Patrick Walsh
Originally published at

Forbes: The Rise Of Encryption In A Schrems II World

At this very moment, there is no lawful basis for transatlantic transfers of personal data from the EU to the U.S. This is thanks to a case called Schrems II that dismantled the EU-U.S. Privacy Shield framework. A new framework to take its place has been agreed to in principle but is not yet law and will almost certainly be challenged in a Schrems III case.

The primary concern of the Court of Justice of the European Union is protecting their citizens’ data from secret warrants and surveillance by the U.S. government. Due to the CLOUD Act, it’s no longer sufficient to simply keep the data in Europe, and because of Schrems II, standard contractual clauses alone can’t be relied on.

With a lot at stake, software companies are turning to encryption to ensure the privacy of customer data and comply with the requirements laid out by the Court of Justice.

Two Encryption Approaches That Satisfy Schrems II

The goal of encryption is to ensure that access to EU citizen data is protected by due process that meets EU privacy standards. One way to achieve this is to make U.S. government agencies work with their counterparts in the EU to get access to EU citizen data. There are two encryption patterns that, when done right, accomplish these goals.

1. End-To-End Encryption

With end-to-end encryption, data is encrypted and decrypted on user devices (e.g., laptops or phones), and the software companies holding the data don’t have access to the keys needed to decrypt it. Their servers never see anything but meaningless bytes.

How End-To-End Encryption Is Schrems II Compliant

A government agency wanting access to the data will either need to compel it from the data owner, which may be an individual or a business; gain access to an authorized device that holds the key; or otherwise break or undermine the system, for example, by guessing a password that’s used to unlock keys.

Even if a U.S. agency compels access to encrypted EU citizen data, that data still needs a key to be useful, and privacy is preserved. This level of data protection is more than adequate for overcoming the objections raised by the Schrems II case.

The Limitations Of End-To-End Encryption

Unfortunately, companies sometimes complain that end-to-end encryption is too hard and that it imposes a reduction in features and functionality. In some cases, it may not be feasible to use this encryption architecture if data must be processed on the server. Luckily, there’s an alternative pattern that works.

2. Hold Your Own Keys (HYOK) Encryption

The goal of an HYOK encryption architecture is to put the control of data into the hands of the customer and EU courts while still allowing companies to process data.

With HYOK, data is encrypted before being sent to the database or disk (application-layer encryption), and the software company does not hold the keys needed to decrypt sensitive customer data. Instead, they interoperate with a third-party key management service. The server can decrypt data but only does so in memory for short periods of time. No protected data or secrets are ever written to a disk unencrypted, and the customer can revoke access at any time.

How HYOK Is Schrems II Compliant

With HYOK, the software company is technically able to decrypt data as long as the remote key is accessible. Provided this capability is only available in the application and the application doesn’t give company employees the means to export unencrypted data, then employees would only produce the encrypted data stored on disk in response to a valid warrant. Anything else would require writing software.

In other words, HYOK must be implemented in a way that a U.S. agency would have to compel the software company to write code that undermines their access controls and security measures to get access to the unencrypted data.

The U.S., however, does not have explicit authority to compel a software company to write software—and certainly not a backdoor. A power like that would seriously undermine the ability of U.S. software companies to compete internationally.

Several years ago, the FBI attempted to force Apple to write new code that would undermine its own systems so the FBI could get access to a customer’s encrypted data. Apple pushed back with a slew of compelling arguments, from characterizing writing code as free speech to showing the slippery slope such a precedent would create. The FBI dropped the case.

Slack’s Compliance Approach Includes HYOK

Slack launched HYOK in 2019 under the name Enterprise Key Management (EKM) and cited EKM in response to questions from Max Schrems, the initiator of the Schrems II lawsuit, about their legal basis for holding the data of EU citizens. Other companies are doing the same by using HYOK as an important component of a multipronged strategy. According to their earnings calls, the EKM product has been a double win for Slack as it helped them increase sales to security-conscious customers.

Ultimately, HYOK allows software companies to strengthen the contractual promises they make to customers with technical measures that require two subpoenas: one to the software company to get the encrypted data and one to the party with access to the keys.

The Future Of EU Data Favors Encryption

The Schrems II court decision was handed down two years ago and was followed by a host of complaints about U.S. companies, including a major one against Meta. Those investigations are only now beginning to conclude, and so far, the results are worrisome for U.S. software companies. The next major decision could force Meta to stop operations in Europe, which would have far-reaching effects.

In this post-Schrems II world, software companies must find ways to build their software so that it preserves the privacy and security of their customers even against government overreach. Best practices around data security are evolving, and U.S. companies are evolving with them.