• Business

    ‘The stakes could not be higher’ – VPN providers oppose EU plans to weaken encryption

    AnyFans Posted on

    'The stakes could not be higher' - VPN providers oppose EU plans to weaken encryption

    A collection of VPN providers has issued a stark warning over the dangers of weakening European encryption laws.
    The VPN Trust Initiative (VTI), which includes some of the best VPN providers, has issued a statement and paper opposing the so-called “chat control” law being proposed by European Union (EU) member states.
    The latest iteration of the Child Sexual Abuse Regulation bill is being championed by Denmark and aims to combat the spread of child sexual abuse material and its associated crimes.
    Despite its good intentions, if passed, the bill would involve the scanning of encrypted messages and communications.
    This would affect many services that offer end-to-end encryption, including encrypted mail providers like Proton Mail, and the best encrypted messaging apps like Signal and WhatsApp.
    The VTI has argued this law would leave EU citizens “vulnerable” and weakening encryption would “endanger us all.”
    As of September 12, 2025, 10 EU member states opposed the bill, 14 supported it, and three were undecided.
    Despite not achieving full support, the bill hasn’t been defeated, and another meeting is scheduled for October 14.
    “Weakening encryption doesn’t make us safer”
    In a detailed paper discussing the bill, the VTI says “all VTI members are unequivocally opposed to online criminal activity, and support effective measures to reduce online harms.”
    It keeps on saying, however, that there needs to be a “balance between crime-fighting and user safety,” adding that “weakening encryption harms the very security it seeks to protect.”
    The VTI argued that everyone’s encryption security and privacy shouldn’t be sacrificed in order to catch a small minority. It urged “policymakers to avoid measures that erode encryption and put user safety at risk.”
    “With the EU’s Member States set to vote on Chat Control, the stakes could not be higher,” said Emilija BeržanskaitÄ—, Co-Chair of the VTI. “Weakening encryption doesn’t make us safer, it makes every citizen, every business, and every government more vulnerable.”
    To add to the controversy, it has been suggested that accounts from EU politicians, government, and military officials will be exempt from the laws, with “professional secrecy rules” cited.
    The VTI’s criticisms
    Security Risks
    The VTI says the law would give authorities the power to scan private communications, including those that utilise end-to-end encryption.
    A form of “targeted” access is being proposed, where only certain information (shared URLs, pictures, and videos) is scanned before getting encrypted. However, the VTI doesn’t see this as a solution, arguing that you either provide full encryption for everyone or no one.
    It says “there is no way to create a selective weakness” that selected individuals can exploit. Inevitably, any weakness could also be exploited by hackers.
    The VTI also argues that weakening encryption directly contradicts the EU’s roadmap to post-quantum cryptography. Post-quantum encryption is the new industry standard, and a handful of VPNs have already adopted it. The VTI says you “cannot have opposing initiatives.”
    The following recommendations were proposed by the VTI:
    Reject any legislation that weakens encryption, mandates encryption backdoors, or imposes technical requirements
    Preserve strong encryption standards without exception for companies dealing with user data
    Strengthen targeted and proportionate investigative capabilities that do not require weakening encryption
    Privacy Risks
    Encryption can be a lifeline for journalists, activists, and those living under internet censorship. It protects individuals and enables safe and secure access to communication. The VTI calls encryption “a non-negotiable safeguard for the rights to privacy and freedom of expression.”
    The group warns that, if encryption is weakened, personal data is at risk. Hackers can steal or misuse data. The VTI says encryption protects everyone, “not just those with something to hide.”
    The VTI called on privacy to be preserved by “design and default.”
    Practical Realities
    The VTI believes encryption “is not the root cause of online crime.” It argues the “real drivers” are not being addressed and “breaking encryption only exposes vast majorities of law-abiding users.”
    Once encryption is broken, the VTI says there’s “no way back” and small exceptions are in danger of becoming “broader mandates” – which will erode original safeguards.
    Concerns are also raised about a “global domino effect” and the potential of other regimes using this legislation “to justify intrusive surveillance.”
    The VTI recommends:
    Law enforcement are provided more resources
    Public-private collaboration is fostered to achieve online safety that doesn’t compromise security
    What happens next?
    The bill didn’t get full member support at last week’s meeting. It has been reported that Germany’s lack of support for the legislation was a key factor in this outcome. However, Denmark is pushing ahead with the bill.
    The Danish Minister of Justice, Peter Hummelgaard, has been quoted as saying, “We need to break with the completely erroneous perception that it is everyone’s civil liberty to communicate via encrypted messaging services.”
    The next meeting is due to take place on October 14, and we could see some changes in the position of member states between now and then.
    Following this meeting, the legislation would have to pass through the EU Parliament for the final trilogue negotiations with the European Council and Commission before becoming law.
    The failure to achieve full support has been seen as a victory by privacy advocates. But many are expecting further attempts to weaken encryption and this will continue to be opposed.

    You Might Also Like