A pesar de estas garantías, CEPIS está profundamente preocupado por la posibilidad de que esta hoja de ruta proponga tecnologías peligrosas que debiliten o rompan el cifrado, socavando en última instancia tanto la ciberseguridad como los derechos fundamentales.
EDRi, una red europea dedicada a la defensa de la privacidad en línea, está preparando una carta conjunta dirigida a la vicepresidenta de la Comisión para la Soberanía Tecnológica, la Seguridad y la Democracia, Henna Virkkunen, instando a la prudencia y solicitando la participación de expertos independientes, como tecnólogos, abogados y académicos, durante el desarrollo de la hoja de ruta.
Le invitamos a firmar la carta en una de estas dos formas:
- Firma organizativa: para organizaciones con experiencia en derechos humanos y/o tecnología, como las Sociedades Miembro del CEPIS
- Firma individual: para tecnólogos independientes, expertos en ciberseguridad, académicos, científicos o investigadores (con credenciales o experiencia investigadora relevantes)
Firme aquí antes del 28 de abril de 2025 (hora del centro de Londres, CEST):
https://hub.edri.org/index.php/apps/forms/s/xQmXbixFqJZEF5kBfHCSzB6A
Letter to EU Commissioner Virkkunen re: ProtectEU strategy on encryption
-
organisational sign-ons: civil society organisations with specific human rights and technology expertise
-
individual sign-ons: independent technologists / cybersecurity experts, academics, scientists or researchers (PhD or demonstrated research track record required)
Deadline for signatures: 28 April 2025 COB CET
For any question, please contact: chloe.berthelemy@edri.org or ella.jakubowska@edri.org
30 April 2025
Subject: Academics, technologists and other experts call for a key role in Technology Roadmap on encryption
Dear Executive Vice-President for Tech Sovereignty, Security and Democracy Virkkunen,
The undersigned stakeholders are civil society organisations, scientists, researchers and other experts with expertise in human rights and technology.
On 1 April, the European Commission published its new Internal Security Strategy, ProtectEU, setting out its plans for the next five years with the aim of coordinating a European response to security threats. Providing safety, protection and justice to all people and communities in Europe is an important part of the EU’s mission. It requires an evidence-based and holistic approach by all institutions to address societal problems at the root and to deliver adequate structural solutions.
From this perspective, we are concerned that the foreseen framework for access to data by law enforcement authorities risks undermining the exercise of fundamental rights and our collective cybersecurity. In particular, the “preparation of a Technology Roadmap on encryption, to identify and assess technological solutions that would enable law enforcement authorities to access encrypted data in a lawful manner” raises several questions.
From past and recent attempts at EU level, we know that ‘silver bullet’ technological ‘solutions’ are not only ineffective, but result in harmful consequences, including for those who need most protection. There is a wide scientific consensus about the technical impossibility to give law enforcement exceptional access to communications that are encrypted end-to-end without creating vulnerabilities that malicious actors and repressive governments can exploit. Experts found that even the latest technologies like client-side scanning pitched as secure and privacy-preserving, are in fact privacy invasive, enable bulk surveillance and increase the risks of security breaches.
Encryption is a vitally important tool for people’s rights and freedoms, as well as for the development of vibrant and secure communities, civil society, public administrations and industry. In face of a complex threat landscape and the increased digitalisation of every aspect of our lives, encryption is no longer a luxury but a sine qua non condition for our ability to navigate safely online.
Rather than investing more resources and time in systems that are demonstrably causing harm, we firmly believe that all stakeholders need to work together to find long-term solutions (both technical and non-technical) to complex societal issues which are based in scientific evidence and are respectful of all fundamental rights.
As the European Commission has set its intention to “safeguard cybersecurity and fundamental rights” while carrying out this exploratory work, we would like to support the Commission in meeting this objective and therefore kindly request the following:
-
A meeting between you and representatives of signatories of this letter to further discuss our position and contributions;
-
Seats at the Technology Roadmap table for academics, independent technologists, tech and human rights lawyers and civil society actors specialised in these issues to ensure that we can meaningfully participate.
We further believe that we would be well-positioned to provide expert technical briefings to you, your cabinet and services, and would be delighted to make ourselves available for this purpose.
Sincerely,
European Digital Rights (EDRi)
Más información
en Free Software Foundation Europe: https://fsfe.org/index.es.html