Republican bill seeks end to 'warrant-proof' encryption
U.S. Senate Republicans on Tuesday introduced the Lawful Access to Encrypted Data Act, a bill that seeks to weaken encryption technologies that have in the past put a damper on law enforcement operations.
The proposed bill is heralded by sponsors as a means to strengthen national security interests and "better protect communities across the country" by ending "warrant-proof" encrypted technology used by terrorists and bad actors.
If enacted, the law would force tech companies to help agencies access encrypted data in service of a warrant.
Senate Judiciary Committee Chairman Lindsey Graham (R-SC) and Senators Tom Cotton (R-AR) and Marsha Blackburn (R-TN) proposed the act.
"Tech companies' increasing reliance on encryption has turned their platforms into a new, lawless playground of criminal activity. Criminals from child predators to terrorists are taking full advantage," said Cotton. "This bill will ensure law enforcement can access encrypted material with a warrant based on probable cause and help put an end to the Wild West of crime on the Internet,"
Government entities, namely law enforcement agencies, have long sought to dismantle strong encryption methods, including end-to-end messaging encryption, on-device encryption and other forms of personal data security, in a bid to streamline investigations. Critics and tech companies that market encrypted products, like Apple, argue strong encryption is a vital cog in the data privacy machine that, if weakened, leaves users vulnerable to attack.
"Terrorists and criminals routinely use technology, whether smartphones, apps, or other means, to coordinate and communicate their daily activities. In recent history, we have experienced numerous terrorism cases and serious criminal activity where vital information could not be accessed, even after a court order was issued. Unfortunately, tech companies have refused to honor these court orders and assist law enforcement in their investigations," Graham said in a statement.
While not mentioned by name, Apple in 2016 refused to comply with FBI requests to create a "backdoor" into an iPhone associated with a terror suspect. CEO Tim Cook at the time called the demand "dangerous," noting a backdoor into one device would put the security of millions in jeopardy.
Still, government bodies have persisted.
"My position is clear: After law enforcement obtains the necessary court authorizations, they should be able to retrieve information to assist in their investigations," Graham said. "Our legislation respects and protects the privacy rights of law-abiding Americans. It also puts the terrorists and criminals on notice that they will no longer be able to hide behind technology to cover their tracks."
While Apple has vehemently argued against the creation of backdoors, it continues to comply with court orders and valid warrants for data as dictated by existing law.
Today's proposal includes a provision that would allow the attorney general to hold a competition that gives a prize for discovering methods of accessing encrypted data while "maximizing privacy and security." As noted by CNET, security experts have long regarded such concepts as impossible.
"The bill announced today balances the privacy interests of consumers with the public safety interests of the community by requiring the makers of consumer devices to provide law enforcement with access to encrypted data when authorized by a judge," Attorney General Bill Barr said in a statement, CNET reports. "I am confident that our world-class technology companies can engineer secure products that protect user information and allow for lawful access."
The proposed bill is the latest attempt to dilute strong encryption technologies developed by big tech companies.
Last year, the White House mulled support of measures that would ban end-to-end encryption techniques. More recently, Apple, Facebook and others were threatened with an act that would erode Section 230 protections if they continue to shield malicious content behind encryption protocols.
The proposed bill is heralded by sponsors as a means to strengthen national security interests and "better protect communities across the country" by ending "warrant-proof" encrypted technology used by terrorists and bad actors.
If enacted, the law would force tech companies to help agencies access encrypted data in service of a warrant.
Senate Judiciary Committee Chairman Lindsey Graham (R-SC) and Senators Tom Cotton (R-AR) and Marsha Blackburn (R-TN) proposed the act.
"Tech companies' increasing reliance on encryption has turned their platforms into a new, lawless playground of criminal activity. Criminals from child predators to terrorists are taking full advantage," said Cotton. "This bill will ensure law enforcement can access encrypted material with a warrant based on probable cause and help put an end to the Wild West of crime on the Internet,"
Government entities, namely law enforcement agencies, have long sought to dismantle strong encryption methods, including end-to-end messaging encryption, on-device encryption and other forms of personal data security, in a bid to streamline investigations. Critics and tech companies that market encrypted products, like Apple, argue strong encryption is a vital cog in the data privacy machine that, if weakened, leaves users vulnerable to attack.
"Terrorists and criminals routinely use technology, whether smartphones, apps, or other means, to coordinate and communicate their daily activities. In recent history, we have experienced numerous terrorism cases and serious criminal activity where vital information could not be accessed, even after a court order was issued. Unfortunately, tech companies have refused to honor these court orders and assist law enforcement in their investigations," Graham said in a statement.
While not mentioned by name, Apple in 2016 refused to comply with FBI requests to create a "backdoor" into an iPhone associated with a terror suspect. CEO Tim Cook at the time called the demand "dangerous," noting a backdoor into one device would put the security of millions in jeopardy.
Still, government bodies have persisted.
"My position is clear: After law enforcement obtains the necessary court authorizations, they should be able to retrieve information to assist in their investigations," Graham said. "Our legislation respects and protects the privacy rights of law-abiding Americans. It also puts the terrorists and criminals on notice that they will no longer be able to hide behind technology to cover their tracks."
While Apple has vehemently argued against the creation of backdoors, it continues to comply with court orders and valid warrants for data as dictated by existing law.
Today's proposal includes a provision that would allow the attorney general to hold a competition that gives a prize for discovering methods of accessing encrypted data while "maximizing privacy and security." As noted by CNET, security experts have long regarded such concepts as impossible.
"The bill announced today balances the privacy interests of consumers with the public safety interests of the community by requiring the makers of consumer devices to provide law enforcement with access to encrypted data when authorized by a judge," Attorney General Bill Barr said in a statement, CNET reports. "I am confident that our world-class technology companies can engineer secure products that protect user information and allow for lawful access."
The proposed bill is the latest attempt to dilute strong encryption technologies developed by big tech companies.
Last year, the White House mulled support of measures that would ban end-to-end encryption techniques. More recently, Apple, Facebook and others were threatened with an act that would erode Section 230 protections if they continue to shield malicious content behind encryption protocols.
Comments
Do not think that the Obama administration would not have wanted to have that kind of power, too. It was that administration that approved applications for 501(c)4 status of political organizations on a purely partisan basis (remember Lois Lerner?). Do you have any doubts that they would not have taken the next step, if weak encryption had enabled it and their political opponents had seen it fit to use it? What about a future administration that might see itself following in the ideological footsteps of the Obama administration?
Just like the Second Amendment, strong encryption protects the citizen or associations of citizens from a despotic government. Although we don’t have the right to privacy enshrined in the constitution, it seems to me that it is a natural right, or as the Declaration of Independence puts it, an inalienable right. None of our founding documents purport to provide a complete enumeration of such natural rights. As a matter of fact, the Tenth Amendment states, “The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.” Likewise, I am certain that it would have been the understanding of the Founding Fathers that there are unenumerated rights. Otherwise there would have never been a constitution without the Bill of Rights, which was passed and ratified two years later.
Once a key is leaked, anybody with access to it can use it. Encryption is math, and math does not care if you believe in truth, justice, and the American way. It also, incidentally, doesn't care if you have a warrant or not.
This will provably make US citizens and companies more vulnerable.
Edited to add: I suspect they aren't thinking through any implications of this. Once tech exists for one country to compel a manufacturer to decrypt a device's data, all countries will have the same access. Several countries notably have very low thresholds for warrants. What do these senators think would happen when China brings a phone to Apple and says "Here's a warrant. Decrypt it.", and it turns out the phone actually belongs to the US ambassador or some large business interest?
It is quite possible that all it would take for this bill to die is one Senator or Congressperson to be forced to hand over their phone to police. As long as it's the right Senator or Congressperson.
What I'm afraid that some great and wonderful judge will sign an secret order for all black people accounts or for accounts from a specific country - for example Slovenia, eventually for ALL Apple accounts...
But I agree with you about the necessity of strong encryption. Personal liberty is dependant on strong encryption. Privacy is the foundation of the Bill of Rights and in the 21st century privacy is dependant on strong encryption.
And to all those that like to assume what news programs I watch/listen to, this is a bad idea. The two major political parties are the enemies of this constitutional republic.