The Internet Association, which represents many of America’s most famous and most powerful technology companies, harshly criticized a draft Senate bill that would force tech companies to comply with warrants targeting encrypted data.
Michael Beckerman, the group’s president and CEO, said that legislation to be introduced soon by Sens. Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.) would create “a mandate that companies engineer vulnerabilities into their products or services, which will harm national security and put Americans at risk.”
A draft of the bill, which leaked last week, would order tech firms that receive court orders demanding encrypted data to provide that data “in an intelligible format” and to offer any “technical assistance” necessary to either translate data into a readable format or “achieve the purpose of the court order.”
The legislation is a response to Apple’s decision to fight a court order directing it to help the FBI access San Bernardino shooter Syed Farook’s locked iPhone.
The Justice Department dropped that high-profile fight late last month after a third party presented it with another way to obtain the data it sought, but in the aftermath of terrorist attacks last year in San Bernardino and Paris, lawmakers like Burr and Feinstein have argued that unbreakable encryption is a threat to public safety and must be stopped.
The Internet Association represents tech heavyweights like Amazon, Dropbox, eBay, Etsy, Facebook, Google, Netflix, Spotify, Twitter, Uber, and Yahoo. Like many trade groups that take policy positions, it polls its members before issuing statements. An Internet Association spokesman declined to comment on member companies’ response to this statement, but the group has consistently advocated for strong encryption in the past.
Many of the group’s members supported Apple with amicus briefs in the San Bernardino court battle. Companies that offer encrypted products and services fear losing business to overseas competitors if a bill like the one offered by Burr and Feinstein ever becomes law. These companies are also filled with engineers who see improving security as their mission in life and balk at government demands to weaken encryption for investigative purposes.
“Strong encryption is vital to protecting national security, personal privacy, communications, the electric grid, hospitals, and our defense systems, Beckerman said. “Mandating the weakening of encryption will put the United States’ national security and global competitiveness at risk without corresponding benefits.”
Burr and Feinstein’s legislation is part of a decades-long battle between government officials and technologists over the nature of encryption. Senior officials like FBI Director James Comey want tech companies to design encryption so that they can pierce it if they receive warrants for data. Security engineers and tech executives warn that so-called “backdoors” in encryption would endanger their users and society at large, because of how ubiquitous encryption is and how determined hackers are to find and exploit any loopholes in it.
In its statement, tied to the release of an encryption explainer video, the Internet Association described Burr and Feinstein’s bill as a directive to “undermine security features or offer lesser security,” and it said the language created “a contradiction by asking companies to both weaken and maintain security at the same time.”
A Burr spokeswoman and a Feinstein spokesman did not respond to requests for comment on the Internet Association’s statement.