Civil-liberties groups are asking the White House to publicly oppose a bill that would require companies to comply with warrants for their users' encrypted data.
A draft of the bill, from Sens. Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.), sparked nearly universal condemnation from security experts and civil libertarians when it leaked last Friday. The bill would require companies that receive court orders for user data to either directly furnish that data "in an intelligible format" or offer any "technical assistance" necessary to acquire the data in a readable format.
Burr and Feinstein presented their bill to the White House last week and have held its release as President Obama reviews it. Denis McDonough, Obama's chief of staff, reportedly briefed the president on the bill Monday. Reuters reported last Thursday that the White House would not endorse the encryption bill, citing "sources familiar with the discussions."
"It is beyond dispute that this bill would threaten the safety of billions of Internet users, including journalists, activists, and ordinary people exercising their right to free expression, as well as critical infrastructure systems and government databases," 34 civil-liberties groups and several academics wrote in their letter to Obama. "However, it would likely to do very little to assist in investigations of crime or terrorism, since those who engage in illegal activities will have access to other means to protect their own devices and communications."
Burr and Feinstein's bill is Congress's latest attempt to combat the problem of criminals and terrorists using encryption to hide their activities. Terrorist attacks in Paris and San Bernardino, California, last year brought renewed interest to a debate over the role of encryption in public life. The showdown between the Justice Department and Apple over the locked iPhone of a San Bernardino shooter turned encryption into a mainstream news story.
"If Obama won't say no to this, the worst possible 'solution' to the encryption 'problem,' what will he say no to?"
Many senior law enforcement and intelligence officials, including FBI Director James Comey, want tech companies to design their encryption so that they can always comply with warrants demanding user data.
Tech companies and cryptographers respond that the fundamental nature of encryption, as well as the demonstrated persistence of rogue and state-sponsored hackers, makes it impossible to place so-called "backdoors" in encryption code without seriously jeopardizing the safety of innocent users.
"Data breaches and security incidents—including in the past weeks—demonstrate that companies are barely keeping ahead of adversaries even when they are devoting all of their relevant resources to maintaining system integrity," the groups wrote to Obama. "We cannot now require that they work backward to implement security holes which bad actors will inevitably break through."
President Obama has called support for unbreakable encryption "absolutist" and described it as "fetishizing our phones above every other value," but his administration declined to pursue encryption legislation late last year after determining that such an approach was technologically and politically untenable.
"Although we appreciate the White House refusing to support legislation on encryption at this time, this new and dangerous proposal from Senators Burr and Feinstein raises the question: if Obama won't say no to this, the worst possible 'solution' to the encryption 'problem,' what will he say no to?" Kevin Bankston, director of New America's Open Technology Institute, told the Daily Dot via Twitter DM.
"Why should the tech industry cooperate with the White House on anything in these last months of the Administration," Bankston said, "if it won't stand up for them at all even against such an overreaching proposal?"
The civil-liberties groups' letter also pointed out that the White House had yet to issue a full response to a pro-encryption petition that passed the 100,000-signature threshold in October. A White House spokesman declined to comment when asked when to expect that response.