In the wake of the FBI’s feud with Apple over bypassing the encryption of San Bernardino shooting suspect Syed Rizwan Farook’s iPhone, the US Congress is proposing a new bill that aims to outlaw effective encryption, what is termed “technical assistance”, requiring any company or entity to build in backdoors to its security systems for law enforcement to exploit.
In a draft of the proposed bill, written by a committee led by Senators Dianne Feinstein (D-California) and Richard Burr (R-North Carolina) and leaked by politics news outlet The Hill, businesses are required to release “information or data” if served with a court order – meaning that they are legally obligated to have access to that data in the first place – or provide law enforcement agencies with “technical assistance as is necessary to obtain such information in an intelligible format or to achieve the purpose of the court order.”
While talk suggests that the leaked draft of the bill is close to its final iteration, its final draft could still change, especially since it does not have the support of President Obama. It is not yet known if this version of the bill has been submitted to Congress.
“While the bill claims that it in no way is designed to force companies to redesign their products, this is a subtle hypocrisy,” Jonathan Zdziarski , a computer forensics and encryption expert, wrote in a blog post. “The reality is that there is no possible way to comply with it without intentionally backdooring the encryption in every product that may be used in the United States.”
“This bill would not only be surrendering America’s cybersecurity but also its tech economy, as foreign competitors would continue to offer—and bad guys would still be able to easily use!–more secure products and services,” Kevin Bankston, Director of the New America Foundation’s Open Technology Institute, told Vice Motherboard. “The fact that this lose-lose proposal is coming from the leaders of our Senate’s intelligence committee, when former heads of the NSA, DHS, the CIA and more are all saying that we are more secure with strong encryption than without it, would be embarrassing if it weren’t so frightening.”