German Court Forces Email Provider Tutanota to Create Backdoor to Access Emails

 

According to CyberScoop (November 9, 2020) - A regional court in Germany has ordered the end-to-end encrypted email provider Tutanota to monitor an account belonging to a user under suspicion in a blackmail case.

It’s the latest surveillance-related court decision the email provider is fighting in court, and comes amid a broader, protracted campaign from governments around the world to weaken encryption. The U.S. Department of Justice, for instance, has coordinated with Australia and other nations in recent years to try giving law enforcement more access to encrypted data.

Tutanota said it plans to appeal the November ruling from a regional court in Cologne, arguing that it contradicts an earlier decision from another German court. That first court, the Hanover Regional Court, determined earlier this year that Tutanota does not provide telecommunications services, suggesting it cannot be forced to monitor them under German law. The latest ruling from Cologne also could contradict a 2019 ruling by the Court of Justice of the European Union that Gmail is not an electronic communications service.

In the meantime, Tutanota must abide by the court’s decision, meaning it must develop the monitoring functionality by the end of the year, according to German computer magazine, c’t.

 

-- It is important to note that any e-mail provider that maintains your encryption keys may be forced to compromise those key and thereby compromise the security of your e-mail communication. While encrypted e-mail services, like Tutanota, greatly increase the security of your e-mail, it is important to understand that this security is not foolproof.  

 

This was discussed in the Privacy, Security & OSINT Podcast.