Cybersecurity

Bill Aims to Keep States From Banning Smartphone Encryption

United States Reps. Ted Lieu, D-Calif., and Blake Farenthold, R-Texas, last week introduced legislation to prevent states from passing laws banning the sale of smartphones with encryption capabilities.

The “ENCRYPT Act of 2016,” as the bill is known, provides that a state or political subdivision of a state may not mandate or request that a manufacturer, developer, seller or provider of covered products either design a security backdoor or modify existing security functions to allow the surveillance of their users or allow their physical search “by any agency or instrumentality of a state, a political subdivision of a state or the United States.”

No Backdoors

The bill prohibits the use of products or services from manufacturers, developers, sellers or providers to decrypt or otherwise render intelligible information that has been encrypted or otherwise rendered unintelligible.

Covered products and services include computer hardware, software, electronic devices, and online services available to the general public.

In short, the bill aims to shut off attempts by the FBI, NSA and law enforcement agencies in the U.S. to force high-tech companies to include security or encryption backdoors or otherwise provide access to information on devices.

Rationale for the Act

“I was concerned when I saw the New York State legislator’s bill that would mandate encryption backdoors, and got more concerned when the California state legislature introduced a similar bill,” Lieu told TechNewsWorld. “California is a Democratic state, and if a Democratic legislator introduces the bill, I figure it will pass.”

The FBI, the NSA and other law enforcement agencies have been pressing for encryption backdoors.

FBI Director James Comey went so far as to suggest Congress might have to intervene if Apple and Google refused to remove default encryption from iOS and Android, but some lawmakers gave that suggestion a chilly reception.

A Weather Eye

“You can’t design a smartphone that would work in different states differently in terms of encryption, because people travel in different states all the time,” Lieu pointed out.

The issue is not about encryption, per se, he said. “Whether you believe in encryption backdoors or oppose them, you can still support the [ENCRYPT 2016] bill, because states shouldn’t get into interstate commerce.”

The bill “introduces people to the issue,” observed Daniel Castro, a vice president at the Information Technology & Innovation Foundation, and “in some ways, it educates policy makers on the issue.”

It also “sends a signal to the states that Congress is keeping an eye on things, and maybe they’ll give the issue some serious consideration,” Castro told TechNewsWorld.

“We need a national policy on this,” he remarked. “It’s not just about screwing up encryption but about how we can do national security really well.”

Richard Adhikari

Richard Adhikari has written about high-tech for leading industry publications since the 1990s and wonders where it's all leading to. Will implanted RFID chips in humans be the Mark of the Beast? Will nanotech solve our coming food crisis? Does Sturgeon's Law still hold true? You can connect with Richard on Google+.

2 Comments

  • People forget what happened before smartphones had encrypted signals. There was a huge problem with simple signal scanners being used to hijack phone lines, and make calls using other peoples phones.

    Cell phones also store credit card information now, along with more than enough personal information for a blackmailer to go after family and friends of anyone with money.

    Removing encryption doesn’t just allow access to criminals phones, it gives criminals the same key. It is like mandating the removal of door locks to maken it easier for police to search houses. It goes too far, and very much conflicts with the right to privacy.

  • It appears that these two congressmen have lost sight of the fact that there job is primary to protect the AM erican people etc… 90% of the AM erican people do not care if the government has a backdoor key that can be used or acquired via court order. There is no reason not to allow for encryption that protects your data from everyone except law enforcement and court system. Other wise you are giving the terrorist and criminals a tremendous advantage and it will eventually if not already cost AM erican lives. The modern encryption systems are not breakable at least in any timely manor (which is paramount to successful investigations). I would say to the phone manufactures you register a master key with the fbi or you don’t sell phones in the united states. And further if during a terrorist investigation any encrypted phone without a master key filed is used the phone manufacturer should be arrested for collusion with the terrorist.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Richard Adhikari
More in Cybersecurity

Technewsworld Channels