California Bill Would Ban Encrypted Smartphones

| Editorial

It turns out that New York isn't the only state with uninformed state legislators with misguided thoughts on technology. California Assembly Member Jim Cooper (D-9th) introduced Assembly Bill 1681 this week, a bill that would ban the sale of all encrypted smartphones without backdoors available to the manufacturer.

California Assembly Member Jim Cooper Promo Shot

Promo shot of Assembly Member Cooper, in the middle
Source: Mr. Cooper's website

Put another way, Assembly Member Cooper wants to make all of us vulnerable to the hacking of criminal organizations, malicious hackers, and foreign governments, and he's trying to do it in the very state that is home to Apple and Google.

From the bill:

This bill would require a smartphone that is manufactured on or after January 1, 2017, and sold in California, to be capable of being decrypted and unlocked by its manufacturer or its operating system provider. The bill would, except as provided, subject a seller or lessor that knowingly failed to comply with that requirement to a civil penalty of $2,500 for each smartphone sold or leased.

This is similar to a bill introduced in the New York State Assembly by Assemblyman Matthew Titone, and they are both examples of state legislators well out of their depth when it comes to technology, at least as it pertains to encryption.

Such ignorance is the sort of thing that the Congressional Cybersecurity Lab being created by the Woodrow Wilson International Center for Scholars could help address. The CCL, however, is being aimed at national politicians, not the next tier down at the state level.

Which brings up the point of why there are two such second stringers who think they are more qualified to address this issue than regulators and politicians at the national level.

If Mr. Cooper represents you, write him and tell him that encryption efforts uniformly understand that a backdoor open to anyone is available to everyone, and that you will not vote for anyone trying to weaken our privacy and what protections we have against malicious actors on the global stage.

Popular TMO Stories



Fine, then if the bill passes Apple should pull all iPhones, and to be on the safe side iPads and iPod Touches, from all stores in California, not just Apple Stores, ALL OF THEM. Poof, the bill passes and the shelves are empty, except for a sign saying

{quote] Due to California Law (Assembly Bill 1681, authored by California Assemblyman Cooper) it is now illegal for Apple to sell secure devices in California. As Apple is not willing to produce and sell insecure and therefor defective products we have accordingly pulled all of our devices from sale within this state. Any complaints should be directed to the office of Assemblyman Cooper (xxx-xxx-xxxx, your local Assemblyman, or the Governor’s Office (xxx-xxx-xxxx).

The bill would be retracted within a day.


Lee Dronick

Can a State do this? I would think that it would have to be done at the Federal level. And what about buying the phone in a State that doesn’t have such a law.

Scott B in DC

@Lee, the state can do this within the domain of its laws. It would not apply to equipment on federal land or equipment owned and operated by and for the federal government. A contractor using an encrypted phone doing their job for the federal government would not be under jurisdiction.

You can buy a phone anywhere, just that you can buy a gun anywhere. The difference is that once you bring them into the state, the phone company you connect with may be required to ensure the phone is not encrypted. The gun can be brought in unregistered, but you take your chances like you would with the phone.

The states can do this and many will try. You can choose to not follow the law if you are ready to fact the consequences and/or fight the state in the courts. Civil disobedience is a way to express your displeasure.

HOWEVER, I believe that it is highly unlikely that this bill will pass. The large tech companies (Apple and Google, for example) have large presences in the state and will apply the right pressure to ensure that such a misguided bill does not make it out of committee. I am sure that the industry has already hired lobbyist to make sure this bill does not see the light of day.

Lee Dronick

  The difference is that once you bring them into the state, the phone company you connect with may be required to ensure the phone is not encrypted

And travelers?

This is a difficult situation to balance. On one hand I well understand law enforcement and intelligence agency concerns, on the other hand the right and need for privacy of honest individuals and businesses.

So Apple builds an encrypted iPhone without a backdoor and some hacker gets in anyway as always seems to happen, what have we gained?

Anyway I too don’t think that this will happen here in California


I saw a tweet the other day comparing phones to homes and encryption to locks. The response is that the police can still break down your door. It isn’t that they want no locks/encryption on our phones, just they want ones they can break. I could further add that locks on homes really only keep the honest or less ambitious crooks out. People learn to pick locks, break windows, etc.

So, to the point that a hacker could still break a good encryption system, yes, and so can the FBI and NSA. So they already have a way of breaking in if they really want to. It isn’t like most people have very secure passwords on their devices. What we’ve gained is that it takes a more determined hacker to break in, instead of someone who just uses the built-in back door, like someone who knew about the spare key you keep under your door mat.


I live in NY and if these ridiculous laws pass I will cease to upgrade my iPhone any further, until there is a way for the end user to encrypt without back doors!  This is not a case of “having anything to hide” it’s a case of “we have every right to protect what is ours”.

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account