In recent months, the government has regularly been unable to underscore technological security and privacy in the digital sphere, as more and more tech companies turn to encrypting their data. From the Apple case to the recent WhatsApp encryption overhaul, individuals have witnessed a glimmer of hope that their privacy may once again be protected from government interference. However, this consumer privacy is in danger once more as Congress seeks to nullify the system of encryption.
The Hill recently obtained a draft of a piece of legislation, sponsored by Senators Dianne Feinstein and Richard Burr, which would drastically increase the federal government’s power over online data. In a bold-faced slight at tech companies concerned with data security, the bill aptly starts with the clause that “no person or entity is above the law,” clearly referencing the failure to compel Apple’s compliance with colonial-era laws. However, as disrespectful to individual privacy as these introductory clauses are, the rest of the bill is much more terrifying.
In short, the bill would force all companies collecting data to submit that data to the government at the command of a court order. If the data received is “unintelligible” to the government (i.e. encrypted), then the companies would be forced to render that data “intelligible.” Essentially, this piece of legislation would force companies to decrypt their own encrypted data (which they don’t even have access to), or to leave all of their data available to government access. Furthermore, these requirements for easy access extend to license distributors, meaning that every single app sold online would have the same standard of crippled security. With one piece of legislation, the entire ecosystem of encrypted data would be compromised by government intervention.
In the short time that the draft has been circulating, there has been an overwhelming outcry against such government missteps, and for many different reasons. Clearly, this is an example of the federal government undermining the civil liberties of its citizens and the marketplace agreement between customers and tech companies with encryption capabilities. Also, by mandating that all data remain unencrypted or easily decrypted, foreign hackers and cyber-spies will have the same ease of access to the information as the federal government, opening the door for incredible data vulnerabilities. The scope of the government’s reach would be limitless, and the damage done to individuals would be severe.
Numerous tech companies, civil liberty groups, and lawmakers have unilaterally opposed this bill as it currently exists. Rep. Darrel Issa (R-Calif.) has publically condemned the legislation, stating that “this legislation would effectively prohibit any company who wants to improve the security of its products from doing so because government’s ability to access our personal and private information is more important than innovation.” For data security and consumer privacy to flourish, efforts to weaken encryption standards to benefit the government must continue to be opposed.