Crime Agency criticizes Meta as European police chiefs call for curbs on end-to-end encryption

Social media company Meta has come under fire as Europe’s police chief ramps up pressure on governments and tech companies over their use of end-to-end encryption to secure email and messaging services.

Police chiefs from 32 countries, including Britain, said in a statement published on April 21 that tech companies are rolling out end-to-end encryption in a way that undermines the ability of law enforcement agencies to investigate crime.

The intervention comes as Parliament is in the final stages of introducing new powers under the Investigatory Powers Act, which tech companies say could be used to prevent the deployment of end-to-end encryption without backdoor access.

The National Crime Agency announced Meta’s plans to deploy end-to-end encryption on its Facebook and Instagram services, sparking fears that this could lead to the loss of millions of reports of suspected child abuse every year.

NCA director Graeme Biggar said that while encryption can be hugely useful and protect the public from crime, tech companies are putting people at risk through their “blunt and increasingly widespread” rollout of end-to-end encryption.

“They can’t protect their customers because they can no longer see illegal behavior on their own systems. Child abuse does not stop just because companies choose to stop looking,” he said.

The NCA says the “vast majority” of suspicious activity reports provided to UK police will be lost if Meta goes ahead with its plans to offer encryption services on Instagram and Facebook.

Meta is responsible for the majority of suspicious activity referrals from technology companies to the US National Center for Missing and Exploited Children (NMEC).

Content from Facebook and Instagram has helped British police protect 1,200 children and arrest 800 suspects every month.

Europe’s police chiefs also warn that end-to-end encryption will not only make it difficult for tech companies to see what’s being sent on their own networks, but will also hinder law enforcement’s ability to lawfully access data from tech companies to investigate serious crimes. .

A statement endorsed by 32 European police forces in London and published on April 21 said police do not accept that there should be a binary choice between cyber security and privacy and public safety.

“Our vision is that technical solutions exist; they simply require flexibility from both industry and governments. We recognize that the solutions for each capability will be different, and will also vary between platforms,” the company said.

“We therefore call on the technology industry to build in security by design, to ensure they retain the ability to identify and report both harmful and illegal activities, such as child sexual exploitation, and to lawfully and exceptionally to act on the basis of a lawful authority.” said.

Catherine de Bolle, Executive Director of Europol, said: “Our homes are becoming more dangerous than our streets as crime moves online. To keep our society and people safe, we must secure this digital environment.”

“Tech companies have a social responsibility to develop a safer environment in which law enforcement and justice can do their work. “If police lose the ability to collect evidence, our society will not be able to protect people from becoming victims of crime,” she added.

The statement followed an informal meeting of European police chiefs organized by the National Crime Agency on April 18. It was ratified by Britain, 27 EU member states, Norway, Switzerland, Iceland and Liechtenstein.