In a strong statement, Meredith Whittaker, President of Signal, has highlighted the persistent threats to end-to-end encryption (e2ee), criticizing new proposals such as “upload moderation” that undermine digital privacy under the guise of innovative branding.
This comes amidst ongoing debates within the EU over chat control legislation.
Threat to e2ee integrity
Whittaker's statement highlighted the essential role of end-to-end encryption in protecting privacy amid increasing state and corporate surveillance. She pointed out the long-standing expert consensus that any attempt to expose encrypted communications to surveillance inherently compromises the integrity of encryption.
“For decades, experts have been clear: there is no way to both preserve the integrity of end-to-end encryption and expose encrypted contents to surveillance,” Whittaker stated.
“But proposals to do just this emerge repeatedly — old wine endlessly repackaged in new bottles, aided by expensive consultancies that care more about marketing than the very serious stakes of
these issues.”
Last November, the European Parliament took a significant step by voting to exclude end-to-end encryption from mass surveillance mandates in the chat control legislation. This decision was celebrated as a victory for privacy advocates and was informed by a global coalition of computer security experts. These experts warned that subjecting private communications to mass scanning would create dangerous vulnerabilities exploitable by hackers and hostile nation-states.
Despite this progress, some European countries continue to push for surveillance measures under new labels, such as “upload moderation.” Whittaker condemned these rebranding efforts as misleading and dangerous, asserting that they still pose the same risks to encryption and privacy.
“Mandating mass scanning of private communications fundamentally undermines encryption. Full stop,” Signal’s President emphasized.
Broader call to action
The debate over chat control is not confined to Europe; its implications are global. Whittaker stressed that any weakening of encryption standards in Europe would have far-reaching consequences, potentially compromising the security infrastructure worldwide. She called on policymakers to heed the warnings of the expert community and prioritize the protection of encryption.
In a related statement, European MEP Patrick Breyer of the Pirate Party echoed Whittaker's concerns and urged immediate action. Breyer warned that the Belgian Presidency of the EU Council plans to push through chat control measures during a period of reduced public scrutiny post-elections. He emphasized the need for civil society to remain vigilant and active in opposing these measures, providing steps for citizens to contact their governments and express their opposition.
Adding to the chorus of opposition, the Chaos Computer Club (CCC) also criticized the rebranding efforts, labeling them as “forced voluntariness.” Linus Neumann, a spokesperson for the CCC, highlighted the deceptive nature of these proposals, noting that requiring user consent under threat of service limitations is not genuine voluntariness. The CCC reiterated that mass scanning of private communications equates to mass surveillance, regardless of the technicalities or terminology used.
As the EU Council prepares to vote on the chat control legislation, the message from privacy advocates and experts remains clear: any measure that mandates the scanning of private communications undermines the fundamental principles of encryption and poses significant risks to global security.
Things people can do to stop this legislation from passing include contacting their government’s representatives to the EU urging them to vote against chat control measures, and raising awareness online and offline about the implications of these proposals so others can join in the effort to oppose them.
Americo Parrote
Thanks for your great article!
Nice app btw, but…
Signal Private Messenger android app may collect these data types:
– Personal info
Signal Private Messenger app has access to YOUR:
Identity:
– find accounts on the device
– read your own contact card
– modify your own contact card
Calendar:
– read calendar events plus confidential information
– add or modify calendar events and send email to guests without owners’ knowledge
Contacts:
– find accounts on the device
– read your contacts
– modify your contacts
Location:
– approximate location (network-based)
– precise location (GPS and network-based)
SMS:
– read your text messages (SMS or MMS)
– receive text messages (MMS)
– receive text messages (SMS)
– send SMS messages
– edit your text messages (SMS or MMS)
Phone:
– directly call phone numbers
– read phone status and identity
Photos/Media/Files:
– read the contents of your USB storage
– modify or delete the contents of your USB storage
Storage:
– read the contents of your USB storage
– modify or delete the contents of your USB storage
Camera
– take pictures and videos
Microphone:
– record audio
Wi-Fi connection information
– view Wi-Fi connections
Device ID & call information
– read phone status and identity
Other:
– send WAP-PUSH-received broadcast
– receive data from Internet
– view network connections
– create accounts and set passwords
– pair with Bluetooth devices
– send sticky broadcast
– change network connectivity
– connect and disconnect from Wi-Fi
– disable your screen lock
– full network access
– change your audio settings
– read sync settings
– run at startup
– set wallpaper
– use accounts on the device
– control vibration
– prevent device from sleeping
– toggle sync on and off
– install shortcuts
(Source: Google Plus, Signal Private Messenger app)
User
Hi Americo,
The information you obtain is not accurate as according to their website https://signal.org/ and many security experts, Signal keeps your conversations secure. We can’t read your messages or listen to your calls, and no one else can either. Privacy isn’t an optional mode — it’s just the way that Signal works. Every message, every call, every time.
On the other hand, it is important to mention that due to their great privacy, many goverments tried to force this app to let backdoors in order to obtain info from their citizens (UK for example) https://cyberinsider.com/signal-threatens-to-leave-uk-over-new-law-tutanota-pledges-to-stay/ as it is impossible for them. The only way would be to break the encryption. Signal does not keep your calls or messages. You can also audit their open source code if you have any concern.
User
Signal is the best option so far. Sadly, it looks many citizens do not care or rely too much on politicians. One day, they will regret not fighting enough for their rights and letting others to think what is better for them. This is the society we are building, people who never think.
Bobuntu
Complacency is one of the greater flaws of the ignorant masses!
Mythos
Hmm. I am not surprised. Telegram seems to be quite popular. There could be trouble for Signal in the near future.
lakkomd
it’s meaning is safe or ni ?
did strong looking paste ir no ?
is good for using now and future ir ni ?