It is rare to find a stridently worded legal report. Yet, here the EU has issued a magnificent “arse kicking” report in defence of encryption and open source software. This report should be edged in gold and painted on the ceilings of cathedrals. Yes, of course I’m biased!
The conclusions are from page 6 and include:
Calls on the EU to adopt free and open-source software, and to encourage other actors to do so, as such software provides for better security and for greater respect for human rights.
Conclusion 1 = EU will support open source software
Draws attention to the plight of whistleblowers and their supporters, including journalists, following their revelations of abusive surveillance practices in third countries; believes that such individuals should be considered human rights defenders and that, as such, they deserve the EU’s protection….to examine thoroughly the possibility of granting whistleblowers international protection from prosecution;
Conclusion 2 = EU to legally protect whistleblowers and journalists
Deplores the fact that security measures, including counterterrorism measures, are increasingly used as pretexts for violations of the right to privacy and for clamping down on the legitimate activities of human rights defenders, journalists and political activists; reiterates its strong belief that national security can never be a justification for untargeted,secret or mass surveillance programmes; insists that such measures be pursued strictly inline with the rule of law and human rights standards, including the right to privacy and data protection
Conclusion 3 = If we trade privacy for security, we will get neither.
Urges the EU to counter the criminalisation of the use of encryption, anti-censorship and privacy tools by refusing to limit the use of encryption within the EU, and by challenging third-country governments that criminalise such tools;
Condemns the weakening and undermining of encryption protocols and products, particularly by intelligence services seeking to intercept encrypted communications.
Calls for the introduction of ‘end to end’ encryption standards as a matter of course for all communication services, so as to make it more difficult for governments, intelligence agencies and surveillance bodies to read content;
Conclusion 4 = Encryption must not be restricted or weakened. End to End encryption is to be the defacto standard to prevent mass surveillance.
Considers mass surveillance that is not justified by a heightened risk of terrorist attacks and threats to be in violation of the principles of necessity and proportionality, and, therefore, a violation of human rights;
Warns against the privatisation of law enforcement through internet companies and ISPs;
Conclusion 5 = Mass Surveillance is Illegal.
Just *wow”. Congratulations to the EU for getting everything RIGHT.