Article Lead Image

Ruiwen Chua / Flickr (CC by 2.0) | Remix by Max Fleishman

Here’s the bill proposing a U.S. government ‘encryption commission’

The breakdown of the proposed membership is interesting.


William Turton


Posted on Feb 29, 2016   Updated on May 27, 2021, 3:53 am CDT

Two lawmakers have unveiled a bipartisan bill to create a digital-security commission to “find common ground” on key 21st-century issues.

Sen. Mark Warner (D-Va.) and Rep. Michael McCaul (R-Texas) hope their commission can help de-escalate tensions between the government and Silicon Valley that have reemerged in recent weeks, with Apple fighting a court order compelling it to write custom code to unlock a terrorist’s iPhone.

The digital-security commission—which would address encryption but not focus on it exclusively—will include 16 members, with each party selecting one person from eight fields: cryptography, global commerce and economics, federal law enforcement, state and local law enforcement, the consumer-facing technology industry, the enterprise technology industry, the intelligence community, and the privacy and civil-liberties community.

The commission, which will have a year to produce a report, will be to issue subpoenas to compel witnesses to testify at hearings. Eleven of the 16 members will need to agree to publish any final report.

The commission represents one of several legislative efforts to address a contentious debate over what assistance tech companies should provide government investigators who find themselves stymied by encryption.

Senior law-enforcement and intelligence officials have suggested requiring tech firms to design their encryption so that they can bypass it if investigators bring them a warrant. These officials, including FBI Director James Comey, warn that terrorists and criminals are “going dark” by hiding their planning on encrypted messaging services.

Silicon Valley, leading cryptographers, and privacy groups strenuously oppose efforts to implement so-called “backdoors” in encryption. They argue that backdoors weaken security and risk undermining American companies’ economic competitiveness, as customers shift to foreign platforms that remain secure. Bad actors, they warn, would also shift platforms, thus defeating the purpose of the backdoor.

The requirement that 11 commission members vote to submit the final report could create problems if that report includes middle-ground, politically safe conclusions that are often a hallmark of congressionally appointed commissions.

Cryptographers—many of whom view the purity and integrity of code as sacrosanct—and privacy groups are not likely to endorse a proposal that leaves room for solutions like backdoors.

Some in Congress have already dismissed the idea of a commission considering encryption and related issues, with the leaders of the Senate Intelligence Committee drafting a bill to mandate backdoors.

Photo via Ruiwen Chua/Flickr (CC BY 2.0) | Remix by Max Fleishman

Share this article
*First Published: Feb 29, 2016, 7:15 pm CST