European Union member states are being asked to provide examples of how encryption technologies are impacting criminal investigations. As police and governments push for lawful access to encrypted messaging services, Europol is collecting evidence about how criminals misuse platforms like WhatsApp, Meta, and Signal to evade detection.
A European Commission working group highlighted the difficulty law enforcement faces in measuring the challenges posed by end-to-end encryption. They noted the lack of data makes it hard to quantify the issues criminals create using these encrypted services. A notable instance is the 2017 London Bridge attack by Khalid Masood, who sent a PDF titled “Jihad” to numerous contacts just moments before carrying out the deadly assault via encrypted apps. In another case, UK police reported a rape investigation was stalled because the suspects communicated through WhatsApp’s encrypted messages.
Recently, the European Commission confirmed its efforts to gather specific examples showing how encryption disrupts police work. They haven’t determined if this information will be shared publicly.
At the World Economic Forum in Davos, Europol’s director general, Catherine De Bolle, increased pressure on tech companies, urging them to allow law enforcement access to encrypted communications. She emphasized a “social responsibility” for these companies to help police identify criminals. De Bolle warned that companies not cooperating risk threatening democracy in Europe.
This stance highlights a significant divide between tech experts and law enforcement agencies. While tech professionals argue that weakening encryption heightens vulnerability to cybercrime, the European Commission’s working group insists that although encryption safeguards legitimate users’ privacy, it also enables criminals to hide their identities and conduct illicit activities without oversight. They proposed that police should have “lawful and strictly controlled effective access to data” and be included in standards discussions to address their needs from the start.
The group noted that telecommunications interception is critical for investigations but has become less effective as encrypted messaging apps dominate communication. They recommended a cautious approach, emphasizing that requests to tech companies should not mandate broad weakening of encryption for all users but should be targeted instead.
De Bolle compared the situation to executing a search warrant: if the police have a right to enter a locked house, they should have similar access to encrypted messages.
In April 2024, European police chiefs and the UK’s National Crime Agency signed a declaration expressing grave concern that encryption is hindering efforts to combat severe crimes such as child exploitation, drug trafficking, and terrorism. Their statement stressed that companies would struggle to respond to lawful requests and manage illegal activities effectively, compromising public safety.
These law enforcement leaders argued against the notion that there’s a strict choice between privacy and security. They believe technical solutions could satisfy both needs, provided there’s flexibility from governments and industry.
However, tech companies and cryptographic experts challenge that view. Security expert Bruce Schneier raised alarms about security risks after Chinese hackers accessed U.S. government backdoors designed for wire-tapping, highlighting vulnerabilities that come with any access to encrypted communications.
Voices like Amandine Le Pape, co-founder of the encrypted messaging platform Matrix, contend that degrading encryption itself threatens democracy. She argues that while today’s governments may be trustworthy, future authorities might not be. Le Pape suggests law enforcement can still conduct investigations through other channels without compromising encryption, such as monitoring unencrypted communications or examining metadata.
She likened De Bolle’s metaphor of a locked door to the implications of allowing police access to encrypted messages. Weakening encryption, according to her, would make it easy for anyone, including criminals, to breach security.