Tech by VICE

Senators Promise to 'Solicit Input' for Anti-Encryption Bill

But tech experts have already given their verdict: It stinks.

by Janus Rose
Apr 14 2016, 10:00am

Senators Richard Burr and Dianne Feinstein. Photo: Tom Williams/CQ Roll Call

Senators Dianne Feinstein and Richard Burr have officially released a draft of their long-awaited encryption bill, which was met with widespread mockery and horror from security experts when it leaked last week.

The bill's official discussion draft is substantively identical to the leaked version, and would force companies to provide law enforcement with access to encrypted communications when they are compelled by a court—effectively mandating the creation of backdoors in their products and imposing a ban on end-to-end encrypted communications apps.

"Today, terrorists and criminals are increasingly using encryption to foil law enforcement efforts, even in the face of a court order," wrote Feinstein in a press release Wednesday. "We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans."

The senators also state they will "solicit input from the public and key stakeholders" before the bill is formally introduced in Congress.

But so far, the only "stakeholders" Feinstein and Burr seem interested in discussing the bill with are non-technical people who are already on their side. On Monday, the senators announced a briefing on the bill with a panel composed entirely of cops and prosecutors.

"You would think they would be interested in feedback from a more diverse set of stakeholders even before releasing the draft text, but here we are," said Joseph Lorenzo Hall, Chief Technologist at the Center for Democracy and Technology. "We will certainly give our feedback, and we always aim to be constructive, although it won't be pretty and they won't like it."

Meanwhile, many tech experts and privacy advocates have already given their unsolicited input, calling the proposal "ludicrous, dangerous" and "technically illiterate."

"The essential contradiction here with Burr-Feinstein is that strong encryption is a creature of math, and relatively simple math at that, whereas court orders are legal instrument," Hall told Motherboard in an email. "To say math can't trump court orders doesn't make sense. To say a business can't offer a product that does complicated math is even less sensical."

"The primary effect of this bill would be to make secure communications and computing more difficult to accomplish and less user-friendly; providers will need to have people install open source or foreign components to provide end-to-end strong encrypted communications and storage. It will essentially be impossible to offer secure communications as a business entity."

Senator Ron Wyden of Oregon, who has sponsored another bill that protects encryption called the Secure Data Act, vowed to filibuster Feinstein and Burr's bill if it reaches the Senate floor.

"The encryption debate is about having more security or having less security. This legislation would effectively outlaw Americans from protecting themselves," Wyden said in a statement on Wednesday. "And yet it will not make us safer from terrorists or other threats. Bad actors will continue to have access to encryption, from hundreds of sources overseas."

"Americans who value their security and liberty must join together to oppose this dangerous proposal."