Two high-ranking U.S. senators on Wednesday released to the public a proposed bill that would grant courts the authority to order tech companies dealing in hardware, software or services help law enforcement agencies gain access to encrypted communications.
The draft bill, dubbed "Compliance with Court Orders Act of 2016," was penned by Senate Intelligence Committee Chairman Sen. Richard Burr (R-NC) and Vice Chair Sen. Dianne Feinstein (D-CA) in a bid to streamline government requests for encrypted data. In its current form, the legislation would require companies like Apple to bypass their own security measures, access target data and present it to law enforcement agencies in an "intelligible" — decrypted — format.
As applied to Apple's recent kerfuffle with the FBI over a passcode locked iPhone connected to last year's San Bernardino massacre, the company would have been forced to "provide, in a timely manner, responsive, intelligible information or data, or appropriate technical assistance to obtain such information or data" after having received a court order demanding as much.
Importantly, the bill requires data be handed over in an "intelligible" format, defined as information or data that has either never been encrypted, or has been encrypted and subsequently decrypted for authorities. Since the legislation does not refer to a specific data gathering methodologies, or limitation thereof, the onus of thwarting built-in security measures, extracting data and decrypting it falls solely on the company.
As compared to previously leaked versions, today's draft has been narrowed and now only applies to cases involving crimes resulting in death or serious bodily harm, foreign intelligence and espionage, terrorism, federal crimes against minors, serious felonies and federal drug cases.
The controversial bill has been the topic of much debate since it was learned that Burr and Feinstein were mulling its creation in February. An early version recently leaked online and was promptly thrashed by security experts who called the proposal "ludicrous" and "dangerous."
According to Reuters, the groups who leaked the bill last week say no substantial changes were made in the interim. The publication notes Burr and Feinstein released the draft version to gather feedback from lawmakers and their constituents.
"I am hopeful that this draft will start a meaningful and inclusive debate on the role of encryption and its place within the rule of law," Burr said in a statement. "Based on initial feedback, I am confident that the discussion has begun."
26 Comments
I can only conclude they intentionally proposed the most extreme position possible so as to make their final position seem reasonable by comparison and therefore claiming some faux compromise while still achieving their primary goal of essentially outlawing private encryption.
Pure stupidity due to knee jerk reactions by politicians.
If there were awards for irony in titles, the "Senate Intelligence Committee" would win top honors every year. Also, if brains were C-4, Feinstein and Burr couldn't blow their own noses.
Regarding the requirement of "timely"...
Do they also require the tech vendor to break the laws of physical? Or is 220 years considered "timely" (given the performance limits of current technology)?
Dear Sen. Burr and Sen. Feinsein, I hereby submit my feedback:
"Your bill is fatally flawed and based on arrogance and ignorance, or better yet, sheer stupidity. Further, as members of the US Select Committee on Intelligence, please let us know when you've finally found some."
Please advise if you need any further feedback or assistance.