Why does Spain want to ditch end-to-end encryption?

He end-to-end encryption it is a way to protect the privacy and security of digital communications. It consists in converting messages that are sent between two devices into a code that only they can decrypt, which prevents third parties from accessing their content. End-to-end encryption is based on the use of cryptographic keys that are generated and stored on users’ own devices and can be fixed or variable depending on the method used.

Some examples of services that offer end-to-end encryption are WhatsApp, Signal, or Zoom. End-to-end encryption has a number of benefits, such as guaranteeing the confidentiality, integrity, and authenticity of messages, and protecting the human rights of the people who communicate. However, this also creates some problems, such as the possibility of attacks on the endpoint, the difficulty of authentication, or pressure from the authorities to create loopholes that allow access to encrypted messages.

And today Spain wants to abolish this privacy feature, all with the aim of combating and preventing child sexual abuse and other crimes.

The document, originally leaked to Wired and available online here, asks member states of the European Union to take a stand on various measures to combat child abuse and child pornography. Among these measures is the ability to remove or somehow weaken end-to-end message encryption (basically the technology that makes your private conversations private). Most countries support the idea that private messages can be scanned and analyzed at the request of the court, but Spain, along with Poland, are advocating a much more radical position: to completely eliminate encryption.

“It is essential that we have access to the data,” explains Spain’s response to EU questions. “Equally important is that we have the ability to analyze this data, no matter how big it is.”

The position of the Spanish Ministry of the Interior, whose current minister is Fernando Grande-Marlasca, is that “Internet service providers in EU member states should be prohibited by law from implementing end-to-end encrypted communications.”

This proposal was soon criticized even within the EU itself. “Hacking end-to-end encryption is not only disproportionate, but completely ineffective in protecting minors,” Iverne McGowan, secretary general of the EU Center for Democracy and Technology, explains to Wired.