1. Forum
  2. Fidonet
  3. CONSPRCY

  • "Lawful access"

    From Mike Powell@1:2320/105 to All on Sat May 2 09:39:38 2026
    From 'encryption backdoor' to 'lawful access' is a compromise between privacy, security, and law enforcement needs actually possible?

    Date:
    Fri, 01 May 2026 14:05:10 +0000

    Description:
    After ongoing attempts in Europe, Canada is the latest country pushing for "lawful access" to data for law enforcement. This, despite cybersecurity experts warning that breaking encryption would threaten everyone's privacy
    and security.

    OPINION
    When privacy advocates thought
    they had won the Crypto Wars in the 1990s, they probably wouldnt have guessed theyd still be discussing whether decrypting private data is a bad or good idea 30 years later. But since at least 2020, a stream of governments have been trying to create a backdoor to encryption under the new name of "lawful access".

    Canada's C-22 bill is the latest such proposal. It seeks to force all "electronic service providers" to install "technical capabilities" to allow law enforcement access to all communications and sensitive data of Canadian citizens. For law enforcement, its about modernising the data access rights and equipping officers with the tools to fight back the most serious crimes organized crime, human trafficking, and online sexual exploitation.

    For cryptographers, data scientists, security experts, and privacy advocates, however, creating a backdoor to encryption is, of course, a major concern a false step that will lead to far more problems than it might solve. Then, there are the political divisions that it creates and the seemingly endless back-and-forth debates, which take up precious parliamentary time.

    In the EU, whats been called Chat Control took over three years of failed attempts to reach a final stage and produce a watered-down version where the encryption backdoor may be voluntary instead, and with experts believing its
    " a disaster waiting to happen ". And thats only if politicians can push it through.

    The hot mess that is Chat Control might even be considered a success story in comparison. The French Parliament rejected an encryption backdoor in 2025. A similar proposal in Sweden went quiet after a strong backlash from privacy
    and security experts around the same time. In 2023, the UK also decided to halt a similar provision within its Online Safety Act until it is
    technically feasible to do so. But despite these failures, the desire for
    the ability to decrypt data when convenient to the authorities does not seem to have been blunted.

    Under the ProtectEU strategy, European policymakers are looking at how to
    meet Europols demands decrypting citizens data by 2030 . And the UK has resorted to another law of its own the controversial 2016 Investigatory Powers Act to hit Apple with at least t wo encryption backdoor requests to bypass iClouds Advanced Data Protection feature.

    Canadas recent move highlights the appearance of a change in approach that governments seem to think will ease the passage of this kind of legislation. "Lawful access" is the growing rebranding of the hobbling of encryption, but will this softer appearing approach be enough to get the same demands over
    the line? Is it even possible to find a
    compromise between the encryption access requirements of law enforcement and the level of privacy and security that citizens deserve?

    Lawful access: what could go wrong? Ive been following these legal
    attempts closely since the beginning of 2023, and theres something that I
    keep hearing as a mantra when I talk with the people working in
    cybersecurity: encryption is maths. It either works for everyone or its
    broken for everyone. A backdoor, that only the good guys can use, cannot exist.

    Its not just digital rights groups that are aware of this. I once attended an event where a former investigator was arguing how encryption is also " vital for law enforcement " because it keeps both citizens and organizations safe.

    When the Salt Typhoon occurred the unprecedented cyberattacks that targeted all the major US telecom systems FBI and CISA agents were quick to urge all citizens to switch to encrypted services under the refrain " Encryption is your friend ." This is surely not something that the authorities really wish to weaken?

    Former General Counsel of the US Federal Bureau of Investigation James A. Baker argued that creating a backdoor won't help law enforcement to protect the people they want to protect, but it will expose them to more threats".

    Its bad for both sides, then: private citizens and law enforcement. Undermining encryption not only threatens rights but its bad for security, too.

    "Imagine being able to attack the digital infrastructure of a country by
    using a botnet that is exploiting every single Android phone," Society's Senior Director for Internet Trust, Robin Wilton, once explained to me . It would be catastrophic. Yet, that's what happens if you build a systemic vulnerability into a monoculture of devices."

    Thats a huge risk, for something that many believe wont do much to stop criminals in practice, and, all the while people will keep using encryption anyway through illegal apps, as the Co-Founder of Matrix and encrypted platform Element told me back in March 2023 . A never ending backlash? As a new encryption backdoor bill makes headlines, 30 organizations and more than 20 cybersecurity experts have already signed the open letter , published by the Global Encryption Coalition, on Tuesday, joining the call to the Canadian federal government to withdraw Bill C-22.

    Exactly one week before, on April 21, another coalition, made up of 14 civil liberty groups, refugee rights campaigners, academics, and digital rights organizations, alongside 15 of Canada's most prominent privacy scholars and legal experts, also sent a letter to Prime Minister Mark Carney and every Member of Parliament to call for a full withdrawal.

    The hard truth is that the people building the software arent on board, either. The likes of Signal , WhatsApp, and Telegram have said over and over that they would rather leave the market than undermine their encryption protections. Apple even decided to kill its iClouds end-to-end encryption feature in the UK altogether, instead of creating a false sense of security with a backdoor.

    Whether all of this will be enough to make Canadian politicians and others thinking of introducing the same step back, is a story for another time. Whats clear, though, is that this recent outcry against lawful access is a perfect echo of what we've heard each time a backdoor to encryption is suggested.

    Perhaps, Protons CEO and Founder, Andy Yen, is right. To find a compromise, the first step is for the tech industry to acknowledge that, yes, privacy can be misused , "but the cost of a world without is so much higher".

    The second step may be for law enforcement to accept, too, that exactly as happens in the offline world there is some information that they may not be able to access.

    Link to news story: https://www.techradar.com/vpn/vpn-privacy-security/from-encryption-backdoor-to -lawful-access-is-a-compromise-between-privacy-security-and-law-enforcement-ne eds-actually-possible

    $$
    --- MultiMail/DOS
    * Origin: Capitol City Hub (1:2320/105)