request by Jesper Lund of IT-Pol PDF
Estonia FOI request by Bits of Freedom PDF
Finland FOI request by Bits of Freedom PDF
Germany  Anonymous submission PDF
Hungary Original request by Christiana Mauro; FOI request by Bits of Freedom PDF
Italy FOI request by Bits of Freedom PDF
Latvia FOI request by Bits of Freedom PDF
Netherlands Submitted by Bits of Freedom PDF, PDF
Poland FOI request by Bits of Freedom PDF
Romania FOI request by Bits of Freedom PDF
Slovenia FOI request by Bits of Freedom PDF
Spain FOI request by Bits of Freedom PDF
Sweden FOI request by Amelia Andersdotter PDF
United Kingdom FOI request by Bits of Freedom PDF

 

Encryption tools, technologies, and services are essential to protect us against harm, shielding our digital infrastructure and personal communications from unauthorized access. Further, the ability to develop and use encryption is fundamental for today’s EU economy. Economic growth in the digital age is powered by our ability to trust and authenticate our interactions and communications, so we can conduct business securely both within and across borders.

Recently, hundreds of organizations, companies, experts, and individuals from more than 50 countries came together to issue a global declaration in support of strong encryption. We stand with people from all over the world asking government leaders not to break the encryption we rely upon.

We’ve been down this road before. We know that encryption is critical to our right to privacy and to our own digital security. We need to come together once again and demand that our representatives protect these rights — not to undermine them in secret.