Encrypted messaging app Signal has declared that it will leave the Swedish market if a new proposed law requiring messaging app-providers to store messages is approved.
The proposed law is due to come into force on March 1, 2026, and will require encrypted apps such as WhatsApp and Signal to store all messages sent using the apps. They will also have to store subscription data, information which can be used to identify and locate a subscriber and registered user.
But the most debated requirement with the new proposed legislation is that the messaging apps will be forced to implement technical backdoors – which will be accessible by the police and the Swedish Security Service (Säpo).
Signal on the rise
Signal and its encrypted messaging have recently risen in popularity, especially in the Netherlands where it topped the charts as one of the most downloaded apps. Even the Swedish Armed Forces decided recently to start using it, in order to make it harder to wiretap its communications.
Signal Foundation President Meredith Whittaker told Swedish public broadcaster SVT that Signal would rather leave the Swedish market than comply with the proposed legal requirements.
“Ultimately, if the choice is between complying with this legislation or leave the Swedish market, we would leave the Swedish market,” she said. “Asking us to store data would undermine our entire architecture and we would never do that.”
‘Crucial to gain access to communications’
Sweden’s Minister of Justice Gunnar Strömmer (M) said that it’s crucial for law enforcement authorities to effectively gain access to electronic communications in order to address threats to national security. He also addressed the need to store data for a longer period of time than is required today.
The time frames for accessing the data vary. In some instances the Security Service could access information up to two years after it is created.
Whittaker said that the proposed law doesn’t understand the grave consequences for cybersecurity, or for the human right to privacy. “There’s no such thing as a backdoor that only good guys can access,” she said.
She also pointed out there are very few digital places today where people can communicate privately, or for whistleblowers to share their information.
“There’s no such thing as a backdoor that only good guys can access.”
Meredith Whittaker, President, Signal Foundation
Security experts have also expressed concerns about the backdoor entrance, with worries about other actors hacking it and gaining access to the data, by either criminals or state actors like Russia and China.
The Swedish Armed Forces also addressed their concern about the new law, and wrote in a letter to the Government that “the requirement for an adaptation obligation for number-independent interpersonal communication services will not be able to be fulfilled without introducing vulnerabilities and backdoors that could be exploited by third parties.”
The proposed rule will include measures to:
- let the Security Service decide on a more extensive storage obligation if the country is facing a serious threat to national security;
- subject providers of number-independent interpersonal communication services to rules on storage obligations, and make them adapt their operations so that secret coercive measures can be enforced;
- extend the storage period for subscription data, introduce sanctions for failing to comply with the storage obligation, and update the rules to make them clearer for providers and authorities.
Other companies and organizations have also highlighted that this law would probably require “significantly increased storage resources,” and that costs and the need for personnel resources would also increase. This is something which the parties say could result in providers stopping their services in the country due to the high requirements or to increased costs.
The news comes son after Apple announced it would be withdrawing cloud stoprage encryption services from the UK after the government there demanded backdoor access to customer data.
