Note that this is not about backdoor requirements or abilities, but about QuellenTKÜ (english: source telecommunications surveillance), which involves getting a trojan onto end devices, either through hacking, like using a bought 0-day, or by breaking into houses of suspects. It already exists as a part of law enforcement in various German states. The proposed regulation is to allow this for a bunch of additional federal agencies as well.<p>A backdoor requirement like Australia has it would be the service vendor having to write their apps in a way that the apps can decrypt content on remote command. That goes much farther than expensively and riskily hacking the devices of suspects.<p>Link to the passed draft (German): <a href="https://www.bmi.bund.de/SharedDocs/downloads/DE/gesetzestexte/gesetzesentwuerfe/entwurf-anpassung-verfassungsschutzrecht-bverfschg-madg-g10.pdf?__blob=publicationFile&v=1" rel="nofollow">https://www.bmi.bund.de/SharedDocs/downloads/DE/gesetzestext...</a>
This might actually be good. It seems to be an alternative way to enable law enforcement instead of breaking encryption. EDRi has a document outlining solutions for law enforcement without breaking encryption: <a href="https://edri.org/files/encryption/workarounds_edriposition_20170912.pdf" rel="nofollow">https://edri.org/files/encryption/workarounds_edriposition_2...</a>
I’ve heard that systems like these are more about promoting state-sponsored industrial sabotage than realistically assisting in crime prevention. In this case though, it seems like Germany is trying to act as the “city on a hill” for the rest of the EU member states to model afterwards.
A couple problems with this submission:<p>(1) articles on HN need to be in English. We have deep respect for the German language and for other languages, but HN is an English-language site;<p>(2) we've gotten complaints about this title being misleading and/or completely wrong.<p>I've edited the title now in an attempt to be more accurate. (Submitted title was "Germany's Bundeskabinett approves draft law allowing WhatsApp/Messenger backdoor".) If there's a more accurate and neutral title we can change it again.
This doesn't seem like it "allows" a backdoor; it seems like it <i>requires</i> one. (IANAL, etc etc.)<p>So much for the EU's vaunted privacy rights...
<i>>Die Nachrichtendienste sollten in digitalen Bereich dieselben Möglichkeiten bekommen, die sie im analogen bereits haben</i><p>translated: "Intelligence agencies ought to have the same capacities in the digital sphere that they have in the analog world."<p>Going to be an unpopular opinion here but i agree with this. I don't think there is any precedent for impenetrable private communication legally or culturally. Capacity to say, tap a phone or surveil communication has existed, of course with a warrant and strict legal checks.<p>People who want to argue against this need to make a case why legal or cultural standards should adopt to a technology, rather than arguing from technological capacity backwards.