Protecting a Free and Secure Internet: World Press Freedom Day
May 03, 2023 / Alex Linton
Journalists risk their lives to bring us the truth.
Secure communication tools like Session are key to minimising that risk, and protecting the people who dedicate their lives to speaking truth to power. Despite this, and the many other essential use cases for encrypted messaging, governments around the world have become increasingly aggressive in their efforts to undermine secure online communication.
This World Press Freedom Day, and every other day, Session stands with journalists and with our many friends and allies in the on-going fight to protect encryption.
On World Press Freedom Day, we, the undersigned organizations and companies – a global network of over 40 organisations – have united to defend the right to privacy. We are writing this open letter to urgently appeal to governments to publicly pledge your support to protect encryption and ensure a free and open Internet.
Encryption is a critical tool for user privacy, data security, safety online, press freedom, self determination, and free expression. Without encryption, users’ data and communications can be accessed by law enforcement and malicious actors. Government attacks on encrypted services threaten privacy and put users at risk. This might seem like a distant problem primarily faced in authoritarian countries but the threat is just as real and knocking at the doors of democratic nations.
Many in the EU, the USA, UK, Canada and Australia would like to force encrypted services to backdoor their encryption or otherwise block access to encrypted tools and services such as Tor, Signal, or Tutanota. Encrypted services are at the forefront of the battle for online privacy, freedom of the press, freedom of opinion, and expression. Many journalists, whistleblowers, and activists depend on secure, encrypted solutions to protect their data as well as their identity. Access to these tools can be literally life or death for those who rely on them.
Today, on World Press Freedom Day, we urge democratic leaders not to follow the path of authoritarian governments like Russia and Iran, who actively limit their citizens’ access to encrypted services. Protect encryption and uphold the human right to privacy. This is key to ensuring safety online, free and secure identity development, self-determination, free expression, freedom of the press, and other rights that are at the core of democracy.
Attacks on Encryption Are Attacks on Right to Privacy
End-to-end encryption makes it impossible for messaging apps such as WhatsApp and Signal to share users’ messages with anyone, including law enforcement, politicians, government officials, hackers. It also stops the companies themselves from using user data for ads, marketing, and more profit-grabbing schemes. The value of this technology in defending privacy cannot be overstated, but is also seen as a threat to law enforcement who argue that the ability to freely access individuals’ communications is critical for criminal investigations. This messaging has spurred worrying initiatives such as the Online Safety Bill in the UK, the Lawful Access to Encrypted Data Act and EARN IT Act in the USA, India’s Directions 20(3)/2022 – CERT-In, Bill C26 in Canada, the Surveillance Legislation Amendment Act in Australia as well as the proposed rules to prevent and combat child sexual abuse in the EU. These laws aim to take away the right to privacy online by forcing encrypted services to weaken the security of their users and give law enforcement access to user information upon request. Should these laws pass, there are only two options:
Encrypted services weaken their level of security to comply with legislative guidelines
Governments block access to non-compliant encrypted services – putting these governments on the same level as autocratic systems like Russia and Iran.
Services such as Signal, Tutanota, and Threema have already announced that they will not weaken their encryption to comply with such stipulations, likely forcing countries like the UK to block access to these services instead. In India, many trusted VPN services already left due to the chilling effect of its new cybersecurity order CERT-In which forces VPN providers to maintain logs on users, thereby undermining their purpose and subjecting users to surveillance instead of circumventing it.
The ban on encrypted services is not surprising from authoritarian regimes. We worry that democratic governments like the UK, the US, the European Union, India, and Australia are moving in the same direction.
Free and Open Internet
Everyone deserves a free and open internet. The internet must remain inclusive, free, and fair by providing everyone with unfettered access to online services, including encrypted services. This enables users to exercise their right to privacy, their right to engage in private discourse, and their right to hold those in power accountable by shedding light on human rights abuses, corruption, misinformation, and environmental destruction – something that is vital to the democratic process of forming public opinion.
For this exact reason, access to encrypted services is blocked in authoritarian regimes like Russia and Iran – a precedent that must not be followed by democratic countries.
Taking away the right to privacy online limits the ability to exercise fundamental human rights such as freedom of expression and opinion, press freedom, and freedom of speech.
As organizations that believe in the power of the right to privacy as an enabler of free speech and freedom of the press, we call on all governments to:
Ensure that encryption is not being undermined via overreaching legislative initiatives.
Ensure that technologies providing secure, encrypted services are not being blocked or throttled.
Revisit any bills, laws, and policies that legitimise undermining encryption or blocking access to services offering encrypted communication, particularly the Surveillance Legislation Amendment Act in Australia, the EARN IT Act in the US, the Online Safety Bill in the UK, Bill C26 in Canada, India’s Directions 20(3)/2022 – CERT-In and the proposed version of the rules to prevent and combat child sexual abuse in the EU.
The undersigned civil society organisations and companies worldwide appreciate your swift attention to these recommendations and pledge our support in assisting your efforts to deter future attacks on confidential communication.
18 Million Rising Advocacy for Principled Action in Government Alliance for Encryption in Latin America and the Caribbean – AC-LAC Betapersei SC Big Brother Watch Blacknight Center for Democracy & Technology Center for Human Rights and Privacy comun.al, Digital Resilience Lab (Mexico) Community And Family Aid Foundation-Ghana Defending Rights & Dissent E-Governance and Internet Governance Foundation for Africa (EGIGFA)EGIGFA ESOP – Associação de Empresas de Software Open Source Portuguesas Fight for the Future Global Partners Digital Guardian Project Internet Society Internet Society Catalan Chapter (ISOC-CAT) Interpeer gUG ISOC Brazil – Brazilian Chapter of the Internet Society mailbox.org mail.de GmbH Media Alliance Media Rights Agenda Mozilla Mullvad VPN AB Myntex Inc Mysterium Network NetTek Ltd Nextcloud GmbH Oakland Privacy OpenMedia Organization for Identity & Cultural Development (OICD.net) Oxen Privacy Tech Foundation (OPTF) Proton AG Privacy & Access Council of Canada Restore The Fourth Secure Justice Standard Notes S.T.O.P. – Surveillance Technology Oversight Project Superbloom (previously Simply Secure) The Document Foundation (TDF) / LibreOffice The Tor Project Threema Tutanota West Africa ICT Action Network Youth Observatory
Session Beta: Your all access pass.
April 19, 2023 / Wesley Sukh
Encrypted messaging apps urge for changes to the UK Online Safety Bill
April 17, 2023 / Alex Linton
Why Session is the Perfect Replacement for Wickr
January 24, 2023 / Alex Linton
Session Release Roundup #16: Trio of Changes
October 18, 2022 / Kee Jefferys
Update: Important Changes to Session
October 05, 2022 / Alex Linton
Upgrading open groups: Bringing back DMs from open groups
September 12, 2022 / Kee Jefferys