UPDATED 04:36 EDT / APRIL 14 2016

NEWS

Burr-Feinstein bill released, would force the end of secure end-to-end encryption

Senators Richard Burr and Dianne Feinstein released their anti-encryption bill Wednesday after an earlier draft version was leaked last week.

The proposed law, called the Compliance with Court Orders Act of 2016, would force companies to provide technical assistance to government investigators seeking locked data, a specific reference to the standoff between Apple and the Department of Justice in March over a demand that Apple unlock an iPhone belonging to one of the San Bernadino terrorists.

A company targeted under the Act would be forced to “provide, in a timely manner, responsive, intelligible information or data, or appropriate technical assistance to obtain such information or data” after having received a court order telling them to do so, and in addition, data must be handed over in an “intelligible” format, which is defined as information that has unencrypted.

The problem there is that the Act itself does not describe how this is to be done, implying that it would be up to a company to break their own encryption to do so, or the more likely scenario: building backdoors into future devices to allow access to data.

In one of the craziest things to have ever come from a politician’s mouth, law co-author Burr said in a statement that “I have long believed that data is too insecure, and feel strongly that consumers have a right to seek solutions that protect their information — which involves strong encryption…I do not believe, however, that those solutions should be above the law.”

Expert angle

“Legal mandates to weaken encryption, such as the proposed Burr-Feinstein bill, are dangerous and troubling,” Rapid 7, Inc. Director of Public Policy Harley Geiger told SiliconANGLE. “At a time when consumers, companies, and governments seek stronger cybersecurity and privacy protections, this draft bill pursues the opposite goal.”

“The Burr-Feinstein draft bill would demand that technology services and products be inherently insecure and ‘surveillance-ready,’ putting the privacy of end users at grave risk and ceding a competitive business advantage to other countries that allow more secure products,” he added.

“While the use of robust end-to-end encryption can present challenges for agencies investigating crime, it delivers enormous value in protecting users and enabling US technology companies to provide world class services. Not only is the Burr-Feinstein draft unlikely to keep strong encryption out of the hands of well-resourced criminals and terrorists, it fundamentally undermines organizations’ ability to protect their trade secrets and customer data from malicious attackers.”

The bill itself may never become law with indications that President Obama may oppose its adaptation.

Image credit: donkeyhotey/Flickr/CC by 2.0

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU