"A dangerous approach" – Experts urge the Swedish Parliament to reject the encryption backdoor law

Shattered glass with padlock icon and national Sweden flag - security concept

(Image credit: Getty Images)

More than 200 experts urge Sweden to reject a bill that would mandate encryption backdoors
If passed, the legislation could come into force as early as March 2026
The Swedish Army also warns that a backdoor would create vulnerabilities that third parties could exploit

Over 200 experts have called on the Swedish Parliament to reject a proposed law that would force the likes of Signal, WhatsApp, and email service providers to create an encryption backdoor in their software.

The draft bill seeks to introduce new obligations on data retention and access to electronic information for law enforcement while "ensuring respect for fundamental rights and freedoms."

Yet, the coalition, made up of some of the best VPN and secure email service providers, cryptographers, and digital rights advocates, warns that the new rules "would greatly undermine the security and privacy of Swedish citizens" instead.

The security risk of weakening encryption

As experts pointed out in a joint open letter published on April 8, 2025, "the legislation presents a dangerous approach which would instead create vulnerabilities that criminals and other malicious actors could readily exploit."

Encryption refers to the scrambling of data, making it unreadable and preventing third-party access. Specifically, end-to-end encryption (E2E) is the technical infrastructure that encrypted messaging apps use to keep your messages private between you and the receiver, end to end.

The proposed Swedish legislation seeks to make it easier for law enforcement to fight crime by forcing companies to store and provide access to people's private communication upon request.

However, experts have long argued that this isn't possible without creating a backdoor that fundamentally breaks the security infrastructure upon which encryption is built.

It's like building "a master key that unlocks every door in a building," noted the coalition, adding that "compromising encryption would leave Sweden’s citizens and institutions less safe than before."

Sweden wants to #backdoor #encryption. But we, together with 230+ orgs, are saying no.#NoToBackdoors 💪Read our open letter to the Swedish Riksdag: 👉 https://t.co/WhkZcwFrRO pic.twitter.com/fE1Y8raSkiApril 8, 2025

The Swedish Armed Forces also echoed such security concerns, arguing that the proposed new requirements for E2E services "cannot be fulfilled without introducing vulnerabilities and backdoors that third parties can exploit."

In February, the Swedish Army even endorsed the use of Signal among its employees to make it more difficult for non-classified calls and messages to be intercepted.

Outside Sweden, recent events like the Salt Typhoon attack on all the major US telecoms have also sparked a pledge for all citizens to switch to encrypted services.

Ironically, though, Signal President Meredith Whittaker already said the company would rather leave Sweden than undermine its encryption protections.

If the bill passes, the new rules could be enforced as early as March 2026.

Experts are now calling on the Swedish Parliament to reject the law and prioritize policies that strengthen rather than weaken cybersecurity. They wrote: "Sweden's security, prosperity, and freedom depend on it."

Not only Sweden

Sweden isn't the only EU member striving to make people's data more easily accessible to authorities during investigations.

After over three years of trying to pass a law to scan all citizens' messages in the hunt for child sexual abuse material (CSAM) – what's known as Chat Control by its critics – the EU Commission just published a new strategy on encryption backdoors and lawful data access.

Outside the EU, Apple is currently facing the UK in court over the request to make iCloud's encrypted data accessible at all times by law enforcement.

Once believed to be a privacy paradise, even Switzerland now wants to amend its surveillance law to add new types of monitoring and information collection. A change that would widen the authorities' reach to no-log VPNs and other secure messaging providers.

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life – wherever cybersecurity, markets, and politics tangle up. She believes an open, uncensored, and private internet is a basic human need and wants to use her knowledge of VPNs to help readers take back control. She writes news, interviews, and analysis on data privacy, online censorship, digital rights, tech policies, and security software, with a special focus on VPNs, for TechRadar and TechRadar Pro. Got a story, tip-off, or something tech-interesting to say? Reach out to chiara.castro@futurenet.com

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.