- The article is a lot more nuanced than the title or what most folks are discussing in comments. France has politicians voting in both directions and thus far the "keep encryption and enshrine it in law" side is ahead slightly.
> Senator Olivier Cadic, of the Centrist Union, secured an amendment to a separate bill on critical infrastructure resilience and cybersecurity that would do the opposite, writing encryption protection into French law and prohibiting any obligation on messaging services to install backdoors. The Senate adopted it in March 2025.
by heinrich5991
4 subcomments
- This article incorrectly implies that Telegram is end-to-end encrypted, by putting it in the same line as WhatsApp and Signal.
Telegram doesn't even try to be end-to-end-encrypted by default. WhatsApp claims to be end-to-end-encrypted, but it's not open-source, Signal is end-to-end-encrypted.
by hilbert42
10 subcomments
- Seems to me we're going to have to let the anti-encryption mob have their way until things go wrong—bigtime. No amount of expert advice will convince them until they witness firsthand the negative consequences of weakening encryption.
It's only afterwards and as a consequence some highly
newsworthy disasters occur such as a child abduction or political sex scandal involving a high profile politician come to light that the lay public will get the message that weak encryption is effectively no encryption.
In the meantime criminals will be early adopters of more sophisticated messaging such as steganography.
by alkindiffie
9 subcomments
- So in France you will not be able to send your friend gibberish text that only you and your friend understand. Will they also ban the ability to make new languages that only you and your friends understand. Will they also ban whispering?
by pessimizer
1 subcomments
- > Mass surveillance, of course, isn’t what the delegation is proposing. The fear isn’t that a French investigator will read every WhatsApp message.
French investigators won't care about every WhatsApp message. But they definitely will slurp them all up, process them all with AI, and read them whenever they have an interest. And they will deny they are doing this as they do this.
- I have talked about it with a high-ranking french policeman. That person is mostly active in fighting sex-crimes on children, which is the angle I will mostly be referring to. From what I understood, it is very clear to them that even if these laws comes to pass, a good amount of criminal activities will move to other safer options. However, the general criminal is not technically competent. Currently, with WhatsApp providing end-to-end by default, access to pedophilic content is extremely simple. By suppressing these simple means of end to end encryption, the goal is to reduce the amount of people accessing these networks due to a higher entry bar.
What's of course concerning is that it renders anyone using encryption suspect, which includes pedophiles and narcotrafficants, but also activists and co.
Also, if we're only targetting pedophile networks, one option that comes to mind to me is the following : Most of those images are known and have been circulating for a while. By hashing any sent images and comparing them to the checksum of known ones, one could easily flag suspicions senders and proceed to access the phones of those users. Does that seem feasible to you or am I missing something?
- I'm starting to think we need to make encryption a protected class, so that we can label speaking against it as hate speech.
Let's start putting some of these politicians in jail for being stupid.
by uriahlight
2 subcomments
- "The excessive increase of anything often causes a reaction in the opposite direction; and this is the case with freedom, which in a democracy often descends into anarchy... The excessive liberty of the individual in a democracy eventually leads to a desire for authoritarian rule, and out of that desire, the tyrant arises." - Plato's Republic
by skiing_crawling
2 subcomments
- How will they know what's encrypted? Maybe I just like sending random sequences of bytes across the wire
- One of many simultaneous attempts all around the world:
https://community.qbix.com/t/the-global-war-on-end-to-end-en...
And by the way, this article mentions other things already in place, such as being able to commandeer your device and spy on it without breaking encryption:
https://community.qbix.com/t/increasing-state-of-surveillanc...
by ZetsuBouKyo
0 subcomment
- I remember a joke where a guy sent a joke to another via private message, and Xi Jinping laughed. It seems the government's mindset is the same everywhere.
- Lets pretend this happens, I am curious how it would work.
So a person in Canada messages someone in France who's WhatsApp is not encrypted. But the message from Canada is encrypted. Will the person in Canada's message have to be sent unencrypted ? Or will WhatsApp Canada need to allow France to break Canada's encryption ?
Personally I think it would be easier for these apps to ban people in France from using their service.
- I still don't understand the note that the companies can't decrypt the messages with e2e encryption. Isn't it as simple as a software update that says:
"If user = foo, then send the on device keys elsewhere"?
Or if those keys are part of a TPM, then a software update that just asks it to send in the decrypted messages?
Can judges not order this now, but can order decryption if the keys are stored centrally?
by sublimefire
0 subcomment
- Some people do not take no for an answer. This is bordering on absurd.
But on the other side what I miss is some explanation if forensic analysis helps here? Presumably the messages stay on a phone and you can recover them. If that is the case then it should be enough to fight the crime, i.e if you get a warrant to access the device then you can access messages, which I believe many would agree is fine.
by budududuroiu
2 subcomments
- I'll repeat this over and over:
Most EU politicians are aware of needing to lead from positions of deep unpopularity for the next 10-20 years, they're just setting the stage to have the tools to suppress dissent at their disposal. After encryption, my bet is on reduced rights to protest (see UK wanting to ban protests that repeatedly "cause disruption").
- Let’s start with the smartphones of politicians.
by wewewedxfgdf
0 subcomment
- But not for French politicians and military, am I right?
Encryption for me not for thee?
- Hello, I am French and, with many others, fighting this. It is still a fight - no law is enacted yet - and it is not the first time we have to fight this.
To state how utterly ridiculous these politicians are, ANSSI itself - the national cybersecurity agency- published a paper in 2016 clearly explaining why backdooring encryption in messaging apps is both dangerous and useless (https://www.developpez.com/actu/102152/France-l-ANSSI-se-dit...)
This position has been clearly restated in 2025 by Guillaume Poupard, a former highly acclaimed ANSSI boss and a cryptographer.
- The nazi drop more and more the mask. Yet most still not wake up...
BTW France already have
- https://gizmodo.com/france-bill-allows-police-access-phones-...
- https://www.medias-presse.info/une-nouvelle-loi-de-programma... can't find one in English
Plus
- https://fr.wikipedia.org/wiki/Loi_renfor%C3%A7ant_la_s%C3%A9...
- https://fr.wikipedia.org/wiki/Projet_de_loi_visant_%C3%A0_s%...
- https://fr.wikipedia.org/wiki/Loi_tendant_%C3%A0_renforcer_l...
Essentially China is already here.
- I wonder if they remove encryption how can they ensure who are the authors.
Will they still apply all the certificates?
by iamnothere
1 subcomments
- Time to teach all your friends how to use a one-time pad. Could be a fun hobby for those with the right inclination.
- The big problem here is that Veracrypt development is done there if I'm not mistaken. Probably time to get back to trusted old TrueCrypt.
- A public ballot should be held for this.
Governments act as kings.
- With the first link, the chain is forged.
We're into way many links already.
Isn't this the country that beheaded their rulers?
- Chat Control refuses to die.
- I find it fascinating that a country with citizens that are typically willing to protest in the streets at the drop of a hat don't seem to care. Is it that they aren't technically literate?
by idiotsecant
0 subcomment
- The world needs frontiers or stuff like this is the natural state.
by sMarsIntruder
0 subcomment
- Liberté, Égalité, Fraternité.. et Surveillance-té
- > The “ghost participant” approach, sometimes called a ghost user proposal, was floated by GCHQ in 2018 and rejected by every major privacy organization, civil liberties group, and security researcher who looked at it. The idea is that the platform silently adds a third recipient, an invisible intelligence agent, to a supposedly two-person conversation. Users never see them. / The encryption technically still works, except that one of the parties is the state.
It's an innovative idea. What defenses against this attack are in WhatsApp, Signal, etc. right now?
(In any situation, attackers can attack endpoints: If they can see what the user sees, apps and encryption don't matter. They could attack remotely, or in the case of higher-interest targets, physically.)
First, does the service mediate the group chat? If the messaging is peer-to-peer [0] with no server mediating, then someone would of course need to attack a peer as described above. I know Signal supposedly has no metadata, including chat participants; I don't know what mediation they do.
If the service does mediate the chat somehow, then an attacker could theoretically add themselves to the group. Hiding - the 'ghost' part - from the rest of the group seems trickier, but maybe that's also possible server-side.
[0] 5 users doing a mesh of multicast peer-to-peer video sounds like a utilization and quality nightmare.
by TacticalCoder
0 subcomment
- To make the link with another very successful article on HN today: who is Franced rule by yet? By cyber-libertarians right?
by 31337Logic
1 subcomments
- [flagged]
- [flagged]
Hacker News