Legislation working its way through the Senate Intelligence Committee would force technology companies to design and manufacture smartphones, computers and software accessible to government. Apple, Microsoft, Google and other corporations would be required to provide back door keys and encryption workarounds if the bill becomes law.
The Compliance with Court Orders Act requires “the provision of data in an intelligible format to a government pursuant to a court order, and for other purposes.” The bill does not define “other purposes.”
“Consumers have a right to seek solutions that protect their information,” Committee Chairman Richard Burr said in a statement. “I do not believe, however, that those solutions should be above the law.”
“No entity or individual is above the law,” said Vice Chairman Dianne Feinstein, a California Democrat. “The bill we have drafted would simply provide that, if a court of law issues an order to render technical assistance or provide decrypted data, the company or individual would be required to do so. Today, terrorists and criminals are increasingly using encryption to foil law enforcement efforts, even in the face of a court order. We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans.”
The law “basically outlaws end-to-end encryption,” said Joseph Lorenzo Hall, chief technologist at the Center for Democracy and Technology. “It’s effectively the most anti-crypto bill of all anti-crypto bills.”
The director of the New America Foundation’s Open Technology Institute, Kevin Bankston, said that in his twenty years working on technology policy “this is easily the most ludicrous, dangerous, technically illiterate proposal I’ve ever seen.”
— Kevin Bankston (@KevinBankston) April 13, 2016
I could spend all night listing the various ways that Feinstein-Burr is flawed & dangerous. But let’s just say, “in every way possible.”
— matt blaze (@mattblaze) April 8, 2016
Compliance with Court Orders Act-Sen Burr R-NC and Sen Feinstein D-Ca Senate proposal amounts to Internet censorship https://t.co/nqQ8elTYCZ
— Bonita Hoover (@Bohoover) April 9, 2016
Stop the Compliance with Court Orders Act of 2016 – undermining data security and privacy is not okay https://t.co/Rcg2l5F5oY
— risk management (@SteveOzanCFE) April 8, 2016
Eric Rand, a computer security consultant in Southern California, said the tech community was not consulted on the bill and characterized the legislation as “a work of complete ignorance.”
“Apple’s app store, Google’s play store, any platform for software applications somehow has to vet every app to ensure they have backdoored or little enough security to comply,” Bankston told Wired. He added the bill, if enacted, would amount to censorship of the internet.
Wired argues the bill ignores the conclusion of top cryptographers that weakening encryption would be used by hackers and foreign governments to steal personal data. During its battle with the FBI in court over encryption, Apple said removing security measures on devices would amount to “unilateral disarmament” in and endless war with hackers.