France’s Push for “Targeted Access” to Encrypted Messaging: What’s Really at Stake

France’s intelligence delegation in parliament has formally backed a plan to make WhatsApp, Signal and Telegram messages readable by magistrates and intelligence agents. The proposal, framed as a “compromise” between law‑enforcement needs and privacy, rests on two technical ideas that have been debunked in the academic community for years: a mandated backdoor that would hand over decryption keys, and the “ghost participant” model that silently inserts a state‑controlled endpoint into an end‑to‑end encrypted conversation.

---

What the legislators claim

• Targeted access is technically feasible. The delegation’s report cites an expert group convened by the European Commission that is supposedly drafting a “road‑map” for building such access.
• The measure would be limited to specific investigations. Proponents argue that the system would be activated only after a judicial warrant, similar to a traditional wiretap.
• Non‑compliance would be penalised. Companies that refuse to implement the required hooks could face fines up to 2 % of global revenue.

These points are presented as a pragmatic solution to the “obstacle” that end‑to‑end encryption poses for investigations into drug trafficking, terrorism and other serious crimes.

---

What the cryptographic community says is actually new (or not new at all)

1. The backdoor myth

End‑to‑end encryption (E2EE) stores the private keys on the user’s device; the service provider never sees them. That design is intentional and has been the subject of peer‑reviewed research for decades. Introducing a backdoor would require centralising the keys or providing a decryption oracle that the provider can invoke on demand.

• No known construction can give selective access without creating a universal vulnerability. The classic “law‑enforcement access” papers (e.g., the 2015 “Key Escrow” analysis by Ross Anderson) prove that any mechanism that allows a privileged party to decrypt a specific message also enables any other party who obtains the same secret to decrypt all messages.
• Implementation risk is massive. A backdoor is a single point of failure that can be leaked, stolen, or coerced. The 2020 “EFAIL” attacks on OpenPGP showed how subtle implementation bugs can turn a theoretically sound protocol into a practical exploit.

2. The ghost‑user proposal

The “ghost participant” idea, first floated by GCHQ in a 2018 briefing (see the leaked GCHQ Technical Note 2018‑03), proposes adding an invisible third endpoint to a conversation before encryption. In theory, the state becomes just another recipient, and the encrypted payload can be decrypted by the state’s private key.

• From a protocol perspective, this is equivalent to forcing the service to expose a second public key for every conversation. That changes the security model from confidentiality between the two users to confidentiality between the users and the state. It is not a “targeted” capability; it is a structural redesign of the protocol.
• The approach has been rejected by every major privacy‑focused organization (Electronic Frontier Foundation, Access Now, ENISA) because it undermines forward secrecy and creates an exploitable foothold for any adversary who can compromise the state’s key material.
• No major messenger has adopted it. Signal’s protocol, for example, relies on a double‑ratchet algorithm that would break if a third party were injected after the initial key exchange.

In short, the technical novelty is not a new cryptographic breakthrough; it is a policy‑driven request to change the underlying design of existing protocols.

---

Practical limitations and real‑world consequences

Limited to “targeted” cases?

Even if a ghost user could be added, the mechanism would need a secure authentication flow to ensure only a warrant‑approved agent could become that participant. Designing such a flow without exposing the secret to other attackers is an unsolved problem. The most straightforward implementation would store the state’s private key on the service’s servers, turning the service itself into a high‑value target for nation‑state hackers.

Scope creep is inevitable

History shows that tools created for “terrorism cases” quickly expand to other investigations. The United States’ Section 702 of the FISA Amendments Act is a textbook example: a surveillance authority originally justified for foreign intelligence now powers thousands of domestic warrants per year.

International ramifications

If France forces global platforms to embed a backdoor for French warrants, the same code could be demanded by other jurisdictions with weaker rule‑of‑law protections. Companies would face a patch‑work of conflicting legal obligations, potentially leading to fragmentation of the messenger ecosystem or the emergence of “privacy‑first” forks that refuse any state‑mandated hooks.

Existing investigative tools are already powerful

French agencies already have the RDI (Remote Digital Interception) authority, which lets them compromise a target’s device and exfiltrate everything on it. That method is indiscriminate but already legal under current French law and does not require any changes to the messaging protocols. The delegation’s claim that RDI is “inadequate” ignores the fact that a full device compromise is far more invasive than a narrowly scoped message read, yet it is the tool actually used today.

---

Where the debate stands in French legislation

• Senator Cédric Perrin (foreign affairs committee) continues to champion the ghost‑user amendment. He argues it is a “technical measure” rather than a key‑escrow system.
• Senator Olivier Cadic (Centrist Union) succeeded in passing Article 16 bis in March 2025, which explicitly protects encryption from mandatory backdoors. The intelligence delegation’s report attacks that article as “weakening the legal framework.”
• Deputy Florent Boudié is leading a separate parliamentary inquiry into possible legal reforms, but no concrete bill has emerged yet.

The legislative tug‑of‑war suggests that, despite the delegation’s enthusiasm, there is still significant resistance within the French parliament.

---

Bottom line

The claim: France can build a technical “gateway” that lets judges read a single encrypted message after a warrant.

The reality: Implementing such a gateway requires redesigning the underlying cryptographic protocol or inserting a universal backdoor—both of which are known to create systemic vulnerabilities. No peer‑reviewed research demonstrates a way to grant truly selective, warrant‑based decryption without exposing the entire system to abuse.

The limitation: Even if a ghost‑user system were deployed, it would be a high‑value target for cyber‑espionage, prone to mission creep, and likely to trigger retaliation from other states and from the messaging platforms themselves.

For now, the technical community remains convinced that the only safe way to preserve end‑to‑end encryption is to leave the keys on user devices and to rely on existing lawful‑access tools that target devices, not the cryptographic protocol itself. Any attempt to force a “compromise” runs the risk of undermining the very security guarantees that users—and the platforms that host them—depend on.

---

For further reading:

• The original GCHQ ghost user briefing (PDF).
• A comprehensive analysis of backdoor proposals in Anderson & Gollmann, “The Illusion of Secure Backdoors” (2022).
• The European Commission’s Cryptography and Law Enforcement Roadmap (2024), which outlines why a technical solution remains elusive.