Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

US Could Force Firms to Help Break Encryption, Under New Bill

Washington – Two key US lawmakers Wednesday unveiled legislation to require technology firms to help law enforcement unlock encrypted devices — prompting a fierce outcry from the industry and privacy activists.

Washington – Two key US lawmakers Wednesday unveiled legislation to require technology firms to help law enforcement unlock encrypted devices — prompting a fierce outcry from the industry and privacy activists.

The bill released by Senators Richard Burr and Dianne Feinstein of the Senate Intelligence Committee comes in the wake of a heated legal battle pitting the FBI against Apple as part of an investigation into last year’s San Bernardino attacks.

“No entity or individual is above the law,” said Feinstein, the top Democrat on the committee chaired by Republican Burr.

“Today, terrorists and criminals are increasingly using encryption to foil law enforcement efforts, even in the face of a court order. We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans.”

The lawmakers in a joint statement said the proposal was a “discussion draft” and that they would “solicit input from the public and key stakeholders before formally introducing the bill.”

“I am hopeful that this draft will start a meaningful and inclusive debate on the role of encryption and its place within the rule of law,” Burr said. “Based on initial feedback, I am confident that the discussion has begun.”

The use of strong encryption in applications and smartphones, with they keys only available to users, has raised concerns in law enforcement that criminals and others may operate in secrecy, with investigators unable to gain access to data even with a court order.

Legislation similar to the Senate proposal is also being considered in other countries, notably Britain and France, amid concerns that attackers have been using encryption to avoid detection.

But the Senate draft, which was leaked to media earlier this week, sparked intense criticism both from the technology industry and digital rights activities, claiming it would effectively create a “back door” for law enforcement which could be exploited by hackers and other governments.

Kevin Bankston of the New America Foundation’s Open Technology Institute said the bill would require “every tech vendor in America to use either backdoored encryption or no encryption at all, even though practically every security expert in the country would tell you that means laying down our arms in the constant fight to secure or data against thieves, hackers, and spies.”

Daniel Castro of the Information Technology & Innovation Foundation, a Washington think tank, said the bill “sets up a legal paradox that would further muddy the waters about how and when the government can compel the private sector to assist in gaining access to private information.”

Gary Shapiro of the Consumer Technology Association, a trade group representing hundreds of technology firms, called the measure an “overreaction” to fears on encryption.

“There is no consensus in the intelligence community that a requirement to force manufacturers to open encryption is the correct policy,” Shapiro said in a statement.

The US government last month withdrew its request to force Apple to help unlock an iPhone used by one of the San Bernardino shooters, saying the FBI had found another means to access the data. But several cases are pending against Apple and other firms.

Last week, Facebook-owned WhatsApp said it had implemented end-to-end encryption for its billion users, so that no other party can read the messages.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Privacy

The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Cybercrime

The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Cyberwarfare

Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still...