Few issues in recent years have divided lawmakers as much as balancing national security with data privacy. Both the House and Senate have recently embarked on an effort to tackle the problems associated with data encryption, which has hindered critical FBI probes, including the San Bernardino terrorist attacks that killed 14 people in December 2015.
But it might be difficult if not impossible to pass legislation this year, even though Americans are increasingly fearful of domestic terrorism.
Both the House and Senate have begun formally discussing encryption legislation, but there is already significant divide over the issue. The measure that would appear to have the best chance of making to the floor for a vote is “dead on arrival” in the Senate, according to one expert. While in the House, lawmakers are merely in the discussion stages and may not ever introduce a bill.
Lawmakers and technology companies immediately pushed back last month when Senate Intelligence Chairman Richard Burr, R-N.C., and Ranking Member Dianne Feinstein, D-Calif., unveiled the Compliance with Court Orders Act.
The legislation would require companies, including device and software manufacturers, to “comply with the rule of law” when a court orders them to help unlock an encrypted device.
House lawmakers in both parties bristled at the bill language, citing data privacy concerns. The proposal also attracted bipartisan opposition in the Senate.
Sen. Ron Wyden, D-Ore., one of the Senate’s leading privacy advocates, said the measure would leave Americans vulnerable to hackers and data breaches.
“This legislation would effectively outlaw Americans from protecting themselves,” Wyden said. “It would ban the strongest types of encryption and undermine the foundation of cybersecurity for millions of Americans.”
A group of Democratic and Republican senators who oppose Burr-Feinstein are instead backing a bill that would form a commission to study the encryption issue, which would almost certainly push the matter off until the next presidential administration.
The Burr-Feinstein bill includes protections for encryption. It would prohibit the federal government from using court orders to force companies to write code for the government to unlock their devices. and it would also ensure companies can’t be required to stop writing code to encrypt their devices.
Despite those provisions, the bill is not garnering strong support and has yet to be officially introduced or placed on the committee calendar for a hearing.
It has attracted opposition from most of the tech and Internet giants, including Google, Facebook and Amazon.
“I think it’s DOA,” said Julian Sanchez, senior fellow at the libertarian Cato Institute, told the Washington Examiner. “The reaction from the tech industry and cryptographic engineers to this sweeping bill has been as close to unanimous as I’ve ever seen.”
In an interview with the Examiner, Burr said there were no plans to take up the measure, “anytime soon,” and said his proposal was merely a discussion draft that will likely include changes.
“We are waiting to discuss it,” Burr said. “We are getting a lot of feedback. Some positive, some negative.”
Burr told the Examiner that the encryption discussion draft could be introduced as legislation in “a month or two.”
The Burr-Feinstein legislation came after the FBI was unable to unlock the phone used by Syed Farook, who along with his wife, stormed a holiday party and opened fire on county health department employees.
When Apple refused to unlock Farook’s iPhone, the FBI took the company to court, which ordered the tech giant to comply with federal agents.
Apple appealed the court order and the FBI eventually paid someone to unlock the phone.
But the FBI has sought cooperation from Apple and other tech companies when they required help unlocking phones in other cases involving gangs and drugs.
Burr, Feinstein and other pro-security lawmakers fear without legislation requiring some cooperation from technology companies, it will be far more difficult to stop or track terrorists, which could put lives in danger.
“Today, terrorists and criminals are increasingly using encryption to foil law enforcement efforts, even in the face of a court order,” Feinstein said. “We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans.”
While it would be difficult to move the Burr-Feinstein legislation to passage in the Senate, the House would make passage nearly impossible.
House lawmakers in both parties have pushed for laws that restrict government access to electronic data. It’s unlikely they’ll embrace the Senate approach.
Instead, House lawmakers have assembled a bipartisan encryption “working group” tasked with “identifying solutions to the ongoing national debate surrounding encryption,” House Judiciary Committee Chairman Bob Goodlatte, R-Va., said.
The group plans to hold meetings with tech groups, government officials, cryptographers and others but they aren’t planning on drafting a bill anytime soon.
“The working group will work diligently over the next several months to conduct its business with the goal of completing its work by the end of this Congress,” lawmakers on the panel announced last week.
