Why “Chat Control” threatens encryption

At the core of the CSA Regulation is the implementation of “upload moderation,” or client-side scanning. Upload moderation is in fact only a euphemism by EU politicians to stop the constant public resistance against this dangerous law. Client-side scanning - if required by law - would ask tech companies to scan communications for illegal content on the client before the encryption takes place and send suspicious content to the authorities. The Hungarian Presidency claims that this can coexist with end-to-end encryption, but this is fundamentally untrue.

End-to-end encryption ensures that only the sender and recipient can read a message. However, with client-side scanning, messages are scanned before being encrypted, defeating the purpose of encryption itself. This effectively mandates weakening of encryption, which would be incredibly dangerous for our digital resilience in Europe. As it stands, there are no technical solutions that can preserve the security of end-to-end encryption while meeting the CSA proposal’s demands for content detection.

Why this matters more than ever

The current CSA proposal, thus, introduces alarming new risks to digital security and privacy. By mandating the scanning of encrypted messages, the proposal opens users up to a host of new vulnerabilities.

• Malicious attackers steal your data before it’s encrypted: Client-side scanning creates opportunities for hackers to exploit vulnerabilities in the system and gain access to private, sensitive data before it is encrypted.
• Distributed Denial-of-Service (DDoS) attacks: The more complex systems become, the more points of failure exist. By implementing client-side scanning, service providers could become vulnerable to DDoS attacks, disrupting availability.
• Manipulation of CSAM system: The systems used to detect illegal content could be manipulated, leading to false accusations or criminal exploitation of flawed detection mechanisms.
• Reverse engineering: Scanning software could be reverse-engineered by hackers or state actors to bypass security protections, potentially exposing entire systems to unauthorized access.
• Nation-state exploitation: We have already seen how sophisticated actors, such as Chinese state hackers, for instance, when attacking Microsoft, exploit backdoors in systems designed for lawful surveillance. Weakening encryption or introducing scanning mechanisms will provide malicious actors with new opportunities to compromise national security.

These risks are increased if client-side scanning becomes a legal requirement to email and chat services. In fact, the proposed EU CSA regulation decreases everybody’s security online, instead of increasing it.

China hacked AT&T via lawful wiretaps

A recent cyberattack linked to Chinese state actors exposed vulnerabilities in U.S. broadband networks, particularly those used for lawful wiretaps as the Wall Street Journal reported. In this hack, Chinese attackers had access to network infrastructure of Verizon Communications, AT&T and Lumen Technologies for months. The attackers abused the very same access points that were used by these companies to cooperate with legal requests from American authorities.

If systems meant to ensure public safety can be breached, as they were in this case, introducing similar weaknesses into encryption for EU citizens would be disastrous.

This attack exemplifies why we need to keep our systems as secure as possible to stay resilient, which is highlighted by the Dutch intelligence service.

According to the Wall Street Journal Senior U.S. officials are off the same opinion, warning that China poses a significant risk to the economy as well as nation security - one that must not be increased by weakening encryption in our own systems - no matter the purpose. Brandon Wales, former executive director at the Cybersecurity and Infrastructure Security Agency and now a vice president at SentinelOne tells the Wall Street Journal:

“It will take time to unravel how bad this is, but in the meantime it’s the most significant in a long string of wake-up calls that show how the PRC (People’s Republic of China) has stepped up their cyber game. If companies and governments weren’t taking this seriously before, they absolutely need to now.”

We simply must not allow backdoors in encrypted communication for the authorities. A backdoor is a backdoor and can’t be protected from state attackers. Encryption must be strong.

Dutch opposition as tipping point

Dutch intelligence service opposes client-side scanning.

This is underlined by the postponement of last week’s vote on the CSA regulation which got cancelled on short notice because of opposition from the Netherlands, an EU member state that similar to Germany is now securely positioned against client-side scanning.

The Netherlands stated quite clearly (Dutch source):

“Introducing a scanning application on every cell phone with an associated infrastructure of management systems would create an extremely large and complex system. This complex system has thereby accesses a large amount of mobile devices and the personal data on them. This ultimately results in a situation of which the AIVD considers the risks to digital resilience is deemed too great.”

The above comment was not made by anyone, but by the influential Dutch intelligence service. In short, they said: “Applying detection orders to providers of end-to-end encrypted communications entails too large a security risk for our digital resilience.”

Hungary must be stopped

The dangers of compromising encryption are clear. Yet - and despite the fact that the European Court has declared client-side scanning as proposed in Chat Control as illegal - Hungary continues to push for this deeply flawed solution, ignoring the growing body of evidence that highlights its risks. Alarmingly, while the criticism of Chat Control continues, the opposition against Chat Control has weakened. Key member states like the Netherlands, Germany, Poland, and others have voiced strong resistance, but Hungary continues to rally support.

Countries in favor of the proposal, such as Spain, Greece, and Ireland, may be underestimating the long-term consequences of weakening encryption.

Here’s the current breakdown of member state positions:

• Opposing: Poland, Germany, the Netherlands, Luxembourg, Austria, Estonia, and Slovenia.

• Cautious: Czechia, Italy, Sweden, and Finland have expressed the need for further technical refinements.

• In Favor: Spain, Greece, Ireland, Denmark, Croatia, Cyprus, Malta, Lithuania, Latvia, and Romania.

More opposition is needed

The shrinking opposition against Chat Control is worrying. But while support for the CSA proposal may be growing, the reasons to oppose it have never been clearer. Weakening encryption to achieve a short-term goal will result in long-term security risks for all Europeans. The integrity of our communications, the safety of our personal data, and the privacy of millions are at stake.

The EU must recognize that there are better ways to combat online harms without compromising encryption. Law enforcement can and should use alternative, more secure methods to tackle child sexual abuse material (CSAM), rather than placing the burden on tech companies to weaken the security of their services.

Fight for strong encryption continues

Encryption is the backbone of digital security. It protects individuals from criminal exploitation, ensures the privacy of personal communications, and safeguards national security. Once encryption is weakened, it becomes vulnerable to exploitation by anyone with the resources to find and exploit its flaws — whether it be cybercriminals or hostile foreign governments.

Hungary’s push for Chat Control must fail. The stakes are simply too high to allow this proposal to pass unchecked.

European citizens deserve strong, uncompromised encryption to protect their privacy, safety, and security. And we at Tuta will continue to fight for your right to encryption!