Europol’s 2025 IOCTA warns that criminals are increasingly turning to end-to-end encrypted apps to thwart police investigations.
The agency also says current metadata collection and tracking practices are too limited, which further hampers law enforcement work.
To address this, Europol calls for "lawful access by design" in encrypted communications and for EU-wide standards governing targeted retention and access to metadata.
Those recommendations dovetail with a recent EU Commission proposal to develop a roadmap for lawful, effective data access by law enforcement — a move that has prompted deep concern among some experts over the risk of an encryption backdoor.
Services such as VPNs, email and messaging apps use end-to-end encryption to ensure only sender and recipient can read messages.
Because that architecture prevents service providers from seeing message content, warrants that depend on provider access can be ineffective in the EU, Europol notes, creating blind spots for investigations.
The IOCTA warns that these technical and legal gaps are making it harder to detect and prosecute internet-enabled organized crime.
Metadata — the details that surround a message rather than its words — is increasingly at the center of a law-enforcement debate.
IP addresses, device locations, phone numbers, contact lists and timestamps are all metadata, as are packet sizes, traffic patterns and other technical footprints that don’t reveal message content.
Europol argues that when end-to-end encryption (E2EE) prevents access to message content, metadata becomes the primary way to trace networks and identify suspects.
In its recent IOCTA assessment the agency complained that inconsistent national rules on retention and access to such records leave investigators hamstrung.
That stance echoes earlier comments from Europol’s chief, Catherine de Bolle, who told the Financial Times that anonymity “isn’t a fundamental right” in the context of criminal investigations and suggested authorities should be able to decrypt communications when needed.
Security researchers, cryptographers and many technologists strongly disagree with proposals to weaken encryption or build backdoors.
Their core argument: creating intentional weaknesses for law enforcement or government access inevitably reduces overall security and can be exploited by criminals or hostile actors.
High-profile cyber incidents have underlined the value of robust encryption.
Last year’s so-called Salt Typhoon campaign, which struck major US telecom operators, prompted authorities to urge greater use of encryption — a reminder that strong protections matter in practice, not just theory.
Legislative efforts to force access to encrypted data have repeatedly stalled.
France rejected an encryption backdoor provision in March, Florida nixed a similar measure in May, and EU negotiators remain divided over the Chat Control proposals after years of debate.
Meanwhile, Europol is pushing a different tack: tighter metadata rules.
The agency is calling for clearer standards on how long subscriber records and IP logs must be retained, and for mechanisms that allow expedited, targeted access to “crucial metadata.”
Privacy advocates warn that expanding mandatory data retention and easing access to metadata risks creating mass surveillance infrastructures.
Combined with modern AI-driven analytics, metadata alone can produce detailed reconstructions of people’s online behaviors — even without reading encrypted content — and could render privacy tools like no-log VPNs ineffective.
The clash is now less about whether encryption should exist and more about how to balance investigative needs with fundamental security and privacy principles.
Any policy that erodes encryption or creates broad retention and access rules will face fierce technical criticism and practical concerns about creating systemic vulnerabilities.
Law enforcement is increasingly treating metadata as a vital investigative tool — a point the tech industry has been warning about for years.
Authorities are no longer focused solely on access to message contents; many are pushing for identities, connection logs and other metadata that reveal who is communicating with whom.
In the EU, the protectEU initiative (born from “going dark” concerns) combines a roadmap on encryption with proposals to broaden data-retention duties for online services.
Those proposals have been met with skepticism from researchers, privacy advocates and some industry players, who want a meaningful role in shaping any rules that affect users’ privacy.
Switzerland is considering a similar shift: proposed changes to its surveillance law would compel certain online providers to retain specific users’ metadata, prompting a heated national debate about the future of online anonymity.
Privacy-focused companies such as Proton and NymVPN have warned they would relocate operations if sweeping retention requirements are enacted.
The controversy highlights a clear tension: law enforcement argues broader access to metadata aids investigations, while technologists and civil-society groups warn that mandatory retention and weakened anonymity undermine fundamental privacy and trust online.
At the same time, other dynamics — from encryption policy battles to speculative effects of advances like quantum computing — complicate predictions about how privacy protections will evolve.
Whatever the outcome, the decisions being debated in Brussels and Bern will shape how much of our metadata remains private and how companies and services respond.
Why People Need VPN Services to Unblock Porn
Why People Need VPN Services to unblock porn, many users turn to VPNs to hide their IP address, encrypt traffic, and get around country- or network-level blocks so they can unblock porn with greater privacy and security. Porn unblocked means being able to access adult sites that are otherwise restricted by regional laws, workplace or school filters, or ISP limitations.
Why Choose SafeShell VPN to Access Adult Content
If people want to access region-restricted content of Porn by Porn unblock, they may want to consider the SafeShell VPN. This service combines robust privacy protections with a broad server footprint so you can bypass geographic blocks without exposing your activity; its strong encryption and anonymous connection design keep browsing private while maintaining enough throughput for smooth video playback.
Beyond basic unblocking, SafeShell VPN offers features that make it practical for everyday use: a global network that helps unblock porn sites from many countries, optimized routes that reduce buffering for HD streams, and an intuitive App Mode that lets you reach multiple regional libraries without constant server juggling. Its proprietary ShellGuard protocol is built to remain undetected by strict filters, and multi-device support covers phones, tablets, computers and smart TVs so your whole setup stays protected and accessible.
How to Use SafeShell VPN to Unlock Porn Sites
- Start by picking a subscription that matches your needs and register an account with SafeShell VPN through their official site or app store listing.- Download and install the client on the device(s) you plan to use, following on-screen prompts and granting any required permissions.- Launch the app, sign in, and enable the app-routing or App Mode option so only selected apps or traffic use the VPN if you prefer that setup.- Choose a server located in the region whose content you want to access, selecting a nearby or high-speed node for better performance.- Connect to the chosen server and verify your new IP and location using a reliable IP-check tool to ensure the tunnel is active.- Turn on privacy features such as the kill switch and DNS leak protection, clear cookies and cache in your browser, then open the sites you wish to view.- When finished, disconnect the VPN or switch servers as needed, and remember to log out of accounts and close private tabs to maintain your privacy.
