Burr-Feinstein Encryption Draft Faces Backlash

Keep up with the latest developments and legal issues in the telecommunications and emerging technology sectors, with exclusive access to a comprehensive collection of telecommunications law news,...

By Kyle Daly

April 13 — A draft bill that would require technology and communications companies to crack their own encryption to obtain customer data and communications if ordered by a court faces a tough road against opposition from Silicon Valley, privacy advocates, and some lawmakers.

Sens. Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.), respectively chair and vice chair of the Senate Select Committee on Intelligence, released a discussion draft on April 13. It would require any person or entity that provides a product or method to facilitate communication or process or store data to comply with any court order requesting decrypted data or communications. The draft includes a list of examples of covered entities, including device and software makers and e-mail providers.

Those affected by the draft measure would be compensated for the costs of cracking their encryption in order to deliver information or data in an intelligible format. The proposal would not permit the government to specify or prohibit any specific design or operating system that would help companies comply with a court order.

Opposition Rises

An earlier draft of the bill leaked late last week immediately sparked wide-ranging criticism. The Information Technology & Innovation Foundation said it would create a “legal paradox” by requiring companies to build crackable encryption yet also prohibiting the government from telling companies how to build their encryption systems.

The American Civil Liberties Union (ACLU) called the earlier draft a “clear threat to everyone’s privacy and security,” while the App Association said it would “threaten the security of the entire internet” to a “breathtaking” degree.

The version Burr and Feinstein released was identical to the earlier leaked version with just one exception. The released version specifies that it would only apply in the investigation or prosecution of cases pertaining to certain crimes, including those resulting in death or serious bodily harm; espionage; terrorism; crimes against minors; and “serious” violent felonies or drug crimes.

Burr insisted that this targeted nature of the draft bill’s proposed application, together with the fact that it doesn’t explicitly require backdoors or crackable encryption, should be enough to assuage the concerns of the American public and the tech industry.

“This legislation’s eight pages long,” he said. “It doesn’t even mention [encryption or backdoors].”

An executive at a leading tech company told Bloomberg BNA that the only way for a company to comply with the bill would be to break its own encryption.

Trouble on the Hill

Sen. Ron Wyden (D-Ore.) pledged to oppose the Burr-Feinstein effort in committee and to filibuster it if it reaches the Senate floor. Asked by reporters on April 13 if he thinks he would have the 60 votes required to overcome a filibuster, Burr told reporters simply, “We haven’t counted.”

In the House, Judiciary and Energy and Commerce Committee leadership from both parties have teamed to form a working group expressly intended to preserve strong encryption. The group would take the reins on encryption issues from a proposed independent commission sought by House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark Warner (D-Va.) but criticized by privacy advocates for appearing too sympathetic to backdoor-seeking voices in the law enforcement and intelligence communities ( See previous story, 03/30/16 ).

The White House has not publicly taken a stance on the Burr-Feinstein effort.

Advancing the Conversation

Burr suggested that even if his effort does not result in enacted legislation, he views it as a success in terms of advancing the conversation on encryption.

“Anybody that tells you they have hopes on anything getting to the floor right would probably be [making] a disingenuous statement,” he said. “But we always saw this not as much as being about the legislative power as … creating a national debate.”

Still, Burr said he hopes Congress will be voting on this or another encryption bill within a “matter of months.”

To contact the reporter on this story: Kyle Daly in Washington at kdaly@bna.com

To contact the editor responsible for this story: Keith Perine at kperine@bna.com

Request Tech & Telecom on Bloomberg Law