"Leaked Government Document Shows Spain Wants to Ban End-to-End Encryption", 22 may 2023

Spain has advocated banning encryption for hundreds of millions of people within the European Union, according to a leaked document obtained by WIRED that reveals strong support among EU member states for proposals to scan private messages for illegal content.

The document, a European Council survey of member countries’ views on encryption regulation, offered officials’ behind-the-scenes opinions on how to craft a highly controversial law to stop the spread of child sexual abuse material (CSAM) in Europe. The proposed law would require tech companies to scan their platforms, including users’ private messages, to find illegal material. However, the proposal from Ylva Johansson, the EU commissioner in charge of home affairs, has drawn ire from cryptographers, technologists, and privacy advocates for its potential impact on end-to-end encryption.

Of the 20 EU countries represented in the document leaked to WIRED, the majority said they are in favor of some form of scanning of encrypted messages, with Spain’s position emerging as the most extreme.

The source of the document declined to comment and requested anonymity because they were not authorized to share it.

"Breaking end-to-end encryption for everyone would not only be disproportionate, it would be ineffective of achieving the goal to protect children,” says Iverna McGowan, the secretary general of the European branch of the Centre for Democracy and Technology...

WIRED asked all 20 member states whose views are included in the document for comment. None denied its veracity, and Estonia confirmed that its position was compiled by experts working within related fields and at various ministries.

The document reveals strong support for Johansson’s proposal to scan private end-to-end encrypted communications for illegal content. Of the 20 countries included in the document, 15 expressed support for the idea of scanning end-to-end encrypted communications for CSAM. Many framed this type of scanning as a vital tool that would enable authorities to win the fight against child abuse.

“They want to keep the security of encryption whilst being able to circumvent it,” says Ella Jakubowska, a senior policy advisor at European Digital Rights (EDRI).

In its response, Spain said it is “imperative that we have access to the data” and suggests that it should be possible for encrypted communications to be decrypted. Spain’s interior minister, Fernando Grande-Marlaska, has been outspoken about what he considers the threat posted by encryption. When reached for comment about the leaked document, Daniel Campos de Diego, a spokesperson for Spain’s Ministry of Interior, says the country’s position on this matter is widely known and has been publicly disseminated on several occasions. Edging close to Spain, Poland advocated in the leaked document for mechanisms through which encryption could be lifted by court order and for parents to have the power to decrypt children’s communications.

Security experts have long said that any potential backdoors into encrypted communications or ways to decrypt services would undermine the overall security of the encryption. If law enforcement officials have a way to decipher messages, criminal hackers or those working on behalf of governments could exploit the same capabilities.

Despite the potential attack on encryption from some countries, many nations also appeared to strongly support end-to-end encryption and the protections it provides.