OPINION – By Renaud Ghia, President of Tixeo
The end of end-to-end encryption: a threat to communication security
The widespread use of digital collaboration tools, particularly video conferencing, has become firmly embedded in corporate practices. This shift has been accompanied by greater awareness of the need to protect the confidentiality of shared information, placing end-to-end encryption at the heart of online meeting security concerns.
In a context marked by geopolitical tensions and economic crises, the fight against industrial espionage remains a top priority for European businesses. End-to-end encryption is currently the only genuine safeguard against eavesdropping on communications. It is therefore vital to clarify exactly what this mechanism entails, as its definition continues to be misused or distorted by certain industry players.
Fighting industrial espionage requires genuine end-to-end encryption
End-to-end encryption in video conferencing is a method of transmitting data (video, audio, data) which ensures that only the sender and the intended recipient(s) can decrypt the content, with no decryption taking place at any point in between. It must prevent any eavesdropping, including by telecommunications providers, internet service providers, and even the video conferencing solution provider itself. No one should have access to the encryption keys required to decrypt the conversation.
However, many video conferencing providers claim to offer end-to-end encryption when, in reality, they only encrypt the data flows between the user and the communication server. This means they can easily access the unencrypted data when it passes through their servers. Furthermore, most of these providers are subject to foreign laws requiring them to hand over users’ encryption keys upon request from the authorities. Under such conditions, the actual level of security is far below the claims made.
In France, reliable solutions exist that provide effective protection against espionage attempts. Organisations such as ANSSI (the French National Cybersecurity Agency) can guide businesses in making the right choice. Opting for a video conferencing solution with ANSSI-certified end-to-end encryption guarantees a trustworthy and highly secure service.
Sovereignty and digital independence: a growing imperative
Choosing a truly sovereign end-to-end encryption solution is essential to preserving the strategic autonomy of French and European stakeholders.
For France and Europe, such a choice is directly tied to the digital sovereignty of our industries and economies. It is now vital to take a European approach when building a digital ecosystem. Technology, R&D, support, and, crucially, hosting should be developed and consumed locally to avoid dependency on non-European powers — as recommended by European cybersecurity directives.
Yet foreign influences remain strong and continue to exert pressure…
On 28 January 2025, the French Senate passed an amendment requiring encrypted messaging providers to create privileged access to content exchanged on their platforms for French intelligence services, under penalty of a fine. This “privileged access” is nothing less than a breach in communication security. The creation of such backdoors in messaging systems serves only to weaken the protection of sensitive communications, while criminals will inevitably find alternative channels to continue their exchanges.
Act now to protect French and European industry
While the stated goal of combating terrorism and crime is commendable, the measures proposed against end-to-end encryption could have serious consequences for individual freedoms, freedom of expression, economic competitiveness, and, more broadly, the independence and digital sovereignty of a state.
With backdoors built into software, organisations would lose all guarantees of protection for their critical communications, and user trust would be severely undermined. Another risk is that businesses may turn to non-French or non-European encrypted solutions, which are not bound by protective regulations such as the GDPR.
It is worth recalling that in February 2024, the Court of Justice of the European Union ruled that any action aimed at weakening encryption would be contrary to EU law. Nevertheless, 32 EU countries, including France, have expressed support for ending end-to-end encryption. This comes at a time when the EU’s NIS 2 Directive is urging sensitive organisations to strengthen their cybersecurity. The passing of this amendment in France could therefore hinder innovation and the development of the only technology capable of guaranteeing the highest level of confidentiality for sensitive and secret communications relating to national interests.
To avoid exposing French industry ever more to the plundering of its data, regulators and lawmakers must strike a balance between protecting national security and addressing the urgent need to strengthen the cybersecurity and sovereignty of organisations.