France Moves to Break Encrypted Messaging

France’s intelligence delegation in parliament has formally backed breaking the encryption that protects WhatsApp, Signal, and Telegram conversations, recommending that magistrates and intelligence agents be granted what lawmakers describe as targeted access to messages that platforms currently cannot read even themselves.

The delegation, an eight-member body composed of four deputies and four senators, published its conclusions on Monday after months of work on a question that keeps returning to the French Parliament. “The inability to access the content of encrypted communications constitutes a major obstacle for the work of the justice system and intelligence services,” the delegation wrote, framing end-to-end encryption as a problem to be solved rather than a protection to be preserved.

The technology end-to-end encryption uses is precisely the thing the delegation wants weakened. Decryption keys live on user devices, not on company servers, which means the platforms holding your messages genuinely cannot read them. That’s the design and the point. Strip that property away and the protection collapses because a system that lets investigators read messages on demand is also a system that can be abused, leaked, subpoenaed, or hacked.

French police and intelligence services have spent years complaining about this tech. They can still intercept old-fashioned phone calls and SMS messages with a judge’s warrant but encrypted platforms route around that capability entirely.

The delegation acknowledged that investigators already have a workaround called RDI, or “collection of digital data” which can involve compromising a target’s device and harvesting its contents wholesale through what officials call “remote interception,” remote captures. That technique gives security services access to everything on a phone, far more than just the messages they’re chasing. The delegation called it inadequate anyway.

Senator Cédric Perrin, who chairs the foreign affairs committee and sits on the intelligence delegation, has been pushing this fight for over a year. During debate on a narcotrafic bill, he secured an amendment that would have forced messaging platforms to “implement the necessary technical measures in order to allow intelligence services to access the intelligible content of communications and data passing through them.”

Refusal to comply carried fines of up to 2 percent of worldwide annual turnover. The Senate passed it. The National Assembly killed it, with the Macronist deputies, the left, and even the Rassemblement National voting it down.

Perrin’s framing then was that nothing fundamental was changing. “I don’t see how there would be any difference between what is done today with SMS and emails and what would be done tomorrow with WhatsApp, Signal, and Telegram,” he said at the time, with backing from then-Interior Minister Bruno Retailleau and Justice Minister Gérald Darmanin.

The argument treats encrypted messaging as just another communication channel that should sit within reach of the state, ignoring that the entire reason these platforms exist is to occupy a different category.

Aurélien Lopez-Liguori, the RN deputy who opposed the amendment, made the technical objection bluntly. “This is a total misunderstanding of what encryption means. The decryption keys are at the level of users’ devices. The key isn’t centralized somewhere within the platform. You would then have to set up backdoors for all communications, which would go far beyond the scope of fighting drug trafficking. The first hacker to come along would have access to our communications,” he warned.

Translated into engineering terms, his point was the one cryptographers have been making for thirty years. There is no such thing as a backdoor only the good guys can use.

Perrin now offers a different framing. “Article 8 ter, which I had adopted, was not at all aimed at obtaining encryption keys but at introducing a ghost participant into a conversation before encryption,” he says.

The “ghost participant” approach, sometimes called a ghost user proposal, was floated by GCHQ in 2018 and rejected by every major privacy organization, civil liberties group, and security researcher who looked at it. The idea is that the platform silently adds a third recipient, an invisible intelligence agent, to a supposedly two-person conversation. Users never see them.

The encryption technically still works, except that one of the parties is the state.

Perrin also rejected the suggestion that civil liberties were at stake. “Protecting public freedoms is our concern as parliamentarians. That was addressed through various administrative and judicial checks. The work carried out within the delegation was about getting a clearer technical picture of what is or isn’t possible. It’s curious that the RN, which constantly emphasizes its desire to protect the French people, doesn’t want to give intelligence services the tools to do so,” he said.

The delegation’s report concluded that targeted access is not technically out of reach and noted that an expert group convened by the European Commission is working on a technological roadmap to identify how such access could be built. This means the technical problem cryptographers have been describing as unsolvable is being treated as a project management exercise.

Mass surveillance, of course, isn’t what the delegation is proposing. The fear isn’t that a French investigator will read every WhatsApp message. The fear is that infrastructure built for targeted access has a way of growing, that an authentication mechanism built for terrorism cases ends up serving organized crime cases, then drug cases, then immigration cases, then political surveillance cases, and that a French ghost-user system gets demanded by less democratic governments next.

Not everyone in the Senate’s right-and-center majority agrees with the delegation’s direction. Senator Olivier Cadic, of the Centrist Union, secured an amendment to a separate bill on critical infrastructure resilience and cybersecurity that would do the opposite, writing encryption protection into French law and prohibiting any obligation on messaging services to install backdoors. The Senate adopted it in March 2025.

The intelligence delegation’s report attacks that text directly, claiming “This new Article 16 bis would weaken the legal framework for intelligence and investigative techniques and would hinder their implementation.” Cadic’s reasoning was the one the delegation seems determined to ignore. “I am obviously in favor of tracking down criminals, but not with tools that could bring us down. We must not create our own vulnerabilities,” he said. His bill was examined in committee at the National Assembly in September and has been stalled since.

Earlier this year, then-Prime Minister Sébastien Lecornu commissioned deputy Florent Boudié, who chairs the National Assembly’s law committee, to examine “possible changes to existing legal frameworks” for giving investigators access to encrypted communications. The legislative vehicle for any new attempt remains undecided, with parliamentarians waiting to see what Boudié produces but reportedly open to a fresh proposition de loi if it’s needed.

What’s underway in France isn’t really a debate about whether intelligence services should have tools to investigate serious crime. They already do. They have the RDI authority to compromise individual devices, the surveillance algorithmique they expanded last year, satellite interception powers, traditional wiretaps, metadata access, and the cooperation of every French telecom operator.

The new fight is about whether the one category of communication that currently resists state interception, secured by mathematics rather than by promise, should be reshaped so that resistance disappears. The delegation has answered yes. The cryptography hasn’t changed. The political will to ignore what the cryptography says has.