The government of the Netherlands has publicly rejected notions of allowing encryption backdoors for the purposes of expanding surveillance powers of intelligence and law enforcement agencies.
In a bold statement published on Monday, the Dutch Minister of Security and Justice Ard van der Steur advocated “the importance of strong encryption for Internet security to support the protection of privacy for citizens, companies, the government, and the entire Dutch economy.”
Van der Steur continued “Therefore, the government believes that it is currently not desirable to take legal measures against the development, availability and use of encryption within the Netherlands.”
The minister also mentioned that weakened encryption will not lead to a safer world, arguing that without it, criminals would only face less obstacles between them and access to private and confidential information.
As a measure to reassure the public of its intentions, the Dutch government has even invested $500k into the OpenSSL library.
The move heavily contrasts current, ongoing demonisation of encryption as well as recent pro-backdoor initiatives by major governments including the Investigatory Powers Bill in the United Kingdom and the the highly controversial CISA legislation in the US, which was approved shortly before the start of the festive season as part of a trillion-dollar spending budget.
Despite apparent reforms to NSA mass surveillance in 2015, heated debates for and against encryption had become commonplace following last year’s terrorist attacks in France. And although it was revealed that the Paris attackers communicated and coordinated their steps via unencrypted SMS messages, proponents of mass surveillance have only stepped up their bid to lobby for weaker encryption.
Both laws have received widespread opposition from privacy advocates and security experts alike. For instance, the Investigatory Powers Bill’s much disputed Section 189 is currently subject to heavy discussion in the British Parliament, as it could potentially force companies to comply with legal backdoor requests from the government.
CISA, on the other hand, is a legislation that provides companies with immunity from regulators following the handing over of sensitive customer data. It will also pave the way for the creation of a federal portal, through which companies will share the data with several government agencies. However, security experts argue that the law was mistakenly rushed into action and lacks numerous vital pro-privacy provisions.
What is encryption?
For those new to the subject, encryption in the digital age is a method of securing electronic data by converting it into ciphertext.
Encryption comes in a multitude of forms and variations, and if you don’t think that you have yet encountered it, you’ll be wrong. Each time that you access a website with a HTTPS connection (check for the padlock icon next to the URL in address bar of the browser), it means the traffic between you and the website’s server is encrypted and thus secured. It is used with all major email providers, payment systems, online banking and numerous other sites responsible for handling sensitive user data.
Encryption is also a fundamental feature of virtual private network (VPN) services. It is implemented in the VPN tunnel through which the user’s traffic is redirected on it’s way to the selected server.
Emphasising on the importance of encryption, Van der Steur argues that it “supports respect for privacy and the secret communication of citizens by providing them a means to communicate protected data confidentially and with integrity.” By permitting private communication, encryption “empowers important democratic functions like journalism”, added the Justice Minister.