您现在的位置是:探索 >>正文
【】
探索69792人已围观
简介The European Court of Human Rights (ECHR) has ruled that enabling governments to access everyone's e ...
The European Court of Human Rights (ECHR) has ruled that enabling governments to access everyone's encrypted messages is a human rights violation. It probably won't stop them from continuing to try, though.
In a 27-page judgement on Tuesday, the ECHR found that Russian legislation concerning online messaging services breach Article 8 of the European Convention on Human Rights, which protects the right to privacy. The case was brought by a Russian Telegram userwho objected to laws requiring messaging services to store users' communications for six months, keep their metadata for one year, and provide law enforcement with keys to decrypt their conversations upon request.
Russia stopped being a party to the Convention in Sept. 2022, six months after it was expelled from the Council of Europe, however the ECHR decided it was still able to hear the case as the events in question occurred prior to this.
SEE ALSO:Warning: Telegram is not end-to-end encrypted by defaultThe applicant successfully argued that it is impossible for Telegram to selectively provide authorities with decryption keys for some users and not others, as the technology simply does not work that way. Creating the ability to access any encrypted messages would enable access to all encrypted messages, weakening security and undermining privacy for everyone across the entire platform.
When encryption is an all or nothing deal, it seems better to err on the side of all.
"In the digital age, technical solutions for securing and protecting the privacy of electronic communications, including measures for encryption, contribute to ensuring the enjoyment of other fundamental rights, such as freedom of expression," wrote the ECHR.
"[I]n the present case the [internet communication organisers'] statutory obligation to decrypt end-to-end encrypted communications risks amounting to a requirement that providers of such services weaken the encryption mechanism for all users; it is accordingly not proportionate to the legitimate aims pursued."
The ECHR also considered Russia's data retention requirements "extremely broad," with "exceptionally wide-ranging and serious" implications which would require significant safeguards against abuse. Unfortunately, such safeguards were nowhere to be found.
The court accepted the applicant's claim that Russia's laws violate the right to privacy by enabling the government to arbitrarily access anyone's communication logs, even without cause. Russian law enforcement is not required to show messaging services judicial authorisation before accessing decryption keys, theoretically enabling them to conduct secret extrajudicial surveillance of users.
"Although the possibility of improper action by a dishonest, negligent or overzealous official can never be completely ruled out whatever the system, the Court considers that a system, such as the Russian one, which enables the secret services to access directly the Internet communications of each and every citizen without requiring them to show an interception authorisation to the communications service provider, or to anyone else, is particularly prone to abuse," wrote the ECHR.
Telegram refused Russia's request to weaken encryption
The ECHR case concerned a 2017 order from Russia's Federal Security Service, which demanded Telegram provide information allowing it to decrypt communications from six users suspected of "terrorism-related activities." Telegram refused to comply with the order, stating that it was impossible to do so without creating a backdoor that would weaken encryption for all its users. It also noted that the users in question had activated Telegram's optional end-to-end encryption, meaning even the company couldn't access their messages.
Related Stories
- Messenger is finally adding default end-to-end encryption
- Update: Telegram says it will ‘protect user data at any cost’
- What Russians should keep in mind when using Telegram
- What is end-to-end encryption?
- Twitter's encrypted DMs are here, but they have many, many limitations
Russia subsequently fined and blocked Telegram in the country. Though the ban was eventually lifted in 2020, it was upheld in domestic courts despite challenges by the current applicant and others. The applicant therefore took the matter to the ECHR, alleging that he was unable to get justice for the violation of their human rights through the Russian courts.
Tuesday's ECHR ruling awarded the applicant €10,000 ($10,725) in damages, though whether he'll actually receive that money is another question. In 2015 Russia passed a domestic law enabling its Constitutional Court to overturn ECHR rulings, a move which Human Rights Watch criticised as undermining victims' ability to seek justice.
Governments vs Encryption
Governments around the world have tried forcing tech companies to weaken their encryption for years. In 2016, Apple CEO Tim Cook publicly opposedthe U.S. government's request for an iPhone encryption backdoor, stating that creating one would have "chilling" privacy and surveillance implications. Nevertheless, the U.S. has continued to pressure Apple to build a way for law enforcement to unlock people's devices. WhatsApp also rejected a request from the UK government to build a backdoorto its encryption in 2017 — a conflict that could still end with it pulling out of the country altogether.
Encryption is further being threatened in the U.S. by the Eliminating Abusive and Rampant Neglect of Interactive Technologies (EARN IT) Act, proposed legislation which was introduced to Congress in 2020. At the time, messaging app Signal warned that it may not be able to continue operating in the U.S. if the bill passed, alleging that the act would undermine end-to-end encryption. The bill was later amended in an attempt to address such concerns, though it wasn't enough to assuage privacy experts.
The ECHR's ruling this week is unlikely to put this long running encryption issue to rest. Still, it's a notable victory for privacy and security advocates across the globe.
TopicsApps & SoftwareCybersecurityPrivacy
Tags:
转载:欢迎各位朋友分享到网络,但转载请说明文章出处“夫榮妻貴網”。http://new.maomao321.com/news/8a50899483.html
相关文章
Watch MTV's Video Music Awards 2016 livestream
探索It's MTV Video Music Awards night. Are you ready?Kanye's going to be there, and he's going to say th ...
【探索】
阅读更多Queen Elizabeth II's last royal corgi passes away
探索The end of an era. 。Queen Elizabeth II's last royal corgi, Willow, has reportedly passed away, the Da ...
【探索】
阅读更多Critics are in love with 'God of War': Review roundup
探索The reviews are in and people are loving the new direction that God of Waris embarking on.The long-a ...
【探索】
阅读更多
热门文章
- Early Apple
- 'Tully' writer Diablo Cody talks women in film, on screen and off
- Taylor Swift played host to foster children at her last tour rehearsal
- BlackBerry Key 2 will be announced on June 7 in New York
- U.S. pole vaulter skids to a halt for national anthem
- Playful Shiba is a little too excited about new toy
最新文章
Chinese gymnastics team horrifies crowd with human jump rope
Stephen Colbert, Mark Hamill, and other celebs tweet old headshots
Mark Zuckerberg's hearing would've been better in Scottish accents
Fyre festival to get a documentary for Hulu
Darth Vader is back. Why do we still care?
Listen to the moment Southwest 1380 tells air traffic control someone was sucked out of the plane