Do you remember the days when we used courier pigeons? Whilst there probably were a few instances of a bird being intercepted, it was generally a pretty safe way of sending messages. Then along came the Postal Service and it could
be readily assumed that the majority of our mail arrived at its destination without having been opened and read by somebody else.
With the advent of email and secure messaging, governments and law enforcement suddenly feel threatened that we have the ability to communicate in private.
In the beginning, those people with a little bit of tech knowledge could use PGP and GPG but now with services like ProtonMail, mailbox.org and TutaNota, it is a lot easier to have private and secure communications.
The Hannover based company TutaNota is a pioneer when it comes to easy, encrypted communication. Launched in 2011, the company advertise themselves as the world's most secure email service. More than six million customers are using the built-in encryption service on a daily basis. Emails can only be read by the sender and recipient. Even TutaNota is unable to read them!
In October 2018 however, TutaNota got a letter (not an encrypted email) from Itzehoe, which is a town in Schleswig Holstein, Germany. The District Court requested that the co-founder and developer of TutaNota, Matthias Pfau, submit all emails to the local police in real time and in unencrypted format!
This was triggered by hackers in the Itzehoe area who had used TutaNota for ransomware. Therefore TutaNota should submit all emails in real time to the police!
TutaNota and Mr Pfau explained that their organisation was not able to unencrypt the messages due to the fact that the product was programmed that way.
The District Court of Itzehoe did not accept that response and five months after the first letter, the Court ordered the surrender of those TutaNota emails which were not end-to-end encrypted. The email service would be responsible under the law and needed to give access to those emails. They also hit TutaNota a 1000 Euro fine.
So now it appears that any unencrypted emails to and from TutaNota and a 3rd party email service, must be handed over if they are the subject of a court order.
The Telekommunikationsgesetz (TKG), which the court used in arguments, is an outdated piece of communications legislation. It was written way before smart phones or encrypted communications existed and is no longer fit for purpose.
Germany had a great opportunity to become one of the "go-to" countries in terms of how it handled your privacy. But the actions of the District Court of Itzehoe have put the brakes on that idea.
This is by no means a unique situation. Law enforcement around the world are in conflict with encrypted messaging and email services due to the simple fact that they cannot read these communications. There is a huge rift between encryption advocates and those who are strongly against it. Law enforcement want a backdoor so they can have access to suspected criminal activities. But where will it end? Not content with monitoring criminals, maybe they will soon be snooping on us all?
Moreover, such a weak spot would also create a perfect backdoor for those same criminals, putting at risk the confidential conversations and data of private individuals and companies alike.
The encryption fight is on.......