Amazingly, some Hill dwellers are pro-encryption, and are starting to fight for citizens’ privacy rights. The first step seems to be to stop individual States from enacting their own crazy anti-crypto laws.
The Bill for an “Ensuring National Constitutional Rights for Your Private Telecommunications Act of 2016” (a/k/a the ENCRYPT Act) just got placed before the House, by representatives Ted W. Lieu (D-Cali), Blake Farenthold (R-Tex), Suzan DelBene (D-Wash), and Mike Bishop (R-Mich). It seeks, in the jargon, to “preempt” States from getting involved—in other words, it argues this is a Federal matter.
But the Bill’s sponsors want to go further: They’re known for their pro-encryption stance. At least three of the four are on record as saying that backdoors and escrow are stupid ideas, which will be counter-productive.
In IT Blogwatch, bloggers cheer here to hear it.
Your humble blogwatcher curated these bloggy bits for your entertainment.
What’s the craic? Cyrus Farivar reports—House bill would kill state, local bills that aim to weaken smartphone crypto:
Rep. Ted Lieu...Blake Farenthold [and two others] introduced a new bill...that attempts to halt state-level efforts that would weaken encryption.
Lieu and Farenthold’s federal bill would need to pass both the House...and the Senate as well as be signed by the President.
Lieu...noted that while he respects his law enforcement colleagues...recent events solidify his argument. ... "The people who are asking for a backdoor encryption key do not understand the technology. ... You cannot have a backdoor key [only] for the FBI."
"If our federal government cannot keep 20 million extremely sensitive [OPM] security records, I don't see how [we] can keep encryption keys safe."
Since his election in 2014, the...congressman has taken a strong pro-encryption stance. ... He is just one of four House members with computer science degrees.
Why now? Brian Barrett brings clarity—New Bill Aims to Stop State-Level Decryption Before It Starts:
Local legislators have embarked on a curious quest to ban encryption at a state level. ... This makes no sense.
ENCRYPT [is] a short, straightforward bill with a simple aim: to preempt states’...anti-encryption policies.
A patchwork of state anti-encryption laws makes no sense. [It] is so infeasible, it’s hard to believe that it’s even an issue worth addressing. ... It manages to be both wildly impractical and entirely unenforceable.
The good news [is] Lieu’s bill already has strong bipartisan support. ... It will alleviate concerns over the logistical nightmare that state-sponsored anti-encryption laws would create.
Well, OK, yes, but. Don Reisinger notes the pachyderm within the walls—House Bill Would Stop States From Banning Phone Encryption:
[Four] members of Congress are trying to stop states from weakening encryption.
Regardless of what happens on Capitol Hill [there’s still] the issue of encryption. Law enforcement officials have criticized Apple and Google for hardening their communication platforms.
It would be impossible for Apple, as well as law enforcement, to intercept [iMessage]. Law enforcement agencies say such features put the public at risk. Apple and Google...say they're protecting individual rights to privacy.
Commentators offer reactions that are, let’s say, not entirely unexpected. For example, this from convergent:
Imagine the citizens of the USA being able to have the right to privacy! I think these people forget who they work for.
Not to mention he's too stupid to realize that even if Apple put in a back door, the criminals could add their own additional encryption for which there would be no backdoor.
Uh-huh, yep. And this, from Bostwickenator:
The idea of banning encryption in any form is a clear demonstration of the lack of field knowledge these law makers must deal with. It is a pity that to combat this we have to produce laws to outlaw laws.
TL:DR don’t ban math ya luddites.
How about we give the last word to a co-sponsor of the bill? Here’s Congresswoman Suzan DelBene (D-WA):
Requiring companies to weaken devices with ‘backdoors’ means we open up innocent Americans to...bad actors who would love easier access to our citizens’ personal information.
Given this reality, a patchwork of state laws on encryption will not make us safer. Rather, they open us up to attacks, and weaken...security, not strengthen it.
You have been reading IT Blogwatch by Richi Jennings, who curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Catch the key commentary from around the Web every morning. Hatemail may be directed to @RiCHi or firstname.lastname@example.org.
Opinions expressed may not represent those of Computerworld. Ask your doctor before reading. Your mileage may vary. E&OE.