Feinstein office: Leaked document not new encryption bill

Feinstein office: Leaked document not new encryption bill

The office of Sen. Dianne FeinsteinDianne Emiel FeinsteinDems reject Barr's offer to view Mueller report with fewer redactions Five takeaways from Mueller's report Only four Dem senators have endorsed 2020 candidates MORE (D-Calif.) is downplaying reports that it is working on a new encryption bill, saying it is merely an internal brainstorming file.

Just Security, a blog run by the New York University School of Law, published a piece on Friday by Cato Institute fellow Julian Sanchez saying that a new draft of encryption legislation that stakeholders were circulating had been shared with him. 

ADVERTISEMENT

A source within Feinstein's office familiar with the document says it was actually an internal brainstorming file being compiled by Feinstein’s staffers as they met with stakeholders in the encryption debate. It is not, the source stressed, legislation the office or any office is currently considering. 

There is no new draft, the source continued. 

Feinstein and Sen. Richard BurrRichard Mauze BurrGOP senator: 'No problem' with Mueller testifying Collins backs having Mueller testify Graham says he's 'not interested' in Mueller testifying MORE (R-N.C.) this year made one of the first and most controversial attempts to regulate encryption in the post-San Bernardino, Calif., shooting era. The Compliance with Court Orders Act of 2016 would have required technology companies to be able to assist the government with any warrant to decrypting data.

Advocates say legislation like the act would keep criminals and terrorists from storing data using unbreakable encryption, removing all hope that critical evidence on cell phones and computers would ever be accessible by law enforcement. 

Opponents argue that adding so-called backdoors to encryption to allow law enforcement to access data, even sparingly and with a warrant, creates a host of security problems that could undermine e-commerce and banking. Both require encryption to prevent an intermediary from stealing or altering data in transit.  

Making code more complex, say opponents, makes it more likely for there to be coding mistakes that attackers can use to break encryption.

They also point to instances like a recent breach of National Security Agency cyber weapons to show that even the agencies that are the best at protecting critical information — like the keys to an encryption backdoor — could suffer a breach. Either one of these problems would be globally catastrophic to security. 

Due to controversy and a broad lack of political will to champion encryption legislation in the Executive and Legislative branches, the bill quickly died. 

In his blog, Sanchez reviewed the new document as better than the first attempt at regulation, but he argued it shared many of its flaws.