Government

Republican momentum builds for bills requiring encryption circumvention

With a "lawful access" companion bill introduced in the House now, Republican legislators are putting the pedal to the metal on proposals that would require tech firms to give law enforcement access to encrypted services.

By Shannon Vavra

July 31, 2020

Republican lawmakers are pushing more legislation on Capitol Hill that would require technology companies give law enforcement access to encrypted devices and services.

Rep. Ann Wagner, R-Mo., introduced a bill on Thursday (H.R. 7891) to serve as a companion to a Senate bill that would require manufacturers of encrypted devices and service providers to be able to decrypt data after a court issues a warrant for user communications.

Sens. Lindsey Graham, R-S.C., Marsha Blackburn, R-Tenn., and Tom Cotton, R-Ark., co-sponsored the Senate version of the bill, which they have touted as a way to stop child abusers and terrorists who seek to evade law enforcement attention through using encrypted services and devices.

It’s just the latest series of GOP-backed bills introduced in the last year on Capitol Hill, including the EARN IT Act, that could degrade encryption’s security and privacy benefits at the peril of all users, for the benefit of some law enforcement probes, security and privacy experts say.

The EARN IT Act, which would make tech companies liable for content on their platforms, has already passed through the Senate Judiciary Committee.

The lawful access bills are more brazen, according to Andrew Crocker, a senior staff attorney on the Electronic Frontier Foundation’s civil liberties team. Crocker has called the earlier Senate bill “more out of touch with reality” than even other anti-encryption bills like the EARN IT Act, noting the lawful access proposal would provide law enforcement a backdoor in all but name.

“The bill is sweeping in scope. It gives the government the ability to demand these backdoors in connection with a wide range of surveillance orders in criminal and national security cases, including Section 215 of the Patriot Act, a surveillance law so controversial that Congress can’t agree whether it should be reauthorized,” Crocker said.

Even in cases where companies have designed systems to only be accessible to users, the government could require they redesign the system so that decryption can be provided to law enforcement, EFF has said.

The Trump administration’s Department of Justice has taken a different tune on the encryption and lawful access bills. Attorney General Bill Barr applauded the introduction of the companion bill, noting he thinks the pandemic adds urgency to passing the legislation.

“I applaud Representative Wagner for introducing this critical lawful access legislation. Although strong encryption is vital, we cannot allow the tech industry to use encryption that blinds law enforcement and prevents it from thwarting or investigating serious crimes and national security threats, including terrorist plots, cyberattacks, and sexual exploitation,” Barr said in a statement. “The danger is particularly great for children, especially during this time of coronavirus restrictions when children are spending more time online.”