As Europe marks this year’s Data Privacy Day, debate around how personal data should be protected is once again in the spotlight. Governments, regulators, technology firms and civil society groups are weighing how to balance public safety, innovation and individual privacy in an increasingly connected world.
Encryption sits at the centre of this debate. It has long been seen as a key tool for protecting personal data from cybercrime, surveillance and misuse. Yet it remains contested, especially as lawmakers revisit proposals that would allow authorities greater access to private communications.
Chester Wisniewski, Director and Global Field CISO, says the lessons of the past decade should not be ignored. “As we approach this year’s Data Privacy Day in the EU. It is important to remember the importance of encryption in securing our information from unwanted spying and privacy violations,” he says. “We are now nearly 13 years past the release of Ed Snowden’s NSA leaks and we are still fighting to keep end-to-end encryption, most recently in the battle over Chat Control.”
Risks of Encryption Backdoors and User Data Control
Wisniewski warns that creating special access points, even with good intentions, can expose users to new risks. “Having backdoors and a policy of authorized access doesn’t work,” he says. “We have seen numerous American tech companies fooled by cybercrime groups like LAPSUS$ and Scattered Spider. Who have impersonated law enforcement agencies to gain ‘lawful access’ to people’s personal information.”
Across Europe, regulators argue that stronger oversight is needed to combat online abuse and serious crime. Privacy advocates counter that weakening encryption could harm trust in digital services and leave users more vulnerable to hackers.
For Wisniewski, the core issue is control. “Encryption allows us to share what we want, when we want, with whomever we want,” he says. “By starting from a position with the user in control, they are empowered to share safely and with consent.”
As Data Privacy Day is marked across the region, experts say it is also a moment for individuals to act. Reviewing the apps, platforms and services used for communication and data storage can be a practical step toward stronger digital safety in a fast-changing policy landscape.
