Republicans propose bill to end ‘warrant-proof’ encryption

Republicans on the Senate Judiciary Committee introduced a bill Tuesday taking on the encryption technology that major tech companies use to secure customer data.

The bill, the Lawful Access to Encrypted Data Act, requires companies to build their products in a way that would bring an end to what its sponsors call “warrant-proof” technology.

Security professionals have maintained that building these so-called encryption “backdoors” would come with major privacy repercussions and have cautioned against them.

At issue is the use of encryption by companies like Apple and Facebook to secure customer data, such as the contents of an individual’s smartphone or their online conversations.

Critics of strong encryption have argued it complicates efforts for criminal investigators to access and decipher evidence, even when armed with a search warrant. Sponsors of the Senate bill said its passage would address that by requiring major electronic device manufacturers and communication providers to assist law enforcement with accessing encrypted data if that help would aid in the execution of a warrant.

“In recent history, we have experienced numerous terrorism cases and serious criminal activity where vital information could not be accessed, even after a court order was issued,” said Sen. Lindsey Graham of South Carolina, the chair of the Judiciary Committee and the bill’s main sponsor. “Unfortunately, tech companies have refused to honor these court orders and assist law enforcement in their investigations. My position is clear: After law enforcement obtains the necessary court authorizations, they should be able to retrieve information to assist in their investigations.”

Specifically, the bill would require that any major tech company served with a search warrant provides “all information, facilities and assistance necessary to access information stored on an electronic device or to access remotely stored electronic information, as authorized by the search warrant.” That assistance includes “decrypting or decoding information … or otherwise providing such information in an intelligible format,” according to its language, which says it would apply to stored data as well as data in motion.

The bill explicitly prohibits the attorney general from directing specific technical steps for companies to take, and companies asked to assist under the act can appeal in federal court.

Mr. Graham offered the bill along with Sens. Tom Cotton of Arkansas and Marsha Blackburn of Tennessee, all Republicans, and referred it to the full Senate Judiciary Committee.

Previous calls for companies to ensure that authorities can glean encrypted customer data have raised concerns among security professionals who warn that building “backdoors” to enable this access would require companies to weaken the security of their products and consequently put their users at risk

Facebook, which allows users to encrypt their conversations on the social network, was quick to criticize the senators’ proposal in a statement issued later Tuesday.

“End-to-end encryption is a necessity in modern life — it protects billions of messages sent every day on many apps and services, especially in times like these when we can’t be together,” Facebook said in the statement, CNet reported. “Rolling back this vital protection will make us all less safe, not more. We are committed to continuing to work with law enforcement and fighting abuse while preserving the ability for all Americans to communicate privately and securely.”

Sponsors of the bill have already found at least one powerful ally: Attorney General William P. Barr separately issued a statement Tuesday applauding the Republicans for their proposal.

“While strong encryption provides enormous benefits to society and is undoubtedly necessary for the security and privacy of Americans, end-to-end encryption technology is being abused by child predators, terrorists, drug traffickers and even hackers to perpetrate their crimes and avoid detection,” Mr. Barr said. “Warrant-proof encryption allows these criminals to operate with impunity. This is dangerous and unacceptable.”