Technology

Dutch government says no to 'encryption backdoors'

Ard van der Steur Image copyright Getty Images
Image caption Dutch justice minister Ard van der Steur has no plans for "restrictive regulatory measures" on encryption

The Netherlands has said it will not force tech firms to share encrypted communications such as emails with its security agencies.

The move puts the country in stark contrast with US and UK officials, who have argued agencies need such access to fight terrorism.

The Netherlands began reviewing its policies after the recent Paris terrorist attacks.

But this week it said "restrictive" measures would put citizens at risk.

Encryption is a way of protecting communications or data so that it is incomprehensible without the correct passcode or key.

Advocates say it protects users by preventing criminals and spies from prying into private conversations.

But security agencies have said they struggled to bypass encrypted messaging platforms used by groups such as so-called Islamic State to plan attacks.

"We are not some kind of maniacs who are ideologues against encryption," FBI director James Comey said in November:

"But we have a problem that encryption is crashing into public safety and we have to figure out, as people who care about both, how to resolve it."

Going Dutch

In a letter published this week, the Dutch Ministry of Security and Justice concluded there were arguments for and against "strong encryption".

However, it said allowing law enforcers to access protected data would make digital systems vulnerable to "criminals, terrorists and foreign intelligence services".

"This would have undesirable consequences for the security of information stored and communicated and the integrity of ICT systems, which are increasingly of importance for the functioning of the society," it added.

Image copyright Getty Images
Image caption President Obama has argued tech firms should share encrypted data with security agencies

Despite objections from the FBI, the White House has dropped plans to force tech firms to share encrypted data.

But the UK government hopes to secure such powers through its Draft Investigatory Powers Bill - referred to by some as the Snooper's Charter.

The bill also includes a stipulation that internet and phone companies keep records of every website, app and service to which a computer connects.

'Weaken security'

The proposals have met with fierce resistance from privacy advocates and tech firms.

Some fear it will legitimise the mass surveillance programmes of the US and UK security agencies uncovered by whistleblower Edward Snowden in 2013.

In December, Apple told a parliamentary select committee scrutinising the bill that "in this rapidly evolving cyber-threat environment, companies should remain free to implement strong encryption to protect customers".

And this week, William Binney, ex-technical director of the US National Security Agency, said the bill would be "totalitarian" and "cost lives".

"It is 99% useless," he said in a letter sent to MPs.

"Who wants to know everyone who has ever looked at Google or the BBC? We have known for decades that that swamps [security agency] analysts."

More on this story