In light of recent discussions regarding encryption backdoors, the Dutch government said it does not believe the adoption of restrictive legal measures against the development and use of encryption in the Netherlands would have a positive impact.
Many experts have called for the wide implementation of strong encryption for the security and privacy of consumers and organizations. However, an increasing number of governments want encrypted online communications to be banned, or backdoors to be placed in encryption systems.
Talks about encryption backdoors were resparked by the Charlie Hebdo and Paris terrorist attacks that occurred in France last year. Authorities in the United States, the United Kingdom and elsewhere have been complaining that the recently developed commercial technologies make it very difficult for law enforcement and intelligence agencies to monitor communications even if they have appropriate legal authorization.
In a statement published on Monday on the website of the country’s House of Representatives, the Dutch government noted that while the use of encryption is important for both citizens the country’s economy, it represents a problem in the investigations conducted by intelligence and security services.
However, the government believes there’s not much that can be done on a national level considering that strong encryption is already integrated into many products and services, and is available worldwide.
The government in the Netherlands believes authorities should seek new solutions to address the issues posed by the use of encryption during their investigations, but weakening encryption is not the answer. Dutch officials have pointed out that introducing a backdoor that would allow authorities to access encrypted data could also be abused by criminals, terrorists and foreign intelligence services, and it could have undesirable consequences.
“The government recognizes the importance of strong encryption for Internet security, to support the protection of the privacy of citizens, for confidential communication of the government and companies, and for the Dutch economy,” the Dutch government stated. “Therefore, the government believes that it is currently not appropriate to adopt restrictive legal measures against the development, availability and use of encryption within the Netherlands.”
The Dutch government also showed its support for encryption in October when it announced that it would give €500,000 ($540,000) to the OpenSSL Project for the improvement of the OpenSSL encryption library.
“The decisive announcement from the Netherlands to maintain strong encryption and avoid implementing back-door access sets a powerful example that other world governments should follow,” Dr. Nithin Thomas, co-founder and CEO of SQR Systems, told SecurityWeek.
“Rather than pursuing any approach that would make current encryption technology less secure, we must ensure that the organisations and individuals that own the data are able to access and control it themselves. This would allow them to comply with legal needs during investigations and criminal proceedings without compromising security. This requires communications service providers to re-think their communications security architecture and corporate policy to enable them to deal with legal intercepts,” Thomas added.
“By passing responsibility for lawful disclosure to the individuals and organisations that own the data, we will remove the need to damage the protection that encryption affords. This will also create more trust between users and authorities, with the process becoming more transparent rather than occurring behind closed doors,” the expert said.
*Updated with commentary from Dr. Nithin Thomas
Related Reading: Britain to Unveil New Online Spying Laws