Browse > Home / E2EE

France Arrested Pavel. The UK Signals Signal: What Might Follow?

December 23, 2025

green-dino_thumbAnother dinobaby post. No AI unless it is an image. This dinobaby is not Grandma Moses, just Grandpa Arnold.

As a dinobaby, I play no part in the machinations of those in the encrypted messaging arena. On one side, are those who argue that encryption helps preserve a human “right” to privacy. On the other hand, are those who say, “Money laundering, kiddie pix, drugs, and terrorism threaten everything.” You will have to pick your side. That decision will dictate how you interpret the allegedly actual factual information in “Creating Apps Like Signal or WhatsApp Could Be Hostile Activity, Claims UK Watchdog.”

image

An American technology company leader looks at a UK prison and asks the obvious question. The officers escort the tech titan to the new cell. Thanks, Venice.ai. Close enough for a single horse shoe.

“Hostile activity” suggests bad things will happen if a certain behavior persists. These include:

  1. Fines
  2. Prohibitions on an online service in a country (this is popular in Iran among other nation states)
  3. Potential legal hassles (a Heathrow holding cell is probably the Ritz compared to HMP Woodhill)

The write up reports:

Developers of apps that use end-to-end encryption to protect private communications could be considered hostile actors in the UK.

That is the stark warning from Jonathan Hall KC, the government’s Independent Reviewer of State Threats Legislation and Independent Reviewer of Terrorism Legislation

I interpret this as a helpful summary of a UK government brief titled State Threats Legislation in 2024. The timing of Mr. Hall’s observation may “signal” an overt action. That step may not be on the scale of the French arrest of a Russian with a French passport, but it will definitely create a bit of a stir in the American encrypted messaging sector. Believe it or not, the UK is not thrilled with some organizations’ reluctance to provide information relevant to certain UK legal matters.

In my experience, applying the standard “oh, we didn’t get the email” or “we’ll get back to you, thanks” is unlikely to work for certain UK government entities. Although unfailingly polite, there are some individuals who learned quite particular skills in specialized training. The approach, like the French action, can cause surprise among the individuals identified as problematic.

With certain international tensions rising, the UK may seize an opportunity to apply both PR and legal pressure to overcome what may be seen an impolite and ill advised behavior by certain American companies in the end to end encrypted messaging business.

The article “Creating Apps Like Signal” points out:

In his independent review of the Counter-Terrorism and Border Security Act and the newly implemented National Security Act, Hall KC highlights the incredibly broad scope of powers granted to authorities.

The article adds:

While the report’s strong wording may come as a shock, it doesn’t exist in a vacuum. Encrypted apps are increasingly in the crosshairs of UK lawmakers, with several pieces of legislation targeting the technology. Most notably, Apple was served with a technical capability notice under the Investigatory Powers Act (IPA) demanding it weaken the encryption protecting iCloud data. That legal standoff led the tech giant to disable its Advanced Data Protection instead of creating a backdoor.

What will the US companies do? I learned from the write up:

With the battle lines drawn, we can expect a challenging year ahead for services like Signal and WhatsApp. Both companies have previously pledged to leave the UK market rather than compromise their users’ privacy and security.

My hunch is that more European countries may look at France’s action and the “signals” emanating from the UK and conclude, “We too can take steps to deal with the American companies.”

Stephen E Arnold, December 23, 2025

Written by Stephen E. Arnold · Filed Under E2EE, Government, News | Leave a Comment 

FOGINT: France Gears Up for More Encrypted Message Access

March 12, 2025

dino orange_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumbYep, another dinobaby original.

Buoyed with the success of the Pavel Durov litigation, France appears to be getting ready to pursue Signal, the Zuck WhatsApp, and the Switzerland-based Proton Mail. The actions seem to lie in the future. But those familiar with the mechanisms of French investigators may predict that information gathering began years ago. With ample documentation, the French legislators with communication links to the French government seem to be ready to require Pavel-ovian responses to requests for user data.

“France Pushes for Law Enforcement to Signal, WhatsApp, and Encrypted Email” reports:

An amendment to France’s proposed “Narcotraffic” bill, which is passing through the National Assembly in the French Parliament, will require tech companies to hand over decrypted chat messages of suspected criminals within 72 hours. The law, which aims to provide French law enforcement with stronger powers to combat drug trafficking, has raised concerns among tech companies and civil society groups that it will lead to the creation of “backdoors” in encrypted services that will be exploited by cyber criminals and hostile nation-states. Individuals that fail to comply face fines of €1.5m while companies risk fines of up 2% of their annual world turnover if they fail to hand over encrypted communications demanded by French law enforcement.

The practical implications of these proposals is two-fold. First, the proposed legislation provides an alert to the identified firms that France is going to take action. The idea is that the services know what’s coming. The French investigators delight at recalcitrant companies proactively cooperating will probably be beneficial for the companies. Mr. Durov has learned that cooperation makes it possible for him to environ a future that does not include a stay at the overcrowded and dangerous prison just 16 kilometers from his hotel in Paris. The second is to keep up the momentum. Other countries have been indifferent to or unwilling to take on certain firms which have blown off legitimate requests for information about alleged bad actors. The French can be quite stubborn and have a bureaucracy that almost guarantees a less than amusing for the American outfits. The Swiss have experience in dealing with France, and I anticipate a quieter approach to Proton Mail.

The write up includes this statement:

opponents of the French law argue that breaking an encryption application that is allegedly designed for use by criminals is very different from breaking the encryption of chat apps, such as WhatsApp and Signal, and encrypted emails used by billions of people for non-criminal communications. “We do not see any evidence that the French proposal is necessary or proportional. To the contrary, any backdoor will sooner or later be exploited…

I think the statement is accurate. Information has a tendency to leak. But consider the impact on Telegram. That entity is in danger of becoming irrelevant because of France’s direct action against the Teflon-coated Russian Pavel Durov. Cooperation is not enough. The French action seems to put Telegram into a credibility hole, and it is not clear if the organization’s overblown crypto push can stave off user defection and slowing user growth.

Will the French law conflict with European Union and other EU states’ laws? Probably. My view is that the French will adopt the position, “C’est dommage en effet.” The Telegram “problem” is not completely resolved, but France is willing to do what other countries won’t. Is the French Foreign Legion operating in Ukraine? The French won’t say, but some of those Telegram messages are interesting. Oui, c’est dommage. Tip: Don’t fool around with a group of French Foreign Legion fellows whether you are wearing and EU flag T shirt and carrying a volume of EU laws, rules, regulations, and policies.

How will this play out? How would I know? I work in an underground office in rural Kentucky. I don’t think our local grocery store carries French cheese. However, I can offer a few tips to executives of the firms identified in the article:

  1. Do not go to France
  2. If you do go to France, avoid interactions with government officials
  3. If you must interact with government officials, make sure you have a French avocat or avocate lined up.

France seems so wonderful; it has great food; it has roads without billboards; and it has a penchant for direct action. Examples range from French Guiana to Western Africa. No, the “real” news doesn’t cover these activities. And executives of Signal and the Zuckbook may want to consider their travel plans. Avoid the issues Pavel Durov faces and may have resolved this calendar year. Note the word “may.”

Stephen E Arnold, March 12, 2025

Written by Stephen E. Arnold · Filed Under E2EE, Government, Legal matters, News | Comments Off on FOGINT: France Gears Up for More Encrypted Message Access 

DarkCyber for June 29, 2021, Now Available: Operation Trojan Shield Provides an Important Lesson

June 29, 2021

DarkCyber 13 discusses the Operation Trojan Shield sting. You can view the video at this link. The focus is on three facets of the interesting international takedowns not receiving much attention. The wrap up of the program is a lesson which should be applied to other interesting mobile device applications. If you are wondering how useful access to app data and its metadata are, you may find this 11 minute video thought provoking. DarkCyber is a production of Stephen E Arnold, a semi-retired consultant who dodges thumbtypers, marketers, and jargon lovers. Remember: No ads and no sponsors. (No, we don’t understand either but he pays our modest team like clockwork.)

Kenny Toth, June 29, 2021

Written by Stephen E. Arnold · Filed Under cybercrime, cybersecurity, DarkCyber, E2EE, News | Comments Off on DarkCyber for June 29, 2021, Now Available: Operation Trojan Shield Provides an Important Lesson 

  • Archives

  • Recent Posts

  • Meta