Tech and Privacy Experts Erupt Over Leaked Encryption Bill

“Burr-Feinstein may be the most insane thing I’ve ever seen.”

Steven Senne/AP


A draft of a highly anticipated Senate encryption bill was leaked to The Hill late on Thursday night, sparking a swift backlash from technology and privacy groups even before the legislation has been introduced.

The bill is co-sponsored by Sens. Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.), the chairman and ranking Democrat on the Senate Intelligence Committee. Both senators are leading advocates for encryption “backdoors” that would allow law enforcement and intelligence agencies to read secure messages. Some government officials, led by FBI Director James Comey, say such access is needed because criminals and terrorists are increasingly using encryption to dodge surveillance as they plot crimes and attacks. But tech and privacy advocates say there’s nothing to prevent cybercriminals and hackers from exploiting the same backdoors.

The Burr-Feinstein bill would require companies to respond to court orders for data by providing decrypted information or giving the government “such technical assistance as is necessary to obtain such information or data in an intelligible format.” The bill covers virtually every company involved with providing secure internet services, from device manufacturers and the makers of encrypted chat apps to “any person who provides a product or method to facilitate a communication or the processing or storage of data.” The bill does not lay out the penalties for refusing to comply with such court orders, as Apple recently did when it rejected the FBI’s request to help unlock an iPhone belonging to one of the San Bernardino shooters. An Apple lawyer declined to comment on the bill during a conference call with reporters on Friday.

Cryptography experts and privacy advocates immediately and overwhelmingly condemned the bill. “I could spend all night listing the various ways that Feinstein-Burr is flawed & dangerous. But let’s just say, ‘in every way possible,'” wrote Matt Blaze, a prominent cryptographer and professor at the University of Pennsylvania, in a tweet late on Thursday night. Julian Sanchez, a privacy and technology expert at the libertarian Cato Institute, responded similarly:

Advocates charge that the bill’s broad language will act as a dragnet, making nearly every tech company that provides an encrypted service subject to decryption requests that smaller companies may be unable to handle. “It will force companies that have implemented the strongest security measures to backtrack in order to poke holes in their own systems, and will prevent others from developing those systems in the first place,” said Amie Stepanovich, the US policy director for the digital freedom advocacy group Access Now, in a statement.

Reuters reported on Thursday that the White House would not support the bill, in keeping with its pledge last year not to demand any laws mandating backdoors into encryption. But White House deputy press secretary Eric Schultz insisted the report was wrong and that the bill was still under review. “The idea that we’re going to withhold support for a bill that’s not introduced yet is inaccurate,” he told reporters aboard Air Force One.

FACT:

Mother Jones was founded as a nonprofit in 1976 because we knew corporations and the wealthy wouldn't fund the type of hard-hitting journalism we set out to do.

Today, reader support makes up about two-thirds of our budget, allows us to dig deep on stories that matter, and lets us keep our reporting free for everyone. If you value what you get from Mother Jones, please join us with a tax-deductible donation today so we can keep on doing the type of journalism 2019 demands.

We Recommend

Latest

Sign up for our newsletters

Subscribe and we'll send Mother Jones straight to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate

We have a new comment system! We are now using Coral, from Vox Media, for comments on all new articles. We'd love your feedback.