Privacy advocates are raising alarms over new laws in France that could weaken encrypted messaging and limit internet access.
The VPN Trust Initiative (VTI) and secure email provider Tuta (formerly Tutanota) are opposing amendments that could force companies to introduce backdoors in encrypted communication services and impose restrictions on VPN providers.
One major concern is an amendment to France’s “Narcotrafic” law, which would require encrypted messaging providers to decrypt messages for law enforcement within 72 hours. Companies failing to comply could face penalties of €1.5 million for individuals and up to 2% of global revenue for businesses.
The amendment has already passed the French Senate and is now moving to the National Assembly. In response, Tuta’s CEO Matthias Pfau has warned that such backdoors would weaken security for everyone, not just criminals, as they could be exploited by hackers and foreign threats. Critics also argue that the proposal conflicts with GDPR and Germany’s IT security laws.
Another law targets VPN services, driven by Canal+ and the French Football League (LFP), who want VPN providers to block access to piracy-related websites. The VTI, which includes members like Google, NordVPN, ExpressVPN, and Cloudflare, has condemned this move, arguing that it misplaces blame on VPNs instead of addressing piracy at its source. The group warns that such restrictions could set a dangerous precedent, similar to internet censorship laws in China and Russia.
