Roughly one month after United States senators introduced that would require tech companies to provide law enforcement with access to encrypted user data, a companion bill was introduced in the House of Representatives this week.
read more
Republican senators have introduced what they have described as a “balanced” bill that would require technology companies to give law enforcement agencies access to encrypted user data. Authorities in the United States and other countries have long tried to convince — an in some cases force — tech companies to develop and use encryption that would allow law enforcement to access encrypted data if needed. Experts have argued that adding backdoors to encryption systems would also allow malicious actors to abuse those backdoors, thus defeating the purpose of strong encryption. Senators Lindsey Graham (R-South Carolina), Tom Cotton (R-Arkansas) and Marsha Blackburn (R-Tennessee) are making another attempt with a new bill introduced on Tuesday, which they have named the Lawful Access to Encrypted Data Act. They claim the goal of the bill is to “bolster national security interests and better protect communities across the country by ending the use of ‘warrant-proof’ encrypted technology by terrorists and other bad actors to conceal illicit behavior.” The officials believe that while encryption is “vital” for securing data, communications and financial transactions, law enforcement should be given access to the information they seek if they present a warrant. Governments typically argue that end-to-end encryption hinders law enforcement investigations into the activities of alleged terrorists, criminals and pedophiles. The senators who introduced the Lawful Access to Encrypted Data Act also say that strong encryption “adds little to the security of the communications of the ordinary user, but it is a serious benefit for those who use the internet for illicit purposes.” On the other hand, security and privacy experts who support the use of end-to-end encryption provide journalists, activists, whistleblowers and members of persecuted groups as examples of individuals for whom strong encryption is crucial. Governments would like tech companies to develop encryption that provides strong encryption for users while also giving law enforcement access to encrypted data for use in their investigations. This is technically impossible without implementing a backdoor that could also be abused by malicious actors. The Republican senators say the Lawful Access to Encrypted Data Act is more balanced compared to previously proposed legislation because in addition to forcing device manufacturers and service providers to help law enforcement gain access to encrypted data, it provides incentives. The Attorney General would be allowed to ask companies to report on their ability to comply with court orders, but it’s prohibited from forcing vendors to use specific technical methods. Moreover, the government would compensate companies for their compliance and the Attorney General would create a prize competition to reward those who create a solution that maximizes privacy and security while allowing lawful access to encrypted data. The Justice Department would also fund a grant program to “increase digital evidence training for law enforcement and creates a call center for advice and assistance during investigations.” Related: WhatsApp Defends Encryption as It Tops 2 Billion Users Related: DoJ Again Asks for Encryption Backdoors After Hacking US Naval Base Shooter's iPhones Related: Inside GCHQ's Proposed Backdoor Into End-to-End Encryption
Tags: