Republican bill seeks end to 'warrant-proof' encryption
AppleInsider may earn an affiliate commission on purchases made through links on our site.
U.S. Senate Republicans on Tuesday introduced the Lawful Access to Encrypted Data Act, a bill that seeks to weaken encryption technologies that have in the past put a damper on law enforcement operations.
The proposed bill is heralded by sponsors as a means to strengthen national security interests and "better protect communities across the country" by ending "warrant-proof" encrypted technology used by terrorists and bad actors.
If enacted, the law would force tech companies to help agencies access encrypted data in service of a warrant.
Senate Judiciary Committee Chairman Lindsey Graham (R-SC) and Senators Tom Cotton (R-AR) and Marsha Blackburn (R-TN) proposed the act.
"Tech companies' increasing reliance on encryption has turned their platforms into a new, lawless playground of criminal activity. Criminals from child predators to terrorists are taking full advantage," said Cotton. "This bill will ensure law enforcement can access encrypted material with a warrant based on probable cause and help put an end to the Wild West of crime on the Internet,"
Government entities, namely law enforcement agencies, have long sought to dismantle strong encryption methods, including end-to-end messaging encryption, on-device encryption and other forms of personal data security, in a bid to streamline investigations. Critics and tech companies that market encrypted products, like Apple, argue strong encryption is a vital cog in the data privacy machine that, if weakened, leaves users vulnerable to attack.
"Terrorists and criminals routinely use technology, whether smartphones, apps, or other means, to coordinate and communicate their daily activities. In recent history, we have experienced numerous terrorism cases and serious criminal activity where vital information could not be accessed, even after a court order was issued. Unfortunately, tech companies have refused to honor these court orders and assist law enforcement in their investigations," Graham said in a statement.
While not mentioned by name, Apple in 2016 refused to comply with FBI requests to create a "backdoor" into an iPhone associated with a terror suspect. CEO Tim Cook at the time called the demand "dangerous," noting a backdoor into one device would put the security of millions in jeopardy.
Still, government bodies have persisted.
"My position is clear: After law enforcement obtains the necessary court authorizations, they should be able to retrieve information to assist in their investigations," Graham said. "Our legislation respects and protects the privacy rights of law-abiding Americans. It also puts the terrorists and criminals on notice that they will no longer be able to hide behind technology to cover their tracks."
While Apple has vehemently argued against the creation of backdoors, it continues to comply with court orders and valid warrants for data as dictated by existing law.
Today's proposal includes a provision that would allow the attorney general to hold a competition that gives a prize for discovering methods of accessing encrypted data while "maximizing privacy and security." As noted by CNET, security experts have long regarded such concepts as impossible.
"The bill announced today balances the privacy interests of consumers with the public safety interests of the community by requiring the makers of consumer devices to provide law enforcement with access to encrypted data when authorized by a judge," Attorney General Bill Barr said in a statement, CNET reports. "I am confident that our world-class technology companies can engineer secure products that protect user information and allow for lawful access."
The proposed bill is the latest attempt to dilute strong encryption technologies developed by big tech companies.
Last year, the White House mulled support of measures that would ban end-to-end encryption techniques. More recently, Apple, Facebook and others were threatened with an act that would erode Section 230 protections if they continue to shield malicious content behind encryption protocols.