Lawmakers introduce compromise encryption bill

A bipartisan pair of lawmakers on Monday introduced legislation to establish a national commission exploring how police can get at encrypted data without endangering Americans’ privacy.

ADVERTISEMENT

The measure, from House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark WarnerMark WarnerLawmaker bemoans tax 'buzzsaw' for on-demand economy workers Reid throws wrench into Clinton vice presidential picks Reid: 'Hell no' to VP pick from state with a Republican governor MORE (D-Va.), comes as Apple is fiercely opposing a court order requiring it to help the FBI unlock the iPhone of one of the San Bernardino shooters.

“The challenge of protecting national security and digital security simultaneously is complex. The ongoing Apple vs. FBI dispute is only a symptom of a much larger problem. But we are almost certain to see this scenario repeated unless the larger issue is addressed,” McCaul said in a Monday statement.

The bill is intended to cut through the heated rhetoric that has defined the encryption debate in the wake of the terror attacks in Paris and San Bernardino, Calif.

The FBI and law enforcement officials have warned that extremists are increasingly using encrypted platforms to “go dark” and hide their plans from authorities. They are calling on tech companies to provide investigators with guaranteed access to secure data.

But the tech industry and privacy advocates have resisted. They insist such guarantees would create “backdoors,” or security vulnerabilities, that hackers and spies could exploit.

The McCaul-Warner commission would consist of 16 members, including tech industry executives, privacy advocates, cryptologists, law enforcement officials and members of the intelligence community.

Modeled after the 9/11 Commission, the group would have six months to create an interim report, and a year to deliver its full findings. Its scope would expand beyond encryption, exploring more broadly how authorities can maintain security with the proliferation of modern technology.

The bill has drawn a broad bipartisan group of co-sponsors that includes Sens. Cory GardnerCory GardnerSenate GOP gears up for fight over Gitmo transfers GOP seeks to remove funding to design Gitmo alternative GOP senator: Obama used Zika money for climate fund MORE (R-CO), Brian Schatz (D-Hawaii), Susan CollinsSusan CollinsGOP lawmaker: 'Republicans were wrong’ to block Garland Senate passes broad spending bill with .1B in Zika funds Senators unveil bill to overhaul apprenticeship programs MORE (R-Maine), Michael BennetMichael BennetGOP ad calls Clinton 'a living history of scandal' Trump, GOP agree: ObamaCare helps us GOP hopefuls struggle with support of Trump MORE (D-Colo.), Shelley Moore CapitoShelley Moore CapitoInvest in infrastructure to transform America Senate Republicans ask Trump to soften his tone Skittish GOP to Trump: Drop the insults MORE (R-W.Va.), Angus KingAngus KingHouse, Senate at odds on new authority for cyber war unit House defense bill elevates cyber force, defying White House Overnight Cybersecurity: Obama signs trade secrets bill MORE (I-Maine) and Dean HellerDean HellerLake Mead hits record low water level Tough choice for vulnerable GOP senators: Embrace or reject Trump Press: Forget about GOP unity in 2016 MORE (R-Nev.), as well as a further 15 lawmakers in the House.

McCaul and Warner’s offering is one of several pieces of encryption legislation circulating both chambers, some of which support the FBI’s position and some of which support the stance of technologists and privacy advocates.

The commission is seen as a compromise measure and has arguably drawn the most support of the various offerings.

The bill’s backers have been bullish on its prospects, even going so far as to suggest it will get White House support. The administration has been mostly mum on the subject of encryption since backing away from supporting any legislative proposal last fall — although it is expected to announce an updated policy in light of the terrorist attacks in San Bernardino, Calif., and Paris.

The technology community was quick to offer their support to the offering.

“The significant risk associated with this issue demands a thoughtful and deliberate response,” said Mark MacCarthy, Senior Vice President of Public Policy at the Software and Information Industry Association.

“Without a thorough and informed examination of the threats, Congress must avoid legislating new technology requirements — requirements that could ultimately harm national security more than help,” he said.