Human Rights Press
Source: Electronic Frontier Foundation (https://www.eff.org/deeplinks/2024/03/european-court-human-rights-confirms-undermining-encryption-violates-fundamental)
The European Court of Human Rights (ECtHR) has issued a landmark decision in the case of Podchasov v. Russia, ruling that weakening encryption to grant access to communications data violates the right to privacy enshrined in the European Convention on Human Rights (ECHR).
The case stemmed from a 2017 Russian law requiring internet communication providers to store user data and content, and provide decryption capabilities to law enforcement. This law, challenged by Telegram messaging app, was seen as an attempt to create backdoors in encryption, potentially compromising the privacy of all users.
The ECtHR’s judgment emphasizes several key points:
- Encryption safeguards privacy and other fundamental rights, including freedom of expression.
- Weakening encryption through backdoors creates security risks for all users, not just those targeted by law enforcement.
- Alternatives to decryption exist, such as targeted investigations and improved law enforcement resources.
The Court found that Russia’s law, requiring both data storage and decryption capabilities, disproportionately interfered with the right to privacy and lacked sufficient safeguards against misuse. This judgment is expected to have significant implications for ongoing debates about encryption policies in Europe and beyond.
Impact on Current Policy Developments:
- The ruling challenges efforts in the UK to scan user content under the Online Safety Act.
- It raises concerns about the proposed EU message-scanning proposal (CSAR), which could force platforms to scan encrypted messages, potentially weakening encryption.
- The ECtHR judgment sets a precedent for future discussions on law enforcement access to encrypted data, urging legislators to prioritize strong encryption and user privacy.
