Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
66,069
34,920



A draft of an encryption bill created by Senate Intelligence Committee leaders Richard Burr and Dianne Feinstein was released last night, revealing the scope of the legislation that would require technology companies to decrypt data and share it in an "intelligible format" when served with a legal order.

The Compliance with Court Orders Act of 2016, a copy of which was shared by Re/code, starts out by declaring "no person or entity is above the law." It says that all providers of communication services and products, from hardware to software, must both protect the privacy of residents of the United States through "implementation of appropriate data security," while still respecting the "rule of law" and complying with legal requirements and court orders to provide information stored either on devices or remotely.

feinsteinburr.jpg
To uphold both the rule of law and protect the interests and security of the United States, all persons receiving an authorized judicial order for information or data must provide, in a timely manner, responsive, intelligible information or data, or appropriate technical assistance to obtain such information.
In acknowledgement of the disagreement between the FBI and Apple, the legislation does include a clause that prevents it from authorizing "any government officer to require or prohibit any specific design or operating system to be adopted by any covered entity," and it shies away from specific technical demands, but the wording of the act itself, with no contingencies for inaccessible data, makes end-to-end encryption impossible. Any data encrypted by companies must also be able to be decrypted.

Security experts have heavily criticized the bill. Daniel Castro of the Information Technology and Innovation Foundation told Re/code the bill "sets up a legal paradox" while the ACT/App Association said it amounts to a government-mandated back door. Security researcher Jonathan Zdziarski says the entire bill is dangerous, calling it "a hodgepodge of technical ineptitude combined with pockets of contradiction."
The absurdity of this bill is beyond words. Due to the technical ineptitude of its authors, combined with a hunger for unconstitutional governmental powers, the end result is a very dangerous document that will weaken the security of America's technology infrastructure. This will affect everything from the iPhone you hold in your pocket to how data is transmitted over the Internet, allowing the government to effectively break all electronic commerce and Internet security. This is bad legislation in every way, and it very subtly allows for unconstitutional government control of private industry.
In a report yesterday, Reuters said the White House has decided not to offer public support for the legislation, as "the administration remains deeply divided on the issue." The bill is still in draft form, with the language subject to changes based on input from stakeholders. In a joint statement, Burr and Feinstein said they hope to have a final version completed soon.

Update 4/13: An official draft of the Compliance with Court Orders Act of 2016 was released on April 13, with few changes from the version released earlier in the month.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Article Link: Senate Draft Encryption Bill Called 'Absurd,' 'Dangerous,' and Technically Inept
 
Noooooo.... No way.... Inept......

Why is it that people are willing to stand up to these morons on technological issues, but not on anything else? Do we really think that they're any more competent in any other area?? Are these the people who you want regulating and running your life?? -__-

Edit: I would add as a reminder that this is a Republican Senate, and its no freaking better than the S***hole that was the Democratic Senate.

Beware, the statists agree on something...
 
"The absurdity of this bill is beyond words. Due to the ... ineptitude of its authors, combined with a hunger for unconstitutional governmental powers, the end result is a very dangerous document that will weaken ... America."

Cut out one or two words and you realize this happens in congress a few times a year, not just with technology. ;-)
 
If this gets any footing, there will be a huge surge in extra-jurisdiction encryption servers for personal data and communications. While these have existed for a while, wide use will create court cases and OS level integration. I can see something like "iCloud secure" resident in outside any USA extradition.
 
The Compliance with Court Orders Act of 2016, a copy of which was shared by Re/code, starts out by declaring "no person or entity is above the law." It says that all providers of communication services and products, from hardware to software, must both protect the privacy of residents of the United States through "implementation of appropriate data security," while still respecting the "rule of law" and complying with legal requirements and court orders to provide information stored either on devices or remotely.

So, privacy must be protected, except that it must not be protected. Easy! But impossible.
 
I wish people would stop using this stupid Scribd website. I just want to view the PDF itself without having to create an account. Anyone have a link readily available?

govtrack.us

edit - not up yet, but good website in general for tracking bills
 
  • Like
Reactions: jeremiah256
So this bill, unlike virtually every other regulatory bill that comes out Congress, was not ghost-written by the regulated industry itself? That would be so exceptional an occurrence as to be essentially impossible.

It helps to be able to hear the dog that isn't barking.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.