No more WhatsAppEU diplomats to use mystery app for secure messaging

While the EU Commission has asked staff to use Signal for messaging, the External Action Service is rolling out a bespoke app. But it refuses to share any details about it.

Josep Borrell
Josep Borrell, head of the European External Action Service CC-BY 2.0 European Parliament

The EU is taking steps towards more secure communications, but not all of them are necessarily in the same direction.

While the EU Commission now recommends staff to use the Signal messaging app, the European External Action Service (EEAS) has recently deployed its own solution for EU diplomats around the globe.

„The EEAS has not instructed its staff to use Signal. The EEAS is in the process of rolling out a robust instant messaging solution and the instruction is to use this tool to exchange sensitive and classified information up to ‚EU-Restricted‘ within the institution and among employees“, spokeswoman Virginie Battu-Henriksson told netzpolitik.org in an e-mail, referring to a certain classification level.

The EEAS is the EU’s foreign service. It has delegations in countries around the world, including in crisis zones such as Afghanistan.

EU officials frequently use WhatsApp for informal coordination. However, data protection issues and reports about spying raise uncomfortable questions about the Facebook-owned service, driving the move to safer alternatives.

New app live since September 2019

Meanwhile, the EEAS declined to disclose details on its new messaging solution. „We would not comment on internal security features“, said Battu-Henriksson. She noted that deployment was „ongoing since September 2019″.

It remains unclear how messages are encrypted on the new messaging app, what software and protocols it uses and how its security is audited.

Data protection is an additional question mark. The data protection officer in charge did not reply to our query whether the EEAS had done a data protection impact assessment. Such an assessment is required by the rules governing EU institutions for certain types of data processing.

The EU parliament recently ran into data protection trouble after contracting the services of NationBuilder, a controversial US firm used in the Brexit referendum and the 2016 Trump campaign.

Deine Spende für digitale Freiheitsrechte

Wir berichten über aktuelle netzpolitische Entwicklungen, decken Skandale auf und stoßen Debatten an. Dabei sind wir vollkommen unabhängig. Denn unser Kampf für digitale Freiheitsrechte finanziert sich zu fast 100 Prozent aus den Spenden unserer Leser:innen.

0 Ergänzungen

Dieser Artikel ist älter als ein Jahr, daher sind die Ergänzungen geschlossen.