Alfred Ng, CNet:
On Tuesday, Republican lawmakers introduced the Lawful Access to Encrypted Data Act, which calls for an end to “warrant-proof” encryption that’s disrupted criminal investigations. The bill was proposed by Sen. Lindsey Graham, chairman of the Senate Judiciary committee, along with Sens. Tom Cotton and Marsha Blackburn. If passed, the act would require tech companies to help investigators access encrypted data if that assistance would help carry out a warrant.
Lawmakers and the US Justice Department have long battled with tech companies over encryption, which is used to encode data. The Justice Department argues that encryption prevents investigators from getting necessary evidence from suspects’ devices and has requested that tech giants provide “lawful access.”
The proposed legislation stops short of requiring tech companies to create a backdoor, noting that the attorney general is prohibited from giving specific steps on how tech companies need to comply with lawful access orders.
It may not require a specific implementation, but eradicating meaningful encryption by introducing vulnerabilities is exactly what this bill mandates:
The debate over encryption and lawful access has raged on, unresolved, for years. The Lawful Access to Encrypted Data Act would bring an end to warrant-proof encryption in devices, platforms, and systems.
Pay little attention to the deliberate use of “warrant-proof” to describe end-to-end encryption. All end-to-end encryption is unable to be accessed by anyone other than the users at each endpoint; that is, almost always, a very good thing.
There is simply no way to do what Senate Republicans are envisioning without some form of back door access. But, as writing that into the bill would likely trigger a First Amendment case should it be voted and signed into law, it instead includes some magical thinking:
Directs the Attorney General to create a prize competition to award participants who create a lawful access solution in an encrypted environment, while maximizing privacy and security.
And I would very much like to acquire a house without expending any money.
There are clearly concerns about what nefarious users of end-to-end encryption are hiding, but requiring everyone to bend to that level means that we all become vulnerable. Making it easier for law enforcement to look into the activities of terrible people makes it easier for terrible people to take advantage of everyone else.
Besides, U.S. intelligence took over a year to discover that their most sensitive and powerful hacking tools had been sent outside its ostensibly secure walls. I don’t trust them with having a key to my phone.