A trio of Senate Republicans introduced an encryption bill aimed at helping law enforcement late Tuesday.
It is already facing widespread opposition.
The bill would essentially require tech companies offering encryption to help law enforcement access encrypted data if a warrant is produced.
The “Lawful Access to Encrypted Data Act” is the latest bill to zero in on encryption, and specifically “would require device manufacturers and service providers to assist law enforcement with accessing encrypted data if assistance would aid in the execution of the warrant,” according to a background of the bill released Tuesday.
The background goes onto say: “Increasingly, technology providers are deliberately designing their products and services so that only the user, and not law enforcement, has access to content—even when criminal activity is clearly taking place. This type of ‘warrant-proof’ encryption adds little to the security of the communications of the ordinary user, but it is a serious benefit for those who use the internet for illicit purposes.
The bill was introduced on Tuesday by Sen. Lindsey Graham (R-S.C.), Sen. Tom Cotton (R-Ark.), and Sen. Marsha Blackburn (R-Tenn.). It stops short of allowing the Justice Department to tell companies how to comply with the law, such as giving them “specific technical steps” on how to do it.
It also received the backing of Attorney General William Barr, who has long argued for law enforcement back doors into encryption. Barr claimed that “warrant-proof encryption” allows “criminals to operate with impunity.”
Graham, Cotton, and Blackburn also touted much of the same talking points about encryption back doors for law enforcement that Barr has made in the past.
Just last month, Barr and FBI Director Christopher Wray slammed Apple for refusing to unlock an iPhone belonging to the Pensacola Naval Air Station shooter.
In response, Apple said the two law enforcement officials were making “false claims” as an excuse to “weaken encryption.”
Republican encryption bill is ‘dangerous’ advocates say
The newly unveiled bill is already facing stiff opposition from privacy advocates, who have long claimed that creating a back door into encryption for law enforcement would lead to bad actors also finding a way in.
Albert Fox Cahn, the founder and executive director of the Surveillance Technology Oversight Project (STOP), told the Daily Dot the Republican-backed bill was “misguided.”
“Lawmakers continue to fundamentally misunderstand encryption. When you build a back door for police, you build a lock that can be picked by hackers, foreign governments, and common criminals,” Cahn said. “In the rush to give police a peephole into the most private parts of our lives, they threaten to create a national security nightmare that will potentially expose all of our most intimate information. Outlying strong encryption, just because it can be misused by some, is like outlying cars because they can be used as getaway vehicles: it’s a misguided solution that does far more harm than good.”
Meanwhile, Kurt Opsahl, the deputy executive director of the Electronic Frontier Foundation (EFF), called the bill “dangerous.”
“This dangerous bill is nothing more than another attempt to legislate a security flaw into technology,” Opsahl said in a statement to the Daily Dot. “There is no way to provide access to securely encrypted data without a backdoor—which could be exploited by bad actors, putting millions of ordinary users at risk.”
Encryption is having its day in the Senate
The bill from Graham, Cotton, and Blackburn isn’t the only bill in the Senate that has generated attention from encryption proponents.
The EARN IT Act would dangle the liability shield afforded to websites under Section 230 of the Communications Decency Act if they don’t adhere to a series of best practices for combating child exploitation online.
However, because the Justice Department and attorney general would have a large say in what those best practices are, privacy advocates have warned that an encryption backdoor is likely to be required of websites if they hope to keep Section 230 protections.
The bill has faced fierce opposition, with more than 550,000 people signing a petition from digital rights group Fight for the Future calling for Congress to reject the bill.
End-to-end encryption services like Signal have warned that, if passed, the EARN IT Act would make it impossible for them to operate in the United States.
Joshua Lund, a developer at Signal, explained the issue in a blog post in April.
“Some large tech behemoths could hypothetically shoulder the enormous financial burden of handling hundreds of new lawsuits if they suddenly became responsible for the random things their users say, but it would not be possible for a small nonprofit like Signal to continue to operate within the United States,” Lund wrote in a blog post.