Encryption bill draft worries tech community

The tech and privacy community is pushing back against draft legislation that would force companies to provide “technical assistance” to government investigators seeking locked data.

“The proposed policy is misguided and will ultimately lead to increased insecurity rather than increased security,” said Dean Garfield, CEO of the Information Technology Industry Council, which represents major tech players like Apple, Facebook, Google and Microsoft.

ADVERTISEMENT
The measure — from Senate Intelligence Committee Chairman Richard BurrRichard Mauze BurrCongress should build upon the ABLE Act, giving more Americans with disabilities access to financial tools Christine Todd Whitman: Trump should step down over Putin press conference GOP lambasts Trump over performance in Helsinki MORE (R-N.C.) and ranking member Dianne FeinsteinDianne Emiel FeinsteinSenate GOP breaks record on confirming Trump picks for key court Deal to fix family separations hits snag in the Senate Election Countdown: Senate, House Dems build cash advantage | 2020 Dems slam Trump over Putin presser | Trump has M in war chest | Republican blasts parents for donating to rival | Ocasio-Cortez, Sanders to campaign in Kansas MORE (D-Calif.) — was was first obtained by The Hill Thursday night.

The lawmakers’ efforts are a response to concerns that criminals and terrorists are increasingly relying on encrypted devices to hide from authorities.

The tech community’s reaction to the draft was not surprising.

While law enforcement has long pressed Congress for such legislation, the tech community and privacy advocates warn that it would undermine security and endanger online privacy.

The draft language did little to assuage these concerns.

“This bill is a clear threat to everyone’s privacy and security,” said Neema Singh Guliani, a legislative counsel with the American Civil Liberties Union.

The measure states that a company must provide “information or data” to the government “in an intelligible format” when served with a court order.

If the company cannot meet this standard, it must offer “technical assistance as is necessary to obtain such information or data,” according to the draft.

Activist groups and privacy advocates on Capitol Hill insist that this language would require companies to create dangerous “backdoors” for secure products.

“This legislation says a company can design what they want their back door to look like, but it would definitely require them to build a back door,” said Sen. Ron WydenRonald (Ron) Lee WydenHouse passes measure blocking IRS from revoking churches' tax-exempt status over political activity Senators introduce bipartisan bill to improve IRS Senate panel advances Trump IRS nominee MORE (D-Ore.), the Intelligence Committee’s main opponent to the bill.

Forcing computer engineers to maintain a back door to encrypted data is like leaving a key under the mat, these critics say. Hackers will eventually find that key.

“For the first time in America, companies who want to provide their customers with stronger security would not have that choice — they would be required to decide how to weaken their products to make you less safe,” Wyden said.

Apple has used similar arguments to rebuff several FBI court orders seeking the type of “technical assistance” the bill would require.

The tech giant claimed that complying with such requests would create a back door that could expose millions of Apple users to hackers.

The moves have angered numerous lawmakers who blasted the company for stymying legitimate investigations. The high-profile standoffs also helped spur Burr and Feinstein to move on their bill.

The terror attacks in Paris, San Bernardino, Calif., and Brussels only added to the duo’s urgency. Investigators said the believe encryption helped the assailants evade authorities, although little concrete evidence has been produced to validate the claims.

In a joint statement, Burr and Feinstein cautioned that they were still working on the bill. A public draft is expected sometime next week, after President Obama has a chance to review the measure.

“We’re still working on finalizing a discussion draft and as a result can’t comment on language in specific versions of the bill," the duo said in a joint statement. “We’re still in the process of soliciting input from stakeholders and hope to have final language ready soon.”

The Burr-Feinstein bill likely faces an uphill battle in Congress.

Eleven bipartisan senators have already signed on as co-sponsors to a competing measure from Sen. Mark WarnerMark Robert WarnerSenate panel advances Trump IRS nominee Bipartisan bill would bring needed funds to deteriorating National Park Service infrastructure Senate Dems press for info on any deals from Trump-Putin meeting MORE (D-Va.). His bill would establish a national commission to study how police can get at locked data without endangering Americans’ privacy rights.

But Burr and Feinstein both hold considerable clout, and could garner support from national security hawks in Congress, such as Sen. Tom CottonThomas (Tom) Bryant CottonBipartisan group introduces retirement savings legislation in Senate Overnight Defense: Fallout from tense NATO summit | Senators push to block ZTE deal in defense bill | Blackwater founder makes new pitch for mercenaries to run Afghan war Hillicon Valley: DOJ appeals AT&T-Time Warner ruling | FBI agent testifies in heated hearing | Uproar after FCC changes rules on consumer complaints | Broadcom makes bid for another US company | Facebook under fire over conspiracy sites MORE (R-Ark.) and Sen. John McCainJohn Sidney McCainControversial Trump judicial nominee withdraws Trump vows to hold second meeting with Putin Ex-Montenegro leader fires back at Trump: ‘Strangest president' in history MORE (R-Ariz.).