back to article European privacy body slams shut backdoors everywhere

Europe's privacy body has reiterated its pro-privacy, anti-backdoor stance. The European Data Protection Supervisor (EDPS) Giovanni Buttarelli has long expressed the view that “privacy versus security” is a false dichotomy. In 2015, he told a conference in Brussels that “the objective of cyber-security may be misused to …

  1. kbb
    Trollface

    It makes sense

    The real reason why Theresa May is going to enact Brexit. #snooperscharter

    1. ritey
      Holmes

      Re: It makes sense

      she played her cards very well it seems.....well enough to make one think she had "inside" help...

  2. Schultz
    Trollface

    Decryption, ... monitoring, ... of communications should be prohibited.

    Let's keep the fingers crossed that this makes it into the laws.

    So should we expect separate software releases for the EU market anytime soon? Just as in the times of the Cryptowars (90s), only this time around the EU gets the real encryption and the Anglo-Saxons get the back-doored version. Surely the EU market is large enough to justify a separate version of MS Windows and Android and those companies wouldn't want to be seen violating the laws of the land.

    Truly interesting times coming up!

    1. James 51

      Re: Decryption, ... monitoring, ... of communications should be prohibited.

      If not then new software will be written in the EU with full fat protection and will be exported to the UK and other places.

  3. Brian O'Byrne

    All hail diversity

    Diversity is a Good Thing.

    That includes the sort of diversity that comes from having one jurisdiction where backdoors are specifically prohibited and others where backdoors are either tolerated or required.

    That will force software 'engineers' (I'll remove the quotes when the software industry is held to the same standards as civil engineering or another real engineering discipline) to understand crypto and privacy in a way that is currently not necessary. Better understanding can only lead to better implementations.

    1. nautica Silver badge
      Happy

      sex munths ago i cunt evn spel injuneer...

      "When someone builds a bridge, he uses engineers who have been certified as knowing what they are doing. Yet when someone builds you a software program, he has no similar certification, even though your safety may be just as dependent upon that software working as it is upon the bridge supporting your weight.";

      and

      "There are no standards for computer programmers and no group to certify them."--David L. Parnas

  4. Anonymous Coward
    Anonymous Coward

    Sweet Jesus

    Preliminary opinion on the review of the ePrivacy Directive.. soon to be followed by

    First draft on the final opinion review of the ePrivacy directive

    Final draft on the review of the ePrivacy directive

    Recommendations on the review of the ePrivacy directive

    Committee guidelines on the review of the ePrivacy directive..

    Long live the EU....

    1. John Brown (no body) Silver badge

      Re: Sweet Jesus

      What makes you think any government-like gerontocracy[1] is any different, from the local parish council right up to the UN?

      [1] That was a spell checker "correction" I decided to leave in.

  5. Anonymous Coward
    Anonymous Coward

    Not great news for UK

    Great news for other Eu countries - but not good news for the UK where the right to a private chat is being eroded.

    1. Anonymous Coward
      Anonymous Coward

      Re: Not great news for UK

      not good news for the UK where the right to a private chat is being eroded

      Ah, but here is the fun bit: it means secret surveillance will become problematic if you play your cards right. Post Brexit, all you have to do to protect yourself from wanton mass surveillance (other than volunteering it all to Facebook, Google, Twitter et al, that is) is to ensure your provider is non-UK.

      You're still exposed to someone knocking on your door with a warrant (that will be the case in any country), but covert surveillance that is sufficiently legal to stand up in court will be hard to come by without the paper trail left by an extrajudicial request for assistance.

  6. AnoneemousOne

    I hope to see the EU force American companies adopt similar approaches to data protection.

  7. Anonymous Coward
    Anonymous Coward

    Major crypto disruption is imminent.

    Some predictions before the end of 2016.

    - 2016 will see a new cryptographic solution - a truly next-generation system.

    - Expect a new simple and information theoretic security "super-cypher" to be introduced to the market, with a solid and simple mathematical proof. The cipher was designed to be compliant with a new "super-security" standard - QC1/AI1 - which assumes that any mathematically complexity-based cipher can be broken within 1 second, and all possible viable residual possible results can be reduce in 1 second using an AI. No amount of computing power can break the cipher.

    - Expect mathematical proofs of various exceptions to a number of Shannon's cryptographic rules, or "assumptions". - 1. Perfect secrecy CAN be exceeded using a finite length key, 2. The entropy of a cryptosystem is NOT limited to the key, 3. The strength of the cryptosystem is NOT dependent on an initial key, 4. A one-time pad can be fixed so that it can be used practically.

    - Expect shares in security companies to plummet, since they cannot compete with the new solution on cryptographic capability. The age of the "art of cryptography" is over - welcome to the age of the "science of cryptography". There is no point in further development of mathematical complexity based security solutions and quantum encryption, since they cannot compete on costs and cryptographic capability. Indeed, they cannot be guaranteed either.

    - Expect a solution to the "user privacy"/"law enforcement" dichotomy. It is possible to have both, where citizens have "unbreakable encryption", and law enforcement has the capability to "police" their internal networks using proper judicial process and oversight.

    - Expect government control of networks, with oversight by civil liberty interest groups.

    - Expect that there will no longer be a need for "backdoors", since they will not be required.

    - Expect an end to current "hacker" related activities - hacking will be a thing of the past.

    - Expect an end to email scams, and users to be graded on their behaviour - an internet credit score.

    - Expect a revamp of the entire communication network using a solid QC/AI security protocol as a base, with single sign-on, mutually authenticated communication, distributed user control and the interception of encrypted communications being pointless.

    - Expect user data to be considered a valuable commodity, such that users will have absolute control over their personal data, demand being paid to watch adverts, and will determine pricing.

    - Expect the end of block ciphers and PKI as we currently know it. They were always guaranteed to be broken upon a brute force attack.

    - Expect the advent of a world wide voting group, where citizens can vote on issues, whether they be national or international.

    - The "internet" is about to be massively disrupted, and most of what we now consider to be "cryptography" is about to be thrown in the bin, since it cannot be trusted, has no absolute proofs behind it, and is not guaranteed by anyone.

    - We are returning to "pure cryptography", also known as scientific cryptography. It's inevitable.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon