back to article French parliament votes to jail tech execs who refuse to decrypt data

The French parliament has voted in favor of punishing companies that refuse to decrypt data for government investigators – by threatening businesses with big fines and possible jail terms for staff. This comes amid the FBI's high-profile battle with Apple in the US to unlock a dead killer's encrypted iPhone. French deputies …

  1. Destroy All Monsters Silver badge
    Big Brother

    So much for "MUH WEST COAST LAW!!"

    Yep

    Encryption is on the way out ... thanks to ISIS ... a 50% CIA / 50% Saudi Arabia construction.

    1. Moonunit

      Re: So much for "MUH WEST COAST LAW!!"

      Intentionally misquoting and paraphrasing Mark Twain ... "Reports of the impending death of encryption are greatly exaggerated”.

      Sure the environment is changing ... but it ain't about to be dead anytime soon ...

  2. hellwig

    Well now...

    "(or the nation that was key to the creation of America, depending on your viewpoint)"

    I've always contended is was Luis XVI who helped America overthrow the British. And what did the French citizens do? Executed him. Seems to me France gave up their right to that claim.

    Anyway, how would this relate to the Apple/FBI debacle? Apple cannot decrypt the data, so technically they aren't withholding information. I'd be interested to know if the situation covered by the proposed French law isn't already covered by other local jurisdictions. Honestly, if Apple could decrypt the data, I imagine their (Apple's) current arguments would be far less persuasive on every level.

  3. Anonymous Coward
    Anonymous Coward

    SIEG HEIL, Monsieur Hollande

    Liberte, Egalite, Fraternite.....what's wrong, no more Greenpeace ships for you to sink, you stinky french letter?

    1. Doctor Syntax Silver badge

      Re: SIEG HEIL, Monsieur Hollande

      From the article: "The new penalties...are opposed by the French government,"

      1. Dan 55 Silver badge
        Big Brother

        Re: SIEG HEIL, Monsieur Hollande

        Not that much opposed by them, they did pass the temporary emergency powers after the attack which were only going to last three months, honestly, into law after all.

        1. Anonymous Coward
          Anonymous Coward

          Re: SIEG HEIL, Monsieur Hollande

          Since we are all chatting about French emergency powers, here is a new one:

          For years, I have been paying my water bill at the post office with cash using the little ticket sent by the water company. Money goes directly into their postal account for a small fee (2 or 3 euros). For some time they have been asking you to show ID at the counter, just in case you are some kind of terrier bill payer.

          As of February you can't do that. But the post office was extremely helpful. Now you can simply fill out a new form which you must sign (and add your birth date to). You must then pay the post office 13 euros for the service of depositing money into the water company's postal account.

          I would love to understand how this new procedure is making us all safer. When I asked the post lady why, she said the previous system required too much administration.

          Emergency police powers look more like a license to print money and/or single out people with cash flow problems, at least in this once freedom loving country.

          Don't expect the FBI to stop with Apple, it is just the beginning of a new war on terr-- oops citizens ... wait which is it again? I'm confused.

          1. Anonymous Coward
            Anonymous Coward

            Re: SIEG HEIL, Monsieur Hollande

            You must then pay the post office 13 euros for the service of depositing money into the water company's postal account.

            I would love to understand how this new procedure is making us all safer.

            I doubt if that has anything to do with security laws. More likely it's a side effect of La Poste being privatized, so they can't be used as the state tax collectors any more, and expect to get paid for doing bill collection and processing.

    2. Pascal Monett Silver badge

      That stuffed clown is on his way out, thank goodness.

      What will be interesting will be what right-wing character will take his place. And, given my governments' history on encryption, there is no guarantee that such a shameful bill will not be enacted to some degree.

      We shall see.

      I am relieved to see that my government is opposed to this - currently.

    3. Voland's right hand Silver badge

      Re: SIEG HEIL, Monsieur Hollande

      SIG HEIL, Madame Le Pen - more likely. SIG HEIL, Monsieur Sarkozy - definitely. Hollande - not so much.

      Monsieur Hollande happens to oppose this idiotic madness which originated on the far right somewhere in between the frankonazi and nazifranko part of the tabloid feeding populists. Same as in every other country - it is the same type of politico proposing it and the same type of politico driving it

      They usually also think about children. A lot (with or without "the" in that sentence).

  4. inmypjs Silver badge

    Seems like good news?

    Won't companies now be ensuring they have proper encryption and private key management schemes which mean they can't possibly decrypt private customer data and so avoid any need to refuse?

    1. Anonymous Coward
      Anonymous Coward

      Re: Seems like good news?

      On the contrary, it means that they must add backdoors or they won't be able to comply with govt. demands and will be jailed. Isn't that the point of the legislation, really?

    2. Destroy All Monsters Silver badge

      Re: Seems like good news?

      proper encryption and private key management schemes which mean they can't possibly decrypt

      I don't think you understand how encryption works.

      If there is a "private key management scheme" at the company, there is a slight problem...

    3. Velv
      Boffin

      Re: Seems like good news?

      And just how does anyone PROVE they cannot decrypt or otherwise access the device and data?

      You cannot prove it is impossible, you can only prove it is possible. So this law would be fundamentally flawed

      1. BebopWeBop

        Re: Seems like good news?

        That has never stopped British courts in the past.

        1. Anonymous Noel Coward
          Black Helicopters

          Re: Seems like good news?

          @BebopWeBop:

          Yeah, but the British Justice system has this hard-on for abusing power. Either that or they have a quota of how many people they need to jail during the year.

  5. Anonymous Coward
    Anonymous Coward

    Yup, that'll be France.

    ISIS' biggest challenge is that their targets use encryption.

    Trust the surrender monkeys to fix that one.

    1. Will Godfrey Silver badge
      Unhappy

      Re: Yup, that'll be France.

      From here it looks like the surrender monkeys are in the UK - or am I imagining all the creepy surveillance extensions being rushed through.

      1. GrumpyOldBloke

        Re: Yup, that'll be France.

        No, the surrender monkeys are in Australia. I see your creepy surveillance law and raise you bans on branches of mathematics and a whole bunch of civilian technologies that now need government licence in order to do R&D on. The onus of proof is also reversed away from the government.

        Defence Trade Controls Act: Under the Act, publication, discussion or communication of research without a Defence permit is punishable by 10 years jail, a $425,000 fine and forfeiture of your research to the government. This includes scientists, academics, librarians, engineers, high tech workers and companies who have never had a prior relationship with the Department of Defence.

        The Act doesn’t just apply to military technology, but also so called “dual use” civilian technology, including physics, computers, electronics, communications, manufacturing, medicine and biotechnology.

        1. Dan 55 Silver badge

          Re: Yup, that'll be France.

          It's like a race to the bottom... of intelligence.

      2. Anonymous Coward
        Anonymous Coward

        Je t'aime

        ... moi non plus.

        1. Anonymous Coward
          Anonymous Coward

          Re: Je t'aime

          I guess Tim Cook won't be holidaying on the Cote d'Azur this summer then. I can't say I blame him, the beaches are ghastly, and overrun with men crewcut wearing sunglasses and leather jackets. Wifi reception is atrocious and with all those horrid mobile listening posts running about there's almost no parking anywhere.

  6. Anonymous Coward
    Anonymous Coward

    Cheese eating decryption monkeys.

  7. Cardinal

    Sacre Bleu !!!

    If they believe there really is a possibility of French execs being jailed, wouldn't it just incentivise some of them to consider moving their businesses (and jobs) into the French speaking areas of next-door countries such as Belgium, Luxembourg or Switzerland?

    The government might end up shooting some of its own toes off if it draws that gun out of its holster.

  8. Anonymous Coward
    Facepalm

    And early nominees for the 2016 "Definition of irony" award include:

    The moment when French tech entrepreneurs feel compelled to move to ISIS-controlled Syria, so that they can develop encrypted products and services in peace.

  9. JeffyPoooh
    Pint

    "...C-level executive..."

    "Nothing concentrates the mind so much as the thought of a C-level executive spending time in the slammer."

    Mid-level executives have a miserable working life anyway; high stress, etc. And with their 95-hour work week, long commute and a pending cranky divorce, the other one hour free time per day isn't much fun either.

    They might enjoy 'two years less a day' peace and quiet, catching up on their reading.

    If their company continues to pay them, flippin' perfect.

    1. phuzz Silver badge
      Joke

      Re: "...C-level executive..."

      Tell them that it's a "Digital Isolation Retreat" with an "exclusive guest list", "bespoke catering arrangements" and "security vetted staff" and they'll probably pay to go there.

  10. Mark 85 Silver badge

    I guess the French are leading the way here.....

    And much to the glee of the US, UK, et al as they will soon all follow suit and point out that the French did it first and it's a good thing.....

  11. a_yank_lurker Silver badge

    Feral Envy

    "Meanwhile, the FBI must be looking at the land of the cheese-eating surrender monkeys (or the nation that was key to the creation of America, depending on your viewpoint) with envy." - The US elites have long been enamored with aping the cheese-eating surrender monkeys so the ferals will be using the surrender monkeys antics as justification for their own stupidity.

  12. Anonymous Coward
    Anonymous Coward

    Irrelevant to Apple, even if they pass it

    Apple is fixing the method by which the FBI is trying to get them to hack their phone. By the end of the year 80% of all iOS devices will be running iOS 10 and be immune to this.

    They can have laws all they want, but if what they are asking for is IMPOSSIBLE then they can hardly fine Apple or throw Tim Cook in jail. Might as well fine Ben and Jerry's for not making zero calorie ice cream and Mercedes Benz for not delivering the flying cars sci fi authors promised us.

    1. Moonunit

      Re: Irrelevant to Apple, even if they pass it

      I'm with you, Doug. The only fly in the ointment is that lawmakers seldom hesitate to attempt to legislate their way directly through the impossible ...

    2. noj

      Re: Irrelevant to Apple, even if they pass it

      "Apple is fixing the method by which the FBI is trying to get them to hack their phone. By the end of the year 80% of all iOS devices will be running iOS 10 and be immune to this."

      Question: Where did you get this? I'd like to read the article.

      Thanks...

    3. Velv
      Boffin

      Re: Irrelevant to Apple, even if they pass it

      And you're an expert on the Apple hardware?

      You know the specification of the diagnostic connections and you know that a firmware update will be sufficient to lock out the diagnostic access?

      It is entirely possible that there is NO software fix, and the a hardware change may be required to block a hardware based attack to load a new firmware.

      Given iPhone development cycles it's possible a hardware fix would be rolled out until the iPhone 8, since the iPhone 7 will be too far down the road to change it now.

    4. Anonymous Coward
      Anonymous Coward

      Re: Irrelevant to Apple, even if they pass it

      How will updating software move the functionality of the older iphones from software into hardware, which is where the problem is. If it was possible to 'fix' this in software, then it would be possible to unfix this so back to the original request, remove the delays and lockout count. If they were able to change the key storage to incorporate these features and permanently keep the change by blowing some fuses, so as to not allow any changes to the code, I think it would have been done already.

      Or are you suggesting that by the end of the year 80% of all iphones in use will be the iphone 6 which is supposed to have this in hardware?

      1. Anonymous Coward
        Anonymous Coward

        Re: Irrelevant to Apple, even if they pass it

        The 'backdoor' the FBI wishes to create relies on the phone being able to accept a software update from DFU mode without any password or other authentication being provided. Apple said they were already working on software changes that will close that "hole" (it isn't really a hole since it was deliberate in the design as a convenience for users to recover from botched updates, but now that the FBI has made it a problem, that needs to be changed) Assuming the software change is delivered no later than with iOS 10, and probably sooner, 80% of iOS devices (or thereabouts) will therefore be immune to the FBI strategy by the end of the year.

        Obviously, being software, it could be undone with a future software change - but that would take things one HUGE step further. Instead of the court ordering Apple to create and apply a special software update to one phone (at a time) the government would have to pass a law requiring Apple to change its software to open that hole back up and apply it to ALL phones. That's a much bigger step, and considering that public opinion is 50/50 at best for opening up one terrorist iPhone there's no way such a law could ever be passed to open up a hole on EVERY iPhone.

        I'm sure the iPhone 7 was already going to include improved hardware enforcement of security policies currently controlled by software, and that will continue in the future. Security is a process, and as new things are learned (like "the government might to try force us to create custom software to hack our own security measures") those lessons are applied to future software and hardware designs. Until the FBI asked for this court order, Apple had never considered the need for defending against being forced to create custom software loads. Now that they are aware of this new threat, they are working on software and eventually hardware solutions to eliminate not just this threat but any similar threat where they are compelled by outside agencies to use their unique access to iOS to compromise an iPhone. If they make such action impossible, they can honestly say what is being asked for is beyond their power.

        If nothing else, further improved security/privacy may be a reason to upgrade your iPhone, so maybe the FBI will help Apple make a little more money in the long run. That would be rather ironic given that the FBI deliberately chose to file this case publicly instead of under seal like Apple requested, likely hoping the threat of negative publicity from what the FBI assumed would be a slam dunk PR win would force Apple to go along and set the precedent they are looking for.

    5. Voland's right hand Silver badge

      Re: Irrelevant to Apple, even if they pass it

      but if what they are asking for is IMPOSSIBLE then they can hardly fine Apple or throw Tim Cook in jai

      Au contraire, mon ami. He will be spending time in the slammer because he deliberately made it impossible. Double time too - half under encryption laws, half under "obstructing the course of justice" laws. Do not forget that France has a good form in the latter - it is the only country in the world which applies the "obstructing the course of justice" statute to GPS vendors and other sources which publish list of fixed speed camera locations. Successfully too.

      1. Anonymous Coward
        Anonymous Coward

        Re: Irrelevant to Apple, even if they pass it

        If France wanted to take things that far then Apple could close their operations in that country by closing the Apple Stores there and refusing to sell iPhones to residents. Would cost them much less losing the French as customers then compromising security due to France's stupid laws.

  13. Christoph

    The tech companies have always made it clear that they will cooperate with law enforcement demands for access, on condition that:

    1> It is a proper legal demand with all required signed warrants, not a random fishing expedition.

    2> It is possible for them to do - to break the encryption on that one message.

    3> It does not open the door to decryption of everybody else's messages without proper judicial oversight.

    If the French are not satisfied with that then it directly implies that they are intending to break at least one of those conditions. Would they like to publicly declare which one?

    1. LaeMing
      Facepalm

      It's number 2, I'm thinking.

  14. Luke Worm

    History

    Use of encryption, such as PGP, was completely forbidden in France until 1996. Only in 2004 did use of encryption become totally allowed.

    1. Anonymous Coward
      Anonymous Coward

      Re: History

      Despite French engineers playing a key part in developing packet switching networks, products implementing standard protocols like X.25 used to be considered "munitions" by the French government, and were subject to arms control laws for export. Expecting logic from the French is pointless.

  15. Steve Davies 3 Silver badge

    Les Frogs have a bit of thing about encryption

    It used to be that the ONLY legal users of Encryption were the Banks. Anyone else was barred.

    I spend some time working in France. We developed an encryption add on to one of our networking products. We could sell it to Russia (not that we did I might add) but not to French companies other than the Banks and the French Government.

  16. Anonymous Coward
    Anonymous Coward

    I think they ought to implement that law

    After all, we need a case study of the consequences of weak or absent encryption before lawmakers get the point. If the French want to be the willing victims I think we should let them, because it will pretty much switch off the country for banking and trade and prove the point.

    At least that won't damage anything *important* ..

  17. Number6

    Give them what they want

    So now we need all tech companies to produce encryption-free phones for the French market and put in precautions to make it hard for French citizens to buy encrypted products, while explaining that it's being done in response to a law that makes it useless to have encryption in the first place[*]. Then let the French people decide whether they want encryption or the politicians.

    [*] Bending the truth here a bit, I know.

    1. Anonymous Coward
      Anonymous Coward

      Re: Give them what they want

      I rather love the irony of France turning into a USA from around the Clipper chip era :).

  18. MacroRodent Silver badge

    France does not like encryption

    The proposed law is in character. Back when the GSM was new, its encryption feature was enabled everywhere in Europe - except France!

  19. Oengus
    Joke

    I see a new C-job opportunity

    I see a role for the CSG (Chief Scape Goat) or CSL (Chief Sacrificial Lamb). Their only role in the organisation is to serve jail sentences for executives. They are paid only a nominal salary but receive enormous bonuses if they are actually required to go to jail (bonus based on time confined).

    1. Phil O'Sophical Silver badge
      Coat

      Re: I see a new C-job opportunity

      Given French unemployment numbers, they could probably offer such positions at minimum wage and still get takers...

    2. Anonymous Coward
      Anonymous Coward

      Re: I see a new C-job opportunity

      Canary M. Burns.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021