A couple of days ago, a first draft of the anti-encryption bill from Senators Richard Burr(R-NC) and Dianne Feinstein(D-CA) came to light and suffered instant backlash from security experts. The new law has been labeled so bad that only would it make the some of the NSA’s own work illegal, but it would also outlaw some of the things we’ve take for granted for years, like the ability to compress large files to share them on line.
The Compliance with Court Orders Act of the draft was met with hard criticism. More than 45,000 people already signed a petition from CREDO Action for the withdraw of the bill.
“This is the most brain dead piece of legislation I’ve ever seen.” Bruce Schneier, an encryption expert told The Register. “ The person who wrote this either has no idea how technology works or just doesn’t care.”
Scheier said that the bill would make most of the NSA’s work illegal unless the agency is willing to bake back doors into its encrypted communications. He also added that simple products such as data compression algorithms could be banned under the new law. Files that can’t be decrypted on demand, or decompressed to their original size, look the same to the law.
On line data that gets deleted might also be subject to this law, which means ISP’s should find ways to retrieve all the deleted information if it is deemed necessary.
“We have serious concerns with the proposal released today because it effectively puts limits on data security and we are concerned it would ultimately undermine security, innovation, and public safety,” Business Software Alliance president Victoria Espinel said. “We believe this bill would stunt the development and use of security technologies such as encryption, both today and into the future.”
It has been said that the proposed bill would put every American at risk of being spied on by foreign nations, and hackers. The anti encryption bill would require tech companies and phone makers to decrypt customer data at a court’s request.
“This bill would require American companies to build back doors,” Ron Wyden (D-OR) said.
With encryption becoming more common in devices and apps, the number of unencrypted services are falling into the minority. Apple encrypts storage on iPhones, Google encrypted the connection between email servers, and Facebook owned WhatsApp encrypts messages end to end. With a hack happening around every minute, and the constant threat of nation state hackers, encryption is the front line that keeps important data scrambled and unreadable to outside parties.
The bill wants to put the needs of law enforcement over the risk of hackers, by punching a hole in Silicon Valley’s encryption efforts. It would force companies to install a back door, or use week encryption, making the data readable and useful to law enforcement. Doing this would also make the encrypted data readily available for malicious use as well.
By mandating a back door in almost every tech product and service, the bill wold fundamentally and needlessly undermine one of the sectors with the strongest security. America’s cybersecurity and economic security would suffer if the Burr-Feinstein bill becomes law, and that means its national security is at risk.