*Please consider adding <[email protected]> to your address book, which
will ensure that our messages reach you and not your spam box!*

*Read and share online: <[link removed]>*


Dear Free Software Supporter,

*October 21st marks [Global Encryption Day][1], a time that calls to
mind the many benefits of an unfairly (but increasingly) maligned
technology. This has given us an occasion to reflect on recent attacks
to encryption on the part of governments, specifically the European
Union.*

No longer content with passively monitoring every phone call and text
we send, anti-encryption efforts now aim to place invisible
"backdoors" into the apps and protocols we use to message one another. It thereby
grants government officials the ability to decrypt encrypted
messages at will. Think you're just sending that message to one
person? Guess again. With mandatory backdoors, you're also sending it
to the government intelligence agent assigned to you. In today's
world, we aren't used to thinking about the country someone might be
in before messaging them. We simply expect that message to go through,
and, if we're using encryption, for that message to be secure. This
makes any anti-encryption measure that passes in *any* country a
threat to end-to-end encryption globally. Each law that passes lends
further (though false) legitimacy to the idea that government has the
right to spy on our most private communications.

[1]: [link removed]

The European Union is now attempting to top the [recent attacks][2]
against encryption in the US and UK through "chat control," a method
of restricting encryption that encroaches on user privacy by mandating
these client-side backdoors into [popular messaging and email clients][3],
especially those utilizing end-to-end encryption. European officials
say that this will only be used to target criminals sharing illegal
and morally reprehensible images, and they try to assure us that the
security and privacy of the average person will remain untouched. This
is all despite a [recent report from the European Data Protection
Board][4]'s warning that these processes are far from foolproof,
likely to target more innocent citizens than actual criminals.

[2]: [link removed]
[3]: [link removed]
[4]: [link removed]

Chat control measures have been discussed in the EU for some
time. Now, they seem dangerously close to adoption. They follow a
[temporary measure][5] adopted by the European Parliament, which
requested that communication providers *voluntarily* hand over
information to law enforcement sourced from an individual's
communications. A [proposal currently under discussion][6] within the
Council of the European Union seeks to make this measure permanent,
and moreover, to make it mandatory for email and chat hosts to spy on
their users. In the case of end-to-end encryption, this means
installing a permanent client-side backdoor into both free and nonfree
messaging apps. And while there has been some [resistance][7]
to legislators' actions from advocacy groups like European Digital
Rights, and others in the EU, this has not created a change in
direction. Chat control needs to be stopped in its tracks.

[5]: [link removed]
[6]: [link removed]
[7]: [link removed]

It's not exactly uncommon to see lawmakers misunderstanding
technology. They're showing that misunderstanding loud and clear when
they make the assumption that only criminals use end-to-end
encryption. The average citizen should have "nothing to hide," so the
tired argument goes. Yet as we've [written previously][10], you aren't
"hiding" when you lock your home to keep others out. Our
communications ought to be treated the same way. Most of us have a
natural aversion to someone reading over our shoulder. To paraphrase
Orwell, the future European lawmakers are now working toward a
future where someone reads over your shoulder forever, and this comes
to the extreme detriment of journalists, activists, whistleblowers,
and everyday people that value their privacy.

As mentioned in the Data Protection board's report, European
policymakers and technologists have acknowledged that the majority of
material these backdoors flag will be [false positives][8], or that
they will represent hashes of infringing material now so well known
that it won't be of any use. We couldn't have asked for a better
example of this type of technology going wrong than Google's recent,
inaccurate, and unjust [flagging][9] of a concerned father's medical
inquiry as explicit, illegal imagery. Some would argue that it's
acceptable to target criminals with measures like chat control, yet
experience has shown that even when nominally targeting criminals,
it's the broader public that suffers. Restricting end-to-end
encryption is little more than attempting to make a certain kind of
math off-limits to law-abiding citizens, and when this happens, only
criminals *will* be using encryption. As activists for software
freedom and every kind of digital liberty are well aware, these
encroachments aren't liable to stop once they begin. Backdoors into
encrypted services harm everyone's privacy, up to and including those
that it's trying to protect.

[8]: [link removed]
[9]: [link removed]

As the way we interact with each other becomes ever more mediated by
technology, the circumstances under which we share our most private
thoughts and feelings matter more than ever. This is particularly the
case for young adults coming to terms with their own identity, and the
last thing this already difficult time in a person's life needs is a
petty bureaucrat monitoring what they share, think, and feel.
Especially where self-discovery is concerned, we ought to respect
minors enough to allow them secure and encrypted communications with
one another, without the prying eyes of bigoted parents or even
bigoted bureaucrats.

[10]: [link removed]

Freedom and privacy should be the legacy that we leave children, not a
technological infrastructure that deprives them of these rights, or
worse, implies that they never existed in the first place. Having the
best of intentions doesn't matter: once the backdoor is open, there's
no closing it. Protecting children from harm is as noble of a goal as
it always was, but placing backdoors in how we talk and share isn't
the way to go about it.

In freedom,

Greg Farough
Campaigns Manager

## Take action!

### European Union

The call for feedback has finished, and the proposal will be further
discussed. We know from some member states that they are organizing
protests and other ways to publicly show objection. We ask you to join
these efforts to make sure that in these discussion rounds the voices
of the people that are represented continue to be heard, and this
injustice will be stopped.

### Elsewhere

The movement for freedom, security, and privacy can always use people
who understand and recognize its importance. We recommend starting a
conversation with your friends and family about the need for privacy
in our communications, perhaps by offering to go through the FSF's
[Email Self-Defense][11] guide with them.

[11]: [link removed]

--
* Follow us on Mastodon at <[link removed]>, GNU social at
<[link removed]>, PeerTube at <[link removed]>, and on Twitter at @fsf.
* Read about why we use Twitter, but only with caveats at <[link removed]>.
* Subscribe to our RSS feeds at <[link removed]>.
* Join us as an associate member at <[link removed]>.
* Read our Privacy Policy at <[link removed]>.

Sent from the Free Software Foundation,

51 Franklin St, Fifth Floor
Boston, Massachusetts 02110-1335
United States


You can unsubscribe from this mailing list by visiting

[link removed].

To stop all email from the Free Software Foundation, including Defective by Design,
and the Free Software Supporter newsletter, visit

[link removed].