Lawmakers Reintroduce Bill to Bar Government Encryption Backdoors

enzozo/Shutterstock.com

Featured eBooks

Digital First
Cloud Smarter
Cybersecurity & the Road Ahead

The move comes as Attorney General Jeff Sessions is pushing for legislation to allow access to encrypted communications.

A bipartisan sextet of House lawmakers reintroduced a bill Thursday that would bar the government from forcing communications providers to install law enforcement backdoors in their encryption systems.

The bill comes just three days after Attorney General Jeff Sessions told a law enforcement conference in Arizona that legislation may be necessary to force law enforcement access to warrant-proof encryption systems.

FBI leaders have complained since 2014 that end-to-end encryption systems, which shield the content of customer communications from the communications provider, were allowing terrorists and criminals to “go dark” online.

Thus far, however, legislation to force tech companies to cooperate with law enforcement on the issue has not advanced.

Critics of warrant-proof encryption say it hampers law enforcement’s ability to track terrorists and other dangerous actors. Most technology experts, however, say any backdoor for law enforcement would inevitably be found by criminal hackers, making all people’s communications less secure.

The issue nearly came to a head in 2015 when the FBI tried to legally compel Apple to help it crack into an encrypted iPhone used by San Bernardino shooter Syed Farook. The FBI stepped back, however, when an unnamed third party offered the bureau a way to hack into the phone without Apple’s help.

A March report from the FBI’s inspector general found FBI officials did not explore all possible options before taking Apple to court and may have been more interested in setting a legal precedent than in accessing the phone’s contents as quickly as possible.

“Encryption backdoors put the privacy and security of everyone using these compromised products at risk,” sponsor Rep. Zoe Lofgren, D-Calif., said in a statement. “It is troubling that law enforcement agencies appear to be more interested in compelling U.S. companies to weaken their product security than using already available technological solutions to gain access to encrypted devices and services.”

The Secure Data Act, introduced Thursday, would bar both law enforcement and judges from compelling companies to design encryption backdoors into their products or to alter their products to allow backdoors.

The bill includes an exception for mandates and court orders issued under the Communications Assistance for Law Enforcement Act, commonly called CALEA, a Clinton-era law that applies only to telephone companies, internet service providers and voice over internet protocol services, such as Skype.

In addition to Lofgren, the bill was sponsored by Reps. Thomas Massie, R-Ky., Jerrold Nadler, D-N.Y., Ted Poe, R-Texas, Ted Lieu, D-Calif. and Matt Gaetz, R-Fla.

A 2015 version of the bill did not apply to court orders.