When a draft version of the encryption-busting bill written by Sens. Dianne Feinstein (D-Calif.) and Richard Burr (R-N.C.) was leaked last week, the response was a deafening clamor of ringing criticism for how simple-minded, technically ignorant, and dangerously reckless it was. The legislation responded to the struggles by law enforcement and investigators to access encrypted tech devices and communications by simply ordering tech companies to comply with court orders to decrypt and provide them the information. The end.
There was bafflingly no engagement in any of the concerns that such measures would weaken and threaten the security of all of our data. There was no interest in the possibility that some types of encryption could make it actually impossible to comply with the court order at all. All it cared about was giving the government access to data on demand. It's probably one of the most tech-illiterate pieces of legislation ever crafted.
That was the leaked draft. Today, after all that outrage and backlash, Feinstein and Burr released an actual formal draft of the law. Did they consider any of overwhelmingly critical reaction to the leaked version?
Nope. It still contains the obstinate, absurd "THE RED QUEEN DEMANDS!" language. What has been added to the draft bill are limits to the types of crimes for which the law may apply. But even those limits are written very broadly, covering any crimes that lead to (or threaten to lead to) death or serious bodily harm, espionage and terrorism, crimes against minors, serious violent felonies, and serious drug crimes—and the state-level equivalent of such crimes.
So nothing of substance has changed and they're still pushing forward with this law with the tiresome "nobody is above the law" argument that fails to actually consider whether the law remotely makes sense. Via NBC:
"No entity or individual is above the law," said Sen. Dianne Feinstein, D-California, who co-authored the bill with fellow Senate Intelligence Committee member Sen. Richard Burr, R-North Carolina. "Today, terrorists and criminals are increasingly using encryption to foil law enforcement efforts, even in the face of a court order. We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans."
If the Congress passed a law requiring all Americans to be able to run a four-minute mile upon orders of the court, would those couch potatoes who couldn't do so be described as being "above the law"? Off with their heads!
Sen. Ron Wyden (D-Oregon) spoke out against the law, saying it would make us all "more vulnerable to stalkers, identity thieves, foreign hackers and criminals." He said that if the bill actually makes it to the Senate floor, he would filibuster it.
In slightly better tech privacy news, the Email Privacy Act passed unanimously out of the House Judiciary Committee. This legislation would close a loophole that permits law enforcement officials to read your old stored emails or digital communications that are more than 180 days old without having to get a warrant (instead requiring just a subpoena). It still, nevertheless, has a long way to go, despite having a huge number of House co-sponsors. And keep in mind this is just the House. Given how a couple of powerful senators view your right to tech privacy and how they feel the government should be able to access your data with a simple demand, it may have a fight ahead.
Start your day with Reason. Get a daily brief of the most important stories and trends every weekday morning when you subscribe to Reason Roundup.