Senators Richard Burr (R-NC) and Dianne Feinstein (D-CA) are circulating a draft bill that would give federal court judges broad authority to force companies into helping law enforcement bypass data encryption. The bill is vague enough so that judges would have to decide when companies should have to aid law enforcement, exactly how they would do that, and what penalties they could face for failing to comply.
New senate bill could give courts wide control over encryption
The Burr-Feinstein bill doesn't include wording requiring companies to create back doors into their products, according to Reuters, which could make it more appealing to law makers who have resisted encryption-related legislation in the past. It's vague nature, however, could be concerning for others.
The draft bill is making the rounds in the shadow of the DOJ and FBI fight with Apple over whether or not the company can be forced to create a version of iOS that removes security measures designed to block brute force attacks on iPhone passcodes. The DOJ and FBI say the All Writs Act gives the authority to demand the weakened operating system, but Apple says it's outside the government's authority, and it sets a dangerous precedent that will erode privacy and security.
The FBI obtained a Federal court order compelling Apple to create the less secure version of iOS so agents could crack into the work issued iPhone recovered from Syed Farook after a terrorist shooting. Mr. Farook and his wife, Tashfeen Malik, killed 14 of their San Bernardino County coworkers and injured 22 others. They were both killed in a police shootout.
The recovered iPhone had been issued to Mr. Farook by the county, but couldn't be unlocked because no one knew the passcode. Federal agents wanted to see its encrypted contents in case it held any clues about the shooting or other potential terrorist incidents.
Apple helped the FBI recover as much data as it could, but doesn't have any way to bypass lockscreen passcodes.
Apple filed a motion to vacate the court order along with a formal complaint. Apple and the FBI were scheduled to defend their positions in court today, but the FBI asked to cancel the hearing saying a third party has the ability to decrypt the iPhone.
With today's hearing cancelled, the FBI has until April 5th to report back to the court with its findings.
Data encryption is clearly a hot button issue with law enforcement raising concerns over criminals and terrorists "going dark" and hiding their activities behind devices the government can't access. On the other side of the argument, tech companies and privacy advocates say we need continually stronger encryption methods to protect our data from those same criminals and terrorists, and that giving the government ways to work around encryption is akin to giving everyone free access to our personal data.
Cancelling today's hearing doesn't bring the FBI's fight with Apple to an end, nor does it resolve the questions surrounding whether or not companies should be forced to create tools the government can use to hack into the devices they sell.
Apple CEO Tim Cook said his company will not backdown from protecting encryption during a media event on Monday where new iPhone and iPad models were introduced. "We owe it to our customers and we owe it to our country," Mr. Cook said. "We will not shrink from this responsibility."
The government isn't backing down, either. The draft of the Burr-Feinstein bill isn't going to become law any time soon, and even if it does finally land on the President's desk it's a safe bet there will have been changes to the wording. Congress is divided on how to deal with encryption issues, which will make passing any bill even harder.
What's more likely is that the FBI's fight with Apple will make it all the way to the U.S. Supreme Court. That is, unless the FBI's new mystery friend really can hack into the San Bernardino iPhone, and the agency drops its fight with Apple.