The CEO of Signal said Tuesday that the service will leave Sweden rather than comply with a rule that will require vendors to capture all secure messages and save a plain text copy, in case authorities later want to subpoena that data.But the issue goes far beyond one secure messaging company and one governments regulators. The European Union is considering similar regulations (many of them requiring backdoors to the data, which is even more problematic than simply saving a copy), as are the UK, France, and several other jurisdictions, including the US. If enough of those regulators insist on being able to access secure communications, it raises the issue of whether encrypted communications can be effectively used by any business.In practice, this means that we are asked to break the encryption that is the foundation of our entire operation. Asking us to store data would undermine our entire architecture, and we would never do that. We would rather leave the Swedish market entirely, Signal CEO Meredith Whittaker told a Swedish news organization. If we create a vulnerability based on Swedish demands, it would create a way to undermine our entire network.Earlier this month, a similar effort was attempted in the UK with Apple encryption. Apple pushed back, and the UK regulators, for the moment, backed off.Indeed, Signal also ran into something very similar with UK regulators two years ago. When it objected, the UK regulators withdrew their request.In many jurisdictions, regulators have been pushing for such access for ostensibly legitimate reasons, such as cracking down on child pornography or organized criminal organizations that are using encryption to hide from law enforcement.But Fred Chagnon, principal research director at Info-Tech Research Group, argues that such well-intended efforts are doomed to fail, and will deliver negative side effects.If such rules breaking encryption are enforced, the bad guys will simply use alternative methods to hide their actions, Chagnon said, whereas people who truly need to have conversations outside the earshot of authoritarian regimes will be severely hurt.There is also a practical problem with Swedens demand that a copy of messages be retained in clear text. Even though the data is intended to be retained in case law enforcement later needs it, once saved, it could also be accessed by any group breaking into that vendors systems.Governments pursuing encryption [access] are playing a dangerous game of short-sightedness. This isnt about one app or one country. Its about the fundamental right to secure communication, Chagnon said. By forcing Signal to compromise its core security, theyre signaling that end-to-end encryption is essentially outlawed. This creates a precedent where private, secure communication becomes impossible. Introducing a backdoor isnt a fix. Its a systemic failure, creating a permanent vulnerability that can only be temporarily mitigated with compensating controls. Inevitably, these controls will fail. The platforms lack of security is, therefore, a feature, not a bug.Chagnon said that this back-and-forth vendor-to-regulator dynamic could quickly change if/when regulators find a vendor who is willing to let regulators access secure communications.Every time there is [vendor] capitulation, it makes it exponentially harder to win the next fight. Its inevitable that some government will find a way to find some company [to agree] and that will make a precedent, Chagnon said. I dont think governments are thinking about the unintended consequences. They used to be able to tap everyones phones. They are trying to get back to that standard.Michela Menting, senior director for global technology intelligence at ABI Research, mostly agreed with Chagnon, but also said that she had less fear that these regulatory efforts to undermine encryption would ever succeed.Governments have been threatening to mandate backdoors into encryption protocols for a long time, and they are never successful. These pronouncements by well-meaning but misinformed politicians are often a lot of bluster, and the debate seems to resurface cyclically, Menting said. No good can ever come of putting in backdoors to encryption, not when so much of the worlds modern communication relies on it to guarantee privacy and confidentiality.She also said that, in turbulent political times, good cops can quickly morph into bad actors.As we see today, even democratic countries that imbue such rights in law can start swinging towards authoritarianism, she said. That makes it so important that encryption isnt unduly tampered with, for whatever reason.Menting stressed that she did not have serious concerns that encryption would be meaningfully hurt by those efforts.It would be highly unlikely for a domino effect, whereby governments around the world start calling for backdoors into encryption protocols, and, heaven forbid, the underlying primitives, forcing vendors to pull out of doing business in those countries, Menting said. And it is highly unlikely that enterprises would start creating their own messaging apps. That would start becoming highly prohibitive in terms of cost, and in any case, there arent enough cryptographic experts available around the world anyway to do that.Another analyst, Heidi Shey, principal analyst for security and risk at Forrester, said enterprises also should be discouraging their people from using consumer-grade apps such as Signal anyway.In many situations, enterprises should not be using consumer apps like WhatsApp and Signal for business purposes. There are enterprise apps for secure communications that address concerns such as regulatory compliance, data sovereignty, as well as targeted attacks on and surveillance of their communications, Shey said. Such apps will have capabilities for managing data retention, metadata security, assurance, and more. In Europe, this includes enterprise apps from providers like Element, Salt Communications, Threema, and Wire.